Problemm mit hxxp://www_getwindowinfo/

Pantherchen · 08.10.2013, 12:02

Hallo,

ich habe folgendes Problem, nachdem mein PC hochgefahren ist. Öffnet sich mein Internet Explorer, der nun endlich seine daseinsberechtigung gefunden hat weil ich ihn nie nutze, mit der URL: hxxp://www_getwindowinfo/ habe mein Malwarebytes Anti-Malware durchlaufen lassen und hat auch was gefunden und habe es damit alles entfernt aber ist leider immer noch bitte um hilfe

aharonov · 08.10.2013, 12:09

Hallo,

mache bitte einen FRST-Scan:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Pantherchen · 08.10.2013, 12:18

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Panti (administrator) on PANTI-PC on 08-10-2013 13:13:22
Running from C:\Users\Panti\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Users\Panti\AppData\Local\Temp\OCS\Downloads\0674e23d6502b36621d489f1b4fbd22a\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Reimage®) C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
() C:\Users\Panti\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Akamai Technologies, Inc.) C:\Users\Panti\AppData\Local\Akamai\netsession_win.exe
(Windows Net) C:\Users\Panti\AppData\Roaming\Windows Net Data\net.exe
(Akamai Technologies, Inc.) C:\Users\Panti\AppData\Local\Akamai\netsession_win.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\klwtblfs.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_11_8_800_175_ActiveX.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Ocs_SM] - C:\Users\Panti\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2013-09-19] (OCS)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-08] ()
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Panti\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Policies\system: [DisableCMD] 0
HKCU\...\Policies\system: [NoDispAppearancePage] 0
HKCU\...\Policies\system: [NoDispBackgroundPage] 0
HKCU\...\Policies\system: [NoDispSettingsPage] 0
HKCU\...\Policies\Explorer: [NoFolderOptions] 0
HKCU\...\Policies\Explorer: [NoViewOnDrive] 0
HKCU\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKCU\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKCU\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKCU\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKCU\...\Policies\Explorer: [NoViewContextMenu] 0
HKCU\...\Policies\Explorer: [NoShellSearchButton] 0
HKCU\...\Policies\Explorer: [NoFind] 0
HKCU\...\Policies\Explorer: [NoFile] 0
HKCU\...\Policies\Explorer: [HideClock] 0
HKCU\...\Policies\Explorer: [NoTrayContextMenu] 0
HKCU\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKCU\...\Policies\Explorer: [NoSetFolders] 0
HKCU\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKCU\...\Policies\Explorer: [NoSetTaskbar] 0
HKCU\...\Policies\Explorer: [NoDeletePrinter] 0
HKCU\...\Policies\Explorer: [NoDFSTab] 0
HKCU\...\Policies\Explorer: [NoChangeStartMenu] 0
HKCU\...\Policies\Explorer: [NoLogoff] 0
HKCU\...\Policies\Explorer: [NoWindowsUpdate] 0
HKCU\...\Policies\Explorer: [NoEncryptOnMove] 0
HKCU\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKCU\...\Policies\Explorer: [NoResolveSearch] 0
HKCU\...\Policies\Explorer: [NoSaveSettings] 0
HKCU\...\Policies\Explorer: [NoHardwareTab] 0
HKCU\...\Policies\Explorer: [NoStartMenuSubFolders] 0
MountPoints2: {36bd37a6-3985-11e2-9887-806e6f6e6963} - E:\Launcher.exe
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-06-16] (Kaspersky Lab ZAO)
HKU\UpdatusUser\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-08] ()
HKU\UpdatusUser\...\Run: [Akamai NetSession Interface] - C:\Users\Panti\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
Startup: C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\Panti\AppData\Roaming\Windows Net Data\net.exe (Windows Net)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA098058C93CDCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=bc425d94-7a02-4653-8190-b5f51af02e81&affid=111585&searchtype=hp&babsrc=lnkry_nt
HKCU\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1378712919604&tguid=66920-6787-1378712919604-F3E7F2539B469CEDA782D812367D0FB4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=395049983_1052514_C0B801CC&ts=1371651627
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=solimmsd&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyCtD0EzztCtCtDtC0C0CtN0D0Tzu0CyDtAyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1B1F1I1L1H1H1B1Q&cr=2050220089&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1378712919604&tguid=66920-6787-1378712919604-F3E7F2539B469CEDA782D812367D0FB4
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=395049983_1052514_C0B801CC&ts=1371651627
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=solimmsd&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyCtD0EzztCtCtDtC0C0CtN0D0Tzu0CyDtAyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1B1F1I1L1H1H1B1Q&cr=2050220089&ir=
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=solimmsd&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyCtD0EzztCtCtDtC0C0CtN0D0Tzu0CyDtAyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1B1F1I1L1H1H1B1Q&cr=2050220089&ir=
SearchScopes: HKLM - {578B0716-AC2D-438C-E57C-6F342B742C2A} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=395049983_1052514_C0B801CC&ts=3211312
SearchScopes: HKLM-x32 - DefaultScope {5230F8E7-9259-4305-B51A-C090D3E2096D} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1378712919604&tguid=66920-6787-1378712919604-F3E7F2539B469CEDA782D812367D0FB4&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=TJ&userid=1dc91bdb-a677-489b-ba28-9c2f37300f6f&searchtype=ds&q={searchTerms}&installDate=19/06/2013
SearchScopes: HKLM-x32 - {100FC86F-6E50-C21F-216D-4BC185BDC35A} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=395049983_1052514_C0B801CC&ts=3211312
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=solimmsd&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyCtD0EzztCtCtDtC0C0CtN0D0Tzu0CyDtAyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1B1F1I1L1H1H1B1Q&cr=2050220089&ir=
SearchScopes: HKLM-x32 - {5230F8E7-9259-4305-B51A-C090D3E2096D} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1378712919604&tguid=66920-6787-1378712919604-F3E7F2539B469CEDA782D812367D0FB4&q={searchTerms}
SearchScopes: HKLM-x32 - {5230F8E7-9259-4305-B51A-C090D3E2096D}昀 URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1378712919604&tguid=66920-6787-1378712919604-F3E7F2539B469CEDA782D812367D0FB4&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1378712919604&tguid=66920-6787-1378712919604-F3E7F2539B469CEDA782D812367D0FB4&q={searchTerms}
SearchScopes: HKCU - DefaultScope {5230F8E7-9259-4305-B51A-C090D3E2096D} URL = hxxp://search.certified-toolbar.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E6365727469666965642D746F6F6C6261722E636F6D3F73693D36363932302673743D6273267469643D36373837267665723D342E342674733D313337383731323931393630342674677569643D36363932302D363738372D313337383731323931393630342D463345374632353339423436394345444137383244383132333637443046423426713D7B7365617263685465726D737D&st={searchTerms}&clid=4271bc72-0619-4652-a209-ab038eae4952&pid=winsoftware&k=0
SearchScopes: HKCU - 29E6287BFF0A4DB3B7B107085A23A93C URL = hxxp://search.fbdownloader.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E6662646F776E6C6F616465722E636F6D2F7365617263682E7068703F6368616E6E656C3D7366646532303626713D7B7365617263685465726D737D&st={searchTerms}&clid=4271bc72-0619-4652-a209-ab038eae4952&pid=winsoftware&k=0
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com.anonymize-me.de/?anonymto=687474703A2F2F666565642E736E6170646F2E636F6D2F3F7075626C69736865723D536E6170646F474F626C69646F6F594226647069643D536E6170646F474F626C69646F6F594226636F3D544A267573657269643D31646339316264622D613637372D343839622D626132382D39633266333733303066366626736561726368747970653D647326713D7B7365617263685465726D737D26696E7374616C6C446174653D31392F30362F32303133&st={searchTerms}&clid=4271bc72-0619-4652-a209-ab038eae4952&pid=winsoftware&k=0
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=C0B8485B3960E811&affID=119828&tsp=5010
SearchScopes: HKCU - {288C7DFC-17F5-45A0-8653-BAB0A6503774} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=4271bc72-0619-4652-a209-ab038eae4952&pid=winsoftware&mode=bounce&k=0
SearchScopes: HKCU - {2A4CAFEC-113A-4CF5-9EFE-0E249CE51D68} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=4271bc72-0619-4652-a209-ab038eae4952&pid=winsoftware&mode=bounce&k=0
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com.anonymize-me.de/?anonymto=687474703A2F2F73746172742E6D797365617263686469616C2E636F6D2F726573756C74732E7068703F663D3426713D7B7365617263685465726D737D26613D736F6C696D6D73642663643D32587A757945744E3259314C31517A7579457A7A7944304274417A797943744430457A7A744374437444744330433043744E304430547A753043794474417943744E314C32587A75744274467442744679457446794274417443744E314C31437A75314231463149314C31483148314231512663723D323035303232303038392669723D&st={searchTerms}&clid=4271bc72-0619-4652-a209-ab038eae4952&pid=winsoftware&k=0
SearchScopes: HKCU - {5230F8E7-9259-4305-B51A-C090D3E2096D} URL = hxxp://search.certified-toolbar.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E6365727469666965642D746F6F6C6261722E636F6D3F73693D36363932302673743D6273267469643D36373837267665723D342E342674733D313337383731323931393630342674677569643D36363932302D363738372D313337383731323931393630342D463345374632353339423436394345444137383244383132333637443046423426713D7B7365617263685465726D737D&st={searchTerms}&clid=4271bc72-0619-4652-a209-ab038eae4952&pid=winsoftware&k=0
SearchScopes: HKCU - {5230F8E7-9259-4305-B51A-C090D3E2096D}昀 URL = hxxp://search.certified-toolbar.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E6365727469666965642D746F6F6C6261722E636F6D3F73693D36363932302673743D6273267469643D36373837267665723D342E342674733D313337383731323931393630342674677569643D36363932302D363738372D313337383731323931393630342D463345374632353339423436394345444137383244383132333637443046423426713D7B7365617263685465726D737D&st={searchTerms}&clid=4271bc72-0619-4652-a209-ab038eae4952&pid=winsoftware&k=0
SearchScopes: HKCU - {578B0716-AC2D-438C-E57C-6F342B742C2A} URL = hxxp://search.qvo6.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E71766F362E636F6D2F7765622F3F75746D5F736F757263653D622675746D5F6D656469756D3D736C626E65772666726F6D3D736C626E6577267569643D3339353034393938335F313035323531345F43304238303143432674733D33323131333132&st={searchTerms}&clid=4271bc72-0619-4652-a209-ab038eae4952&pid=winsoftware&k=0
SearchScopes: HKCU - {7D09ABA7-FC3F-4A7E-BBA5-1ED0E0F0FF1B} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=4271bc72-0619-4652-a209-ab038eae4952&pid=winsoftware&mode=bounce&k=0
SearchScopes: HKCU - {877CD8CD-B2F4-49BF-801A-7E54BEEC5D54} URL = hxxp://de.search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F64652E7365617263682E7961686F6F2E636F6D2F7365617263683F66723D6368722D677265656E747265655F69652665693D7574662D3826696C633D313226747970653D34303739353626703D7B7365617263685465726D737D&st={searchTerms}&clid=4271bc72-0619-4652-a209-ab038eae4952&pid=winsoftware&k=0
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F464F524D3D5550393744462650433D555039372664743D30373131313326713D7B7365617263685465726D737D267372633D49452D536561726368426F78&st={searchTerms}&clid=4271bc72-0619-4652-a209-ab038eae4952&pid=winsoftware&k=0
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://de.search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F64652E7365617263682E7961686F6F2E636F6D2F7365617263683F703D7B7365617263685465726D737D2666723D76635F7472616E735F3831343026747970653D686F727573&st={searchTerms}&clid=4271bc72-0619-4652-a209-ab038eae4952&pid=winsoftware&k=0
SearchScopes: HKCU - {B9CAB326-0B2B-4A47-A4BE-DDF9557DFC72} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=4271bc72-0619-4652-a209-ab038eae4952&pid=winsoftware&mode=bounce&k=0
SearchScopes: HKCU - {BF85DEE8-7606-4CED-96A9-0872B99112DE} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=4271bc72-0619-4652-a209-ab038eae4952&pid=winsoftware&mode=bounce&k=0
SearchScopes: HKCU - {F1948E84-4AFC-4479-9B36-E2A9C9884B4E} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=4271bc72-0619-4652-a209-ab038eae4952&pid=winsoftware&mode=bounce&k=0
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: CBAbzockschutz.InitToolbarBHO - {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: No Name - {6E13D095-45C3-4271-9475-F3B48227DD9F} -  No File
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll ()
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Webroot Vault - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM -  No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 -  No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 -  No Name - {5911488E-9D1E-40ec-8CBB-06B231CC153F} -  No File
Toolbar: HKLM-x32 - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default
FF user.js: detected! => C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\user.js
FF NewTab: chrome://fvd.speeddial/content/fvd_about_blank.html
FF SearchEngineOrder.1: Web Search
FF Homepage: chrome://fvd.speeddial/content/fvd_about_blank.html
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @4game.com/plugin - C:\Program Files (x86)\4game\npplugin4game.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll No File
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll No File
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @eximion.com/KalydoPlayer - C:\Users\Panti\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll (Eximion B.V.)
FF Plugin HKCU: @gentek.com/thinclient - C:\IGG\twclient_us\npthinclient.dll No File
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll ()
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Panti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: TubeSaver - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\116
FF Extension: TubeSaver - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\120
FF Extension: No Name - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
FF Extension: No Name - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com
FF Extension: No Name - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\pavel.sherbakov@gmail.com
FF Extension:     <em:name>SOE Web Installer - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
FF Extension: FoxLingo - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
FF Extension: google.button - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\google.button@mali37.net.xpi
FF Extension: langpack-de - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\langpack-de@firefox.mozilla.org.xpi
FF Extension: zoompage - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\zoompage@DW-dev.xpi
FF Extension: No Name - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}.xpi
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2
FF Extension: DealPly - C:\Program Files (x86)\Mozilla Firefox\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
FF HKLM\...\Firefox\Extensions: [{77BEC163-D389-42c1-91A4-C758846296A5}] - C:\Program Files\Video downloader\Firefox
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [dnshelp@dnshelp.com] - C:\Users\Panti\AppData\Roaming\Helper
FF Extension: Helper - C:\Users\Panti\AppData\Roaming\Helper
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF HKCU\...\Firefox\Extensions: [firejump@firejump.net] - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\0kreotmv.default\extensions\firejump@firejump.net

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Delta Toolbar) - C:\Users\Panti\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4
CHR Extension: () - C:\Users\Panti\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\background.html
CHR Extension: (Plus-HD-3.8) - C:\Users\Panti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0
CHR Extension: (Plus-HD-2.3) - C:\Users\Panti\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0
CHR HKLM\...\Chrome\Extension: [khldgopgjjapmbkgflpoclebjjmkmbnk] - C:\Program Files\Video downloader\source.crx
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Panti\AppData\Local\mysearchdial_speedial_v9.0.2.crx
CHR HKLM-x32\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - C:\Program Files (x86)\Movie2KDownloader.com\Movie2KDownloader10.crx
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [khldgopgjjapmbkgflpoclebjjmkmbnk] - C:\Program Files\Video downloader\source.crx
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Panti\AppData\Local\mysearchdial_speedial_v9.0.2.crx
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AddonsHelper; C:\Users\Panti\AppData\Local\Temp\OCS\Downloads\0674e23d6502b36621d489f1b4fbd22a\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe [896512 2013-02-14] ()
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88424 2013-09-05] (Perfect World Entertainment Inc)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-06-16] (Kaspersky Lab ZAO)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [8704 2013-07-19] (Ellora Assets Corp.)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [5110192 2012-10-24] (INCA Internet Co., Ltd.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-09-26] ()
R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [189248 2013-09-26] ()
R2 ReimageRealTimeProtection; C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe [4393320 2013-09-15] (Reimage®)
R2 SearchAnonymizer; C:\Users\Panti\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2013-09-19] ()
S2 4game-service; "C:\Program Files (x86)\4game\4game-service.exe" [x]
S4 vToolbarUpdater15.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [x]

==================== Drivers (Whitelisted) ====================

S4 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-05-21] (AVG Technologies)
R3 DCamUSBNovatek; C:\Windows\System32\Drivers\nvtcam.sys [2754432 2011-07-07] (NTK)
R3 guillflt; C:\Windows\System32\DRIVERS\guillflt.sys [65024 2009-06-04] (Guillemot Corp S.A.)
R3 hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [111104 2009-02-09] (Guillemot Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [620128 2013-06-16] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29016 2012-10-25] (Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29528 2012-10-25] (Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-18] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-06-16] (Kaspersky Lab ZAO)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
S3 Ph3xIB64; C:\Windows\System32\DRIVERS\Ph3xIB64.sys [1627520 2009-06-10] (NXP Semiconductors)
S1 prodrv06; C:\Windows\SysWow64\drivers\prodrv06.sys [54272 2004-04-08] (Protection Technology)
S0 prohlp02; C:\Windows\SysWow64\drivers\prohlp02.sys [70400 2004-04-08] (Protection Technology)
S0 prosync1; C:\Windows\SysWow64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S0 sfhlp01; C:\Windows\SysWow64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology)
S3 cpuz134; \??\C:\Users\Panti\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
S3 cpuz135; \??\C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [x]
U3 DfSdkS; 
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-06-16] (Kaspersky Lab ZAO)
S3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [x]
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [x]
S0 prohlp02; System32\drivers\prohlp02.sys [x]
S0 prosync1; System32\drivers\prosync1.sys [x]
S0 sfhlp01; System32\drivers\sfhlp01.sys [x]
U0 SR; 
U2 srservice; 
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 X6va014; \??\C:\Windows\SysWOW64\Drivers\X6va014 [x]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-08 13:10 - 2013-10-08 13:10 - 01954124 _____ (Farbar) C:\Users\Panti\Desktop\FRST64.exe
2013-10-08 09:42 - 2013-10-08 12:40 - 00056700 _____ C:\Windows\PFRO.log
2013-10-08 09:34 - 2013-10-08 09:34 - 00000000 ____D C:\Program Files\Reimage
2013-10-08 09:18 - 2013-10-08 09:19 - 00000000 ____D C:\ProgramData\CDB
2013-10-08 09:16 - 2013-10-08 09:22 - 00000162 _____ C:\Windows\Reimage.ini
2013-10-08 08:55 - 2013-10-08 08:55 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Malwarebytes
2013-10-08 08:55 - 2013-10-08 08:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-08 08:54 - 2013-10-08 08:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-08 08:54 - 2013-10-08 08:54 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Panti\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-08 08:54 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-08 08:51 - 2013-10-08 08:56 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-10-08 08:48 - 2013-10-08 08:49 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Panti\Downloads\SpyHunter-Installer.exe
2013-10-08 08:39 - 2013-10-08 12:40 - 00000504 _____ C:\Windows\setupact.log
2013-10-08 08:39 - 2013-10-08 08:39 - 00000000 _____ C:\Windows\setuperr.log
2013-10-08 08:24 - 2013-10-08 08:24 - 00000000 ____D C:\FRST
2013-10-07 23:01 - 2013-10-07 23:12 - 00000000 ____D C:\Perfect World Entertainment
2013-10-07 22:20 - 2013-10-07 22:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-07 22:18 - 2013-10-07 22:19 - 00000000 ____D C:\Users\UpdatusUser.Panti-PC
2013-10-07 22:18 - 2013-10-07 22:18 - 00000020 ___SH C:\Users\UpdatusUser.Panti-PC\ntuser.ini
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Vorlagen
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Startmenü
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Netzwerkumgebung
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Lokale Einstellungen
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Eigene Dateien
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Druckumgebung
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Documents\Eigene Musik
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Documents\Eigene Bilder
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\AppData\Local\Verlauf
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\AppData\Local\Anwendungsdaten
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Anwendungsdaten
2013-10-07 22:18 - 2013-05-24 12:28 - 00002084 _____ C:\Users\UpdatusUser.Panti-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-10-07 22:18 - 2013-03-08 11:36 - 00000000 ____D C:\Users\UpdatusUser.Panti-PC\AppData\Roaming\TuneUp Software
2013-10-07 22:18 - 2012-12-21 15:07 - 00000000 ____D C:\Users\UpdatusUser.Panti-PC\AppData\Roaming\Macromedia
2013-10-07 22:18 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\UpdatusUser.Panti-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-07 22:18 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\UpdatusUser.Panti-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-07 22:13 - 2013-09-12 10:58 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 12947360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-07 22:13 - 2013-09-12 10:58 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-07 22:13 - 2013-08-20 15:33 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-10-07 22:13 - 2013-08-20 15:32 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-10-07 22:13 - 2013-08-20 15:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-10-07 22:13 - 2013-06-16 14:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-10-07 22:13 - 2013-06-16 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-10-07 21:28 - 2013-10-07 21:28 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warframe
2013-10-07 16:53 - 2013-10-07 16:53 - 00000000 ____D C:\Program Files (x86)\EXPERTool
2013-10-07 16:53 - 2013-09-12 00:06 - 03361114 _____ C:\Windows\system32\nvcoproc.bin
2013-10-05 18:20 - 2013-10-05 19:25 - 00000000 ____D C:\Program Files (x86)\FirstRowSportApp.com
2013-10-05 18:20 - 2013-10-05 18:20 - 00000000 ____D C:\Program Files (x86)\FreeHDSport.TV
2013-10-05 14:34 - 2013-10-05 14:36 - 00000000 ____D C:\Users\Panti\Documents\PCSX2
2013-10-03 16:49 - 2013-10-03 16:50 - 00000000 ____D C:\Program Files (x86)\Project64 1.6
2013-10-03 16:49 - 2013-10-03 16:49 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
2013-10-03 11:03 - 2013-10-03 11:03 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MADFINGER Games
2013-10-03 11:02 - 2013-10-03 11:02 - 00000000 ____D C:\Program Files (x86)\MADFINGER Games
2013-10-02 20:12 - 2013-10-02 20:15 - 00000000 ____D C:\Users\Panti\AppData\Roaming\smc
2013-10-02 20:10 - 2013-10-02 20:11 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Secret Maryo Chronicles
2013-10-02 20:10 - 2013-10-02 20:10 - 00000000 ____D C:\Program Files (x86)\Secret Maryo Chronicles
2013-10-01 22:15 - 2013-10-01 22:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-01 19:27 - 2013-10-01 20:10 - 00000000 ____D C:\Program Files (x86)\Obscure
2013-10-01 18:19 - 2013-10-01 18:19 - 00000000 __SHD C:\ProgramData\SecuROM
2013-10-01 18:08 - 2013-10-01 18:08 - 00000000 ____D C:\Program Files (x86)\2K Games
2013-10-01 17:26 - 2013-10-01 17:26 - 00000000 ____D C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2013-09-28 17:36 - 2013-09-28 17:40 - 00000000 ____D C:\Users\Panti\AppData\Local\Origin
2013-09-28 07:26 - 2013-09-28 17:39 - 00000000 ____D C:\Program Files (x86)\Origin
2013-09-27 17:46 - 2013-09-27 17:46 - 00000000 ____D C:\Users\Panti\Documents\Electronic Arts
2013-09-27 12:43 - 2013-09-27 12:43 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2013-09-24 15:47 - 2013-09-24 15:47 - 00002166 _____ C:\Users\UpdatusUser\Desktop\Ubi Soft Product Registration.lnk
2013-09-24 15:43 - 2013-09-25 14:49 - 00000000 ____D C:\Program Files (x86)\Ubi Soft
2013-09-24 14:08 - 2013-09-24 14:08 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Call of Duty
2013-09-24 13:50 - 2013-09-26 09:18 - 00000000 ____D C:\Program Files (x86)\Call of Duty
2013-09-24 13:48 - 2013-09-29 16:26 - 00000766 _____ C:\Windows\CoD.INI
2013-09-24 12:58 - 2013-09-24 12:58 - 00000000 ____D C:\Users\Panti\AppData\Local\Wicked_Interactive_LTD
2013-09-23 20:10 - 2013-09-23 20:10 - 00000845 _____ C:\Users\UpdatusUser\Desktop\Crossfire Europe.lnk
2013-09-23 13:36 - 2013-09-23 13:40 - 00000000 ____D C:\Counter-Strike 2D
2013-09-23 11:36 - 2013-09-23 11:36 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IAHGames
2013-09-19 19:22 - 2013-09-19 19:22 - 00000000 ___HD C:\Users\Panti\Documents\Freemake_do_not_remove_this_folder635152153343906000
2013-09-19 16:42 - 2013-09-19 16:42 - 00000000 _____ C:\Windows\SysWOW64\FAP56D2.tmp
2013-09-19 16:42 - 2013-09-19 16:42 - 00000000 _____ C:\Windows\SysWOW64\FAP53A4.tmp
2013-09-19 16:42 - 2013-09-19 16:42 - 00000000 _____ C:\Windows\SysWOW64\FAP38E1.tmp
2013-09-19 16:42 - 2013-09-19 16:42 - 00000000 _____ C:\Windows\SysWOW64\FAP3526.tmp
2013-09-19 16:41 - 2013-09-19 16:41 - 00000000 _____ C:\Windows\SysWOW64\FAP5A4F.tmp
2013-09-19 16:41 - 2013-09-19 16:41 - 00000000 _____ C:\Windows\SysWOW64\FAP5618.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAPEB90.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAPEB00.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAPB33B.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAPB24E.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAP4F35.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAP4E68.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAPD1A1.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAPCF6D.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAPC404.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAPC23D.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAP911C.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAP90BC.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAP2A71.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAP2A00.tmp
2013-09-19 16:37 - 2013-09-19 16:37 - 00000000 _____ C:\Windows\SysWOW64\FAPE953.tmp
2013-09-19 16:37 - 2013-09-19 16:37 - 00000000 _____ C:\Windows\SysWOW64\FAPE885.tmp
2013-09-19 13:10 - 2013-09-19 14:22 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MgameEU
2013-09-19 12:00 - 2013-09-19 12:00 - 00000000 ____D C:\Users\Panti\AppData\Roaming\FEAR-Community.org
2013-09-19 10:03 - 2013-10-08 12:36 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-18 21:40 - 2013-09-18 21:48 - 00004096 _____ C:\Users\Public\Documents\00001119.LCS
2013-09-18 21:39 - 2013-09-18 21:39 - 00000000 ____D C:\Users\Panti\AppData\Roaming\ProtectDisc
2013-09-18 10:34 - 2013-09-18 10:34 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks
2013-09-18 10:32 - 2013-09-18 10:47 - 00000000 ____D C:\Users\Panti\AppData\Local\Oblivion
2013-09-18 10:32 - 2013-09-18 10:32 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2013-09-17 09:54 - 2013-09-17 09:55 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-15 19:21 - 2013-09-15 19:21 - 00000000 ____D C:\Users\Panti\Documents\Firefall
2013-09-15 19:21 - 2013-09-15 19:21 - 00000000 ____D C:\Users\Panti\AppData\Local\Red 5 Studios
2013-09-15 16:04 - 2013-09-15 16:04 - 00000000 ____D C:\Program Files (x86)\Red 5 Studios
2013-09-15 13:53 - 2013-09-15 13:53 - 00000000 ____D C:\Users\Panti\AppData\Roaming\library_dir
2013-09-15 13:40 - 2013-09-15 14:40 - 00000000 ____D C:\Program Files (x86)\MicroVolts
2013-09-15 00:05 - 2013-09-23 19:43 - 00000000 ____D C:\CFLog
2013-09-14 21:42 - 2013-09-14 21:42 - 00000000 ____D C:\Windows\pss
2013-09-14 21:18 - 2013-10-05 18:24 - 00000000 ____D C:\SG Interactive
2013-09-14 12:35 - 2013-09-14 12:35 - 00000000 ____D C:\Users\Panti\Documents\ACR
2013-09-14 12:24 - 2013-09-23 18:46 - 00000000 ____D C:\Program Files (x86)\ACR
2013-09-13 18:05 - 2013-09-27 16:29 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-09-13 17:45 - 2013-10-08 07:31 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-12 17:56 - 2013-09-23 21:18 - 00000000 _____ C:\dfu.log
2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-09-11 09:08 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 09:08 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 09:08 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 09:08 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 09:08 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 09:08 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 09:08 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 09:08 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 09:08 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 09:08 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 09:08 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-11 09:08 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 09:08 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 09:08 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 09:08 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 09:08 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-11 09:08 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 09:08 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 09:08 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-11 09:08 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 08:04 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 08:04 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 08:04 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 08:04 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 08:04 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 08:04 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 08:04 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 08:04 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 08:04 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 08:04 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 08:04 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 08:04 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 08:04 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 08:04 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 08:04 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 08:04 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 08:04 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 08:04 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 08:04 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 08:04 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 08:04 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 08:04 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 08:04 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 08:03 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 08:03 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 08:03 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-09 09:49 - 2013-10-08 07:26 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Windows Net Data
2013-09-09 09:49 - 2013-08-13 08:38 - 00032328 _____ C:\Windows\Launcher.exe
2013-09-09 09:48 - 2013-09-09 09:50 - 00000000 ____D C:\Users\Panti\AppData\Local\DownloadGuide
2013-09-09 09:33 - 2013-09-09 09:33 - 00000000 ____D C:\Users\Panti\.thumb

==================== One Month Modified Files and Folders =======

2013-10-08 13:14 - 2012-12-08 00:25 - 00000000 ____D C:\Users\Panti\AppData\Local\PMB Files
2013-10-08 13:10 - 2013-10-08 13:10 - 01954124 _____ (Farbar) C:\Users\Panti\Desktop\FRST64.exe
2013-10-08 12:48 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-08 12:48 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-08 12:44 - 2012-11-28 20:06 - 01869293 _____ C:\Windows\WindowsUpdate.log
2013-10-08 12:42 - 2013-06-16 10:15 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-10-08 12:40 - 2013-10-08 09:42 - 00056700 _____ C:\Windows\PFRO.log
2013-10-08 12:40 - 2013-10-08 08:39 - 00000504 _____ C:\Windows\setupact.log
2013-10-08 12:40 - 2012-11-29 16:45 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-08 12:40 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-08 12:38 - 2012-11-28 21:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-08 12:36 - 2013-09-19 10:03 - 00000000 ____D C:\ProgramData\DSearchLink
2013-10-08 12:36 - 2013-02-14 14:24 - 00000000 ____D C:\Program Files (x86)\Giant Savings Extension
2013-10-08 12:29 - 2012-11-29 10:21 - 00000374 _____ C:\Windows\Tasks\WpsUpdateTask_Panti.job
2013-10-08 09:34 - 2013-10-08 09:34 - 00000000 ____D C:\Program Files\Reimage
2013-10-08 09:22 - 2013-10-08 09:16 - 00000162 _____ C:\Windows\Reimage.ini
2013-10-08 09:19 - 2013-10-08 09:18 - 00000000 ____D C:\ProgramData\CDB
2013-10-08 08:56 - 2013-10-08 08:51 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-10-08 08:55 - 2013-10-08 08:55 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Malwarebytes
2013-10-08 08:55 - 2013-10-08 08:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-08 08:55 - 2013-10-08 08:54 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-08 08:54 - 2013-10-08 08:54 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Panti\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-08 08:49 - 2013-10-08 08:48 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Panti\Downloads\SpyHunter-Installer.exe
2013-10-08 08:39 - 2013-10-08 08:39 - 00000000 _____ C:\Windows\setuperr.log
2013-10-08 08:24 - 2013-10-08 08:24 - 00000000 ____D C:\FRST
2013-10-08 07:31 - 2013-09-13 17:45 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-08 07:26 - 2013-09-09 09:49 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Windows Net Data
2013-10-07 23:55 - 2013-08-15 20:28 - 00000000 ____D C:\Users\Panti\AppData\Local\Warframe
2013-10-07 23:55 - 2012-12-29 10:39 - 00000000 ___RD C:\Users\Panti\Desktop\Spiele
2013-10-07 23:12 - 2013-10-07 23:01 - 00000000 ____D C:\Perfect World Entertainment
2013-10-07 22:22 - 2012-11-29 16:45 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-07 22:22 - 2012-11-29 16:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-10-07 22:20 - 2013-10-07 22:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-07 22:20 - 2012-11-29 16:42 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-10-07 22:19 - 2013-10-07 22:18 - 00000000 ____D C:\Users\UpdatusUser.Panti-PC
2013-10-07 22:18 - 2013-10-07 22:18 - 00000020 ___SH C:\Users\UpdatusUser.Panti-PC\ntuser.ini
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Vorlagen
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Startmenü
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Netzwerkumgebung
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Lokale Einstellungen
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Eigene Dateien
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Druckumgebung
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Documents\Eigene Musik
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Documents\Eigene Bilder
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\AppData\Local\Verlauf
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\AppData\Local\Anwendungsdaten
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Anwendungsdaten
2013-10-07 21:29 - 2012-11-28 21:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-07 21:28 - 2013-10-07 21:28 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warframe
2013-10-07 17:11 - 2012-12-21 10:34 - 00000000 ____D C:\Users\Panti\AppData\Roaming\NVIDIA
2013-10-07 16:53 - 2013-10-07 16:53 - 00000000 ____D C:\Program Files (x86)\EXPERTool
2013-10-06 08:09 - 2013-02-14 11:15 - 00000000 ____D C:\Program Files (x86)\Iminent
2013-10-05 19:25 - 2013-10-05 18:20 - 00000000 ____D C:\Program Files (x86)\FirstRowSportApp.com
2013-10-05 18:26 - 2013-01-23 09:32 - 00003583 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-10-05 18:24 - 2013-09-14 21:18 - 00000000 ____D C:\SG Interactive
2013-10-05 18:20 - 2013-10-05 18:20 - 00000000 ____D C:\Program Files (x86)\FreeHDSport.TV
2013-10-05 14:36 - 2013-10-05 14:34 - 00000000 ____D C:\Users\Panti\Documents\PCSX2
2013-10-05 13:52 - 2012-11-29 16:29 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-10-05 13:52 - 2012-11-29 16:29 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-10-03 20:27 - 2012-11-28 21:59 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Skype
2013-10-03 16:50 - 2013-10-03 16:49 - 00000000 ____D C:\Program Files (x86)\Project64 1.6
2013-10-03 16:49 - 2013-10-03 16:49 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
2013-10-03 11:03 - 2013-10-03 11:03 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MADFINGER Games
2013-10-03 11:02 - 2013-10-03 11:02 - 00000000 ____D C:\Program Files (x86)\MADFINGER Games
2013-10-02 20:15 - 2013-10-02 20:12 - 00000000 ____D C:\Users\Panti\AppData\Roaming\smc
2013-10-02 20:11 - 2013-10-02 20:10 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Secret Maryo Chronicles
2013-10-02 20:10 - 2013-10-02 20:10 - 00000000 ____D C:\Program Files (x86)\Secret Maryo Chronicles
2013-10-02 07:14 - 2013-04-09 08:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-01 22:17 - 2012-11-28 20:14 - 00000000 ____D C:\Users\Panti\AppData\Local\Mozilla
2013-10-01 22:15 - 2013-10-01 22:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-01 20:10 - 2013-10-01 19:27 - 00000000 ____D C:\Program Files (x86)\Obscure
2013-10-01 18:19 - 2013-10-01 18:19 - 00000000 __SHD C:\ProgramData\SecuROM
2013-10-01 18:08 - 2013-10-01 18:08 - 00000000 ____D C:\Program Files (x86)\2K Games
2013-10-01 17:41 - 2013-07-31 12:13 - 00000000 ____D C:\Users\Panti\Documents\My Games
2013-10-01 17:26 - 2013-10-01 17:26 - 00000000 ____D C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2013-09-30 21:12 - 2012-12-28 21:22 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-09-29 16:26 - 2013-09-24 13:48 - 00000766 _____ C:\Windows\CoD.INI
2013-09-28 17:40 - 2013-09-28 17:36 - 00000000 ____D C:\Users\Panti\AppData\Local\Origin
2013-09-28 17:40 - 2012-12-08 09:39 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Origin
2013-09-28 17:40 - 2012-12-08 09:36 - 00000000 ____D C:\ProgramData\Origin
2013-09-28 17:39 - 2013-09-28 07:26 - 00000000 ____D C:\Program Files (x86)\Origin
2013-09-28 07:26 - 2013-01-07 12:20 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-09-28 07:26 - 2013-01-07 12:20 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-09-27 17:46 - 2013-09-27 17:46 - 00000000 ____D C:\Users\Panti\Documents\Electronic Arts
2013-09-27 16:29 - 2013-09-13 18:05 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-09-27 16:26 - 2012-11-28 23:53 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eFusion
2013-09-27 12:43 - 2013-09-27 12:43 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2013-09-26 19:12 - 2012-12-08 11:08 - 00189248 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-09-26 19:11 - 2012-12-08 11:08 - 00189248 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-09-26 19:11 - 2012-12-08 11:08 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-09-26 09:18 - 2013-09-24 13:50 - 00000000 ____D C:\Program Files (x86)\Call of Duty
2013-09-25 14:55 - 2013-01-10 13:36 - 00002201 _____ C:\Users\UpdatusUser\Desktop\Ubisoft Product Registration.lnk
2013-09-25 14:49 - 2013-09-24 15:43 - 00000000 ____D C:\Program Files (x86)\Ubi Soft
2013-09-24 15:47 - 2013-09-24 15:47 - 00002166 _____ C:\Users\UpdatusUser\Desktop\Ubi Soft Product Registration.lnk
2013-09-24 14:08 - 2013-09-24 14:08 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Call of Duty
2013-09-24 14:08 - 2013-01-04 17:39 - 00000950 _____ C:\Users\UpdatusUser\Desktop\Call of Duty Mehrspieler.lnk
2013-09-24 14:08 - 2013-01-04 17:39 - 00000950 _____ C:\Users\UpdatusUser\Desktop\Call of Duty Einzelspieler.lnk
2013-09-24 12:58 - 2013-09-24 12:58 - 00000000 ____D C:\Users\Panti\AppData\Local\Wicked_Interactive_LTD
2013-09-23 21:18 - 2013-09-12 17:56 - 00000000 _____ C:\dfu.log
2013-09-23 21:17 - 2013-02-16 11:30 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2013-09-23 20:10 - 2013-09-23 20:10 - 00000845 _____ C:\Users\UpdatusUser\Desktop\Crossfire Europe.lnk
2013-09-23 19:43 - 2013-09-15 00:05 - 00000000 ____D C:\CFLog
2013-09-23 19:17 - 2012-12-08 00:25 - 00000000 ____D C:\ProgramData\PMB Files
2013-09-23 18:46 - 2013-09-14 12:24 - 00000000 ____D C:\Program Files (x86)\ACR
2013-09-23 13:40 - 2013-09-23 13:36 - 00000000 ____D C:\Counter-Strike 2D
2013-09-23 12:20 - 2011-04-12 09:43 - 00707088 _____ C:\Windows\system32\perfh007.dat
2013-09-23 12:20 - 2011-04-12 09:43 - 00152680 _____ C:\Windows\system32\perfc007.dat
2013-09-23 12:20 - 2009-07-14 07:13 - 01641292 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-23 11:51 - 2012-12-28 13:42 - 00000000 ____D C:\Users\Panti\AppData\Local\CSO
2013-09-23 11:40 - 2012-11-28 22:26 - 00000000 ____D C:\Users\Panti\AppData\Local\Akamai
2013-09-23 11:36 - 2013-09-23 11:36 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IAHGames
2013-09-20 11:17 - 2012-12-29 14:38 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2013-09-20 11:17 - 2012-12-29 12:49 - 00000000 ____D C:\Program Files (x86)\AVA-DE
2013-09-19 22:54 - 2012-11-28 21:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-19 22:54 - 2012-11-28 21:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-19 22:54 - 2012-11-28 21:15 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-19 19:22 - 2013-09-19 19:22 - 00000000 ___HD C:\Users\Panti\Documents\Freemake_do_not_remove_this_folder635152153343906000
2013-09-19 16:42 - 2013-09-19 16:42 - 00000000 _____ C:\Windows\SysWOW64\FAP56D2.tmp
2013-09-19 16:42 - 2013-09-19 16:42 - 00000000 _____ C:\Windows\SysWOW64\FAP53A4.tmp
2013-09-19 16:42 - 2013-09-19 16:42 - 00000000 _____ C:\Windows\SysWOW64\FAP38E1.tmp
2013-09-19 16:42 - 2013-09-19 16:42 - 00000000 _____ C:\Windows\SysWOW64\FAP3526.tmp
2013-09-19 16:41 - 2013-09-19 16:41 - 00000000 _____ C:\Windows\SysWOW64\FAP5A4F.tmp
2013-09-19 16:41 - 2013-09-19 16:41 - 00000000 _____ C:\Windows\SysWOW64\FAP5618.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAPEB90.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAPEB00.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAPB33B.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAPB24E.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAP4F35.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAP4E68.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAPD1A1.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAPCF6D.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAPC404.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAPC23D.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAP911C.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAP90BC.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAP2A71.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAP2A00.tmp
2013-09-19 16:37 - 2013-09-19 16:37 - 00000000 _____ C:\Windows\SysWOW64\FAPE953.tmp
2013-09-19 16:37 - 2013-09-19 16:37 - 00000000 _____ C:\Windows\SysWOW64\FAPE885.tmp
2013-09-19 14:22 - 2013-09-19 13:10 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MgameEU
2013-09-19 12:00 - 2013-09-19 12:00 - 00000000 ____D C:\Users\Panti\AppData\Roaming\FEAR-Community.org
2013-09-19 11:03 - 2012-12-06 11:21 - 00000000 ____D C:\Users\Panti\AppData\Roaming\DesktopIconForAmazon
2013-09-19 10:02 - 2012-12-06 11:21 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Opera
2013-09-18 21:48 - 2013-09-18 21:40 - 00004096 _____ C:\Users\Public\Documents\00001119.LCS
2013-09-18 21:39 - 2013-09-18 21:39 - 00000000 ____D C:\Users\Panti\AppData\Roaming\ProtectDisc
2013-09-18 10:47 - 2013-09-18 10:32 - 00000000 ____D C:\Users\Panti\AppData\Local\Oblivion
2013-09-18 10:34 - 2013-09-18 10:34 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks
2013-09-18 10:32 - 2013-09-18 10:32 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2013-09-17 09:55 - 2013-09-17 09:54 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-15 19:21 - 2013-09-15 19:21 - 00000000 ____D C:\Users\Panti\Documents\Firefall
2013-09-15 19:21 - 2013-09-15 19:21 - 00000000 ____D C:\Users\Panti\AppData\Local\Red 5 Studios
2013-09-15 16:04 - 2013-09-15 16:04 - 00000000 ____D C:\Program Files (x86)\Red 5 Studios
2013-09-15 14:40 - 2013-09-15 13:40 - 00000000 ____D C:\Program Files (x86)\MicroVolts
2013-09-15 13:53 - 2013-09-15 13:53 - 00000000 ____D C:\Users\Panti\AppData\Roaming\library_dir
2013-09-14 21:42 - 2013-09-14 21:42 - 00000000 ____D C:\Windows\pss
2013-09-14 21:42 - 2012-11-28 20:07 - 00000000 ___RD C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-14 20:10 - 2012-11-29 19:57 - 00000000 ____D C:\Download
2013-09-14 15:25 - 2012-12-08 01:24 - 00001107 _____ C:\Users\UpdatusUser\Desktop\BlackShot.lnk
2013-09-14 12:35 - 2013-09-14 12:35 - 00000000 ____D C:\Users\Panti\Documents\ACR
2013-09-14 10:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-13 22:46 - 2013-07-22 15:34 - 00000000 ____D C:\Nexon
2013-09-13 17:45 - 2012-11-28 20:06 - 00000000 ____D C:\Users\Panti
2013-09-13 16:41 - 2012-12-08 14:23 - 00283032 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-09-12 17:56 - 2012-11-28 19:58 - 00000000 ____D C:\Windows\Panther
2013-09-12 10:58 - 2013-10-07 22:13 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 12947360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-12 10:58 - 2013-10-07 22:13 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-09-12 10:58 - 2013-02-19 22:32 - 15901448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-09-12 10:58 - 2013-02-19 22:32 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-09-12 10:58 - 2013-02-19 22:32 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-09-12 10:58 - 2012-11-29 16:44 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-09-12 10:58 - 2012-11-29 16:44 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-09-12 10:58 - 2012-11-29 16:43 - 00022814 _____ C:\Windows\system32\nvinfo.pb
2013-09-12 09:25 - 2012-11-29 16:45 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-09-12 09:25 - 2012-11-29 16:45 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-09-12 09:25 - 2012-11-29 16:45 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-09-12 09:25 - 2012-11-29 16:45 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-09-12 09:25 - 2012-11-29 16:45 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-09-12 09:25 - 2012-11-29 16:45 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-09-12 00:06 - 2013-10-07 16:53 - 03361114 _____ C:\Windows\system32\nvcoproc.bin
2013-09-11 09:14 - 2012-11-28 20:07 - 00000000 ___RD C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-11 09:12 - 2009-07-14 06:45 - 00285696 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-11 09:08 - 2013-09-03 22:44 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 09:02 - 2012-11-29 13:01 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-09 09:50 - 2013-09-09 09:48 - 00000000 ____D C:\Users\Panti\AppData\Local\DownloadGuide
2013-09-09 09:49 - 2012-11-28 20:08 - 00001425 _____ C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-09 09:33 - 2013-09-09 09:33 - 00000000 ____D C:\Users\Panti\.thumb
2013-09-09 07:39 - 2013-06-21 13:47 - 00000000 ____D C:\Program Files\CCleaner
2013-09-08 23:36 - 2012-12-12 21:25 - 00015360 ____H C:\Users\Panti\Desktop\photothumb.db

Files to move or delete:
====================
C:\ProgramData\hash.dat
C:\Users\Panti\jagex_cl_runescape_LIVE.dat
C:\Users\Panti\jagex_cl_runescape_LIVE1.dat
C:\Users\Panti\random.dat


Some content of TEMP:
====================
C:\Users\Panti\AppData\Local\Temp\CleanSchedule.exe
C:\Users\Panti\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Panti\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Panti\AppData\Local\Temp\SHSetup.exe
C:\Users\Panti\AppData\Local\Temp\Uninstaller-2264.exe
C:\Users\Panti\AppData\Local\Temp\Uninstaller-4160.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-01 08:26

==================== End Of Log ============================

--- --- ---

Pantherchen · 08.10.2013, 12:18

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Panti at 2013-10-08 13:14:18
Running from C:\Users\Panti\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

Adobe AIR (x32 Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader XI - Deutsch (x32 Version: 11.0.00)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)
Aeria Ignite (x32 Version: 1.13.3296)
Akamai NetSession Interface (HKCU)
Akamai NetSession Interface (x32)
Alliance of Valiant Arms (x32)
Allods Online 4.0.02.43 (x32 Version: 4.0.02.43)
Apple Application Support (x32 Version: 2.3)
Apple Software Update (x32 Version: 2.1.3.127)
Arc (x32 Version: 1.0.0.5510)
Ashampoo Photo Commander 9 v.9.4.3 (x32 Version: 9.4.3)
Avanquest update (x32 Version: 1.31)
AVG Security Toolbar (x32 Version: 15.2.0.5)
Bandisoft MPEG-1 Decoder (x32)
Borderlands (x32 Version: 1.0.295)
Call of Duty (x32)
CCleaner (Version: 4.05)
CDBurnerXP (x32 Version: 4.5.1.3868)
COMPUTERBILD-Abzockschutz (x32 Version: 1.0.49)
D3DX10 (x32 Version: 15.4.2368.0902)
DEUTSCHLAND SPIELT GAME CENTER (x32)
Die Sims™ 3 (x32 Version: 1.57.62)
Dino Storm (HKCU Version: 12345.0.0.0)
DivX-Setup (x32 Version: 2.6.1.22)
Dual-Core Optimizer (x32 Version: 1.1.4.0169)
EXPERTool v8.9 (x32 Version: 8.9.5.0)
Fable - The Lost Chapters (x32 Version: 1.00.0000)
Far Cry (OEM) (x32 Version: 1.00.0000)
FireJump (x32 Version: 1.0.2.5)
FormatFactory 3.0.1 (x32 Version: 3.0.1)
Fotogalerie (x32 Version: 16.4.3505.0912)
Free Realms (HKCU)
Freemake Music Box (x32 Version: 0.9.7)
Freemake Video Converter Version 3.1.2 (x32 Version: 3.1.2)
Freemake Video Downloader (x32 Version: 3.5.2)
Gameforge Live 1.8.0 "Legend" (x32 Version: 1.8.0)
GameShadow (x32 Version: 2.01.0000)
GeForce Experience NvStream Client Components (Version: 0.1.87)
GIMP 2.8.4 (Version: 2.8.4)
G'MIC for GIMP Version 1.5.6.1 (x32 Version: 1.5.6.1)
Google Update Helper (x32 Version: 1.3.23.0)
Hercules HD Emotion (x32 Version: 4.0.2.1)
Hercules Webcam Station Evolution (x32 Version: 4.0.2.6)
HTC BMP USB Driver (x32 Version: 1.0.5375)
HTC Driver Installer (x32 Version: 3.0.0.021)
HTC Sync (x32 Version: 3.2.20)
Java 7 Update 13 (64-bit) (Version: 7.0.130)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Junk Mail filter update (x32 Version: 16.4.3505.0912)
Kalydo Player 5.08.00 (HKCU Version: 5.08.00)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190)
Kingsoft Office 2012 (8.1.0.3333) (x32 Version: 8.1.0.3333)
K-Lite Codec Pack 9.5.0 (Full) (x32 Version: 9.5.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)
Microsoft .NET Framework 1.1 (x32)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Microsoft Xbox 360 Accessories 1.1 (Version: 1.10.123.0)
Microsoft-Maus- und Tastatur-Center (Version: 2.1.177.0)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Need For Speed™ World (x32 Version: 1.0.0.1229)
Nero 7 Demo (x32 Version: 7.00.2739)
Nexon Game Manager (x32)
NVIDIA 3D Vision Controller-Treiber 326.01 (Version: 326.01)
NVIDIA 3D Vision Treiber 327.23 (Version: 327.23)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1)
NVIDIA Grafiktreiber 327.23 (Version: 327.23)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.133.902)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2723)
NVIDIA Systemsteuerung 327.23 (Version: 327.23)
NVIDIA Update 8.3.14 (Version: 8.3.14)
NVIDIA Update Components (Version: 8.3.14)
NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5)
Obscure (x32 Version: 1.00.0000)
OpenAL (x32)
Origin (x32 Version: 9.2.1.4399)
Pando Media Booster (x32 Version: 2.6.0.8)
Pandora Service (x32)
PDF-Viewer (Version: 2.5.207.0)
Photo Gallery (x32 Version: 16.4.3505.0912)
PhotoScape (x32)
Picasa 3 (x32 Version: 3.9)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Pokémon Trading Card Game Online (x32 Version: 1.0.0)
Project64 1.6 (x32 Version: 1.6)
PunkBuster Services (x32 Version: 0.990)
QuickTime (x32 Version: 7.74.80.86)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6873)
RealUpgrade 1.1 (x32 Version: 1.1.0)
Reimage Protector
SearchAnonymizer (Version: 1.0.1 (de))
Secret Maryo Chronicles (x32 Version: 1.9)
Shadowgun: DeadZone (x32 Version: 2.0.1)
SHIELD Streaming (Version: 1.05.28)
ShotOnline (x32 Version: 1.0)
Skype™ 6.7 (x32 Version: 6.7.102)
Sony PC Companion 2.10.165 (x32 Version: 2.10.165)
Spiral Knights (x32)
Steam (x32 Version: 1.0.0.0)
SUPER © v2012.build.54 (Nov 18, 2012) Version v2012.build.54 (x32 Version: v2012.build.54)
swMSM (x32 Version: 12.0.0.1)
System Requirements Lab CYRI (x32 Version: 6.0.7.0)
TeamSpeak 3 Client (HKCU Version: 3.0.10.1)
TeamViewer 8 (x32 Version: 8.0.16447)
The KMPlayer (remove only) (x32 Version: 3.4.0.59)
Torchlight II (x32)
UltraBrowser a9699 (x32)
Unity Web Player (HKCU Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
Vindictus EU (x32)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.7 (x32 Version: 2.0.7)
Warframe (x32 Version: 1.0.0)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live Family Safety (x32 Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Mail (x32 Version: 16.4.3505.0912)
Windows Live Messenger (x32 Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Live Writer (x32 Version: 16.4.3505.0912)
Windows Live Writer Resources (x32 Version: 16.4.3505.0912)
Windows Utils (x32)
WinPcap 4.1.2 (x32 Version: 4.1.0.2001)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
Wizard101(DE) (HKCU)
Yahoo! Detect (x32)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {105C1330-4884-479A-9BB0-A2DBAE0DCBF1} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: {12EDF52D-2B57-42E8-9F1D-390D46DA617C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {1DD67045-EC04-4539-AD1A-6950E3DF6E58} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {35B9714F-50BD-4FC5-9865-016E945B8011} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3C25F988-1C58-4193-ABBB-16A12433B1C7} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {43CFFD60-F0B9-438D-B886-201C309A6EB9} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-04-17] ()
Task: {50AC7DA6-B8A4-4946-B07A-E0080C0E6779} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-19] (Adobe Systems Incorporated)
Task: {5BC53EA3-34C0-4D7F-9D1C-2D48D08F06F2} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe
Task: {705CBE7F-B005-4B7C-8791-1604B0D961B6} - System32\Tasks\DSite => C:\Users\Panti\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE
Task: {747A63A4-D88D-410A-BBC3-FC0E826F333E} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {76B6623B-E1D2-41F2-AB9E-559D3E3D19B1} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3609988531-2309053988-1203174479-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {8330703B-DDA1-4D8F-8FF9-344E6E4908E2} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3609988531-2309053988-1203174479-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {83F59093-ED97-470E-AB1D-BD40FAE803E2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3609988531-2309053988-1203174479-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {96F43D98-A158-4CA3-8BCC-66F7602FE630} - System32\Tasks\QtraxPlayer => C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe [2013-05-13] (Microsoft Corporation)
Task: {975B7D05-8F1D-4ECA-B74D-321593580621} - System32\Tasks\Omiga Plus RunAsStdUser => C:\Program Files (x86)\Omiga Plus\omigaplus.exe
Task: {A2B00D73-DF6C-443C-B6D4-C22E94DC5D93} - System32\Tasks\DealPly => C:\Users\Panti\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE
Task: {A613B2DE-5CB7-4834-803A-28CCAC8D12C2} - System32\Tasks\XboxStatTask => C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe [2007-09-26] (Microsoft Corporation)
Task: {B330187B-121D-474E-B3A6-19568094C08B} - System32\Tasks\Updater21810.exe => C:\Users\Panti\AppData\Local\Updater21810\Updater21810.exe [2013-01-06] (FileProperties_CompanyName)
Task: {C93571DD-90D1-47F5-8771-34A9EC9B779B} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {DF8B502D-DE89-4BCF-909A-192DED27FB87} - System32\Tasks\{C4081544-C8B6-4464-9CAF-820D662CD7CF} => C:\Program Files (x86)\8BallClub\GameDirector.exe
Task: {EC14AD2F-4DAB-4102-BE0F-99C0BA63A35A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {F382C6BC-38B1-452C-9F50-7003CA1F39A2} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3609988531-2309053988-1203174479-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {FA11ED50-F606-43C1-A165-8316B05CB8A9} - System32\Tasks\WpsUpdateTask_Panti => C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [2012-09-03] (Zhuhai Kingsoft Office-software Co.,Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Dealply.job => C:\Users\Panti\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\WpsUpdateTask_Panti.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe

==================== Loaded Modules (whitelisted) =============

2012-11-29 16:45 - 2013-09-12 09:25 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-08-17 21:39 - 2013-06-16 10:22 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2012-11-28 22:14 - 2012-10-22 12:15 - 01277952 ____N () C:\Program Files (x86)\PANDORA.TV\PanService\avformat-53.dll
2012-11-28 22:14 - 2012-07-09 18:57 - 02090496 ____N () C:\Program Files (x86)\PANDORA.TV\PanService\avcodec-53.dll
2012-11-28 22:14 - 2011-12-06 17:19 - 00133632 ____N () C:\Program Files (x86)\PANDORA.TV\PanService\avutil-51.dll
2012-11-28 22:14 - 2012-03-23 11:07 - 00224768 ____N () C:\Program Files (x86)\PANDORA.TV\PanService\libupnp.dll
2012-08-17 21:38 - 2012-08-17 21:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2013-10-01 22:15 - 2013-10-01 22:15 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-05-22 16:11 - 2013-05-22 16:11 - 00020024 _____ () C:\Program Files (x86)\COMPUTERBILD-Abzockschutz\Internet Explorer\BandObjectsLib.dll
2013-02-14 11:12 - 2013-02-14 11:14 - 00138752 _____ () C:\ProgramData\DNSErrorHelper\bho.dll
2013-09-11 14:38 - 2013-09-11 14:38 - 16177544 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\Panti:gs5sys
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\Templates:gs5sys
AlternateDataStreams: C:\ProgramData\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\Panti\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\Panti\Cookies:gs5sys
AlternateDataStreams: C:\Users\Panti\Lokale Einstellungen:gs5sys
AlternateDataStreams: C:\Users\Panti\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\Panti\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Panti\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\Panti\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\Panti\AppData\Local\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\Panti\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\Panti\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/08/2013 00:41:55 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (10/08/2013 09:49:50 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16686, Zeitstempel: 0x52058cf0
Name des fehlerhaften Moduls: jscript9.dll, Version: 10.0.9200.16686, Zeitstempel: 0x5205977a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003fae7
ID des fehlerhaften Prozesses: 0x158c
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (10/08/2013 09:44:06 AM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (10/08/2013 09:15:37 AM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 24.0.0.5001 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 6e4

Startzeit: 01cec3f5e89b8080

Endzeit: 49

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: 5a87ceb1-2fe9-11e3-8d2b-485b3960e811

Error: (10/08/2013 08:58:02 AM) (Source: Application Hang) (User: )
Description: Programm mbam-setup-1.75.0.1300.tmp, Version 51.52.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18e0

Startzeit: 01cec3f344048ff0

Endzeit: 2

Anwendungspfad: C:\Users\Panti\AppData\Local\Temp\is-MP8A2.tmp\mbam-setup-1.75.0.1300.tmp

Berichts-ID:

Error: (10/08/2013 08:41:08 AM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (10/08/2013 08:40:26 AM) (Source: Windows Search Service) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/08/2013 08:40:26 AM) (Source: Windows Search Service) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/08/2013 08:40:26 AM) (Source: Windows Search Service) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/08/2013 08:40:26 AM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)


System errors:
=============
Error: (10/08/2013 00:41:15 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
prodrv06
prohlp02
prosync1
sfhlp01

Error: (10/08/2013 00:40:18 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "4game-service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/08/2013 00:40:03 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (10/08/2013 09:43:18 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
prodrv06
prohlp02
prosync1
sfhlp01

Error: (10/08/2013 09:42:28 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "4game-service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/08/2013 09:42:13 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (10/08/2013 08:40:46 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/08/2013 08:40:46 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.

Error: (10/08/2013 08:40:35 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/08/2013 08:40:35 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.


Microsoft Office Sessions:
=========================
Error: (10/08/2013 00:41:55 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2013 09:49:50 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1668652058cf0jscript9.dll10.0.9200.166865205977ac00000050003fae7158c01cec3fa36202640C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\jscript9.dll35927740-2fee-11e3-8ab9-485b3960e811

Error: (10/08/2013 09:44:06 AM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2013 09:15:37 AM) (Source: Application Hang)(User: )
Description: firefox.exe24.0.0.50016e401cec3f5e89b808049C:\Program Files (x86)\Mozilla Firefox\firefox.exe5a87ceb1-2fe9-11e3-8d2b-485b3960e811

Error: (10/08/2013 08:58:02 AM) (Source: Application Hang)(User: )
Description: mbam-setup-1.75.0.1300.tmp51.52.0.018e001cec3f344048ff02C:\Users\Panti\AppData\Local\Temp\is-MP8A2.tmp\mbam-setup-1.75.0.1300.tmp

Error: (10/08/2013 08:41:08 AM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2013 08:40:26 AM) (Source: Windows Search Service)(User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/08/2013 08:40:26 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/08/2013 08:40:26 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/08/2013 08:40:26 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer


CodeIntegrity Errors:
===================================
  Date: 2013-10-08 11:27:20.127
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-08 11:27:20.125
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-08 11:27:20.119
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-08 10:34:06.010
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-08 10:34:06.008
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-08 10:34:06.006
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-07 11:20:45.614
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-07 11:20:45.612
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-07 11:20:45.610
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-07 11:20:45.593
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 60%
Total physical RAM: 3071.29 MB
Available physical RAM: 1215.94 MB
Total Pagefile: 6140.76 MB
Available Pagefile: 3863.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.75 GB) (Free:286.71 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (BORDERLANDS_DEU) (CDROM) (Total:6.09 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 07530752)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

aharonov · 08.10.2013, 12:42

Ok.

Schritt 1

Gehe zu Start --> Systemsteuerung und öffne Programme und Funktionen.
Suche und deinstalliere dort der Reihe nach folgende Einträge:
- AVG Security Toolbar
- Reimage Protector
- SearchAnonymizer
- Windows Utils
Schliesse das Fenster wieder und führe einen Neustart durch, wenn das gefordert wurde.

Schritt 2

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Schritt 4

Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Pantherchen · 08.10.2013, 13:21

aber das AVG Security Toolbar kann ich nicht Deinstalieren öffnet sich nicht

aharonov · 08.10.2013, 13:23

Ok, dann mach einfach mit dem nächsten weiter.

Pantherchen · 08.10.2013, 14:14

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.006 - Bericht erstellt am 08/10/2013 um 14:44:37
# Updated 01/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Panti - PANTI-PC
# Gestartet von : C:\Users\Panti\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : AddonsHelper

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\DSearchLink
Ordner Gelöscht : C:\ProgramData\eSafe
Ordner Gelöscht : C:\Program Files (x86)\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\CoolLyrics
Ordner Gelöscht : C:\Program Files (x86)\DealPly
Ordner Gelöscht : C:\Program Files (x86)\Giant Savings Extension
Ordner Gelöscht : C:\Program Files (x86)\Iminent
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup 
Ordner Gelöscht : C:\Program Files (x86)\Omiga Plus
Ordner Gelöscht : C:\Program Files (x86)\StartNow Toolbar
Ordner Gelöscht : C:\Program Files (x86)\WinZipper
Ordner Gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\Common Files\spigot
Ordner Gelöscht : C:\Users\Panti\AppData\Local\apn
Ordner Gelöscht : C:\Users\Panti\AppData\Local\AVG Secure Search
Ordner Gelöscht : C:\Users\Panti\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Panti\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\Panti\AppData\Local\Giant Savings Extension
Ordner Gelöscht : C:\Users\Panti\AppData\Local\Mail.Ru
Ordner Gelöscht : C:\Users\Panti\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Panti\AppData\LocalLow\AVG Secure Search
Ordner Gelöscht : C:\Users\Panti\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Panti\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Panti\AppData\LocalLow\SimplyTech
Ordner Gelöscht : C:\Users\Panti\AppData\Roaming\Common\LuaRT
Ordner Gelöscht : C:\Users\Panti\AppData\Roaming\DataMgr
Ordner Gelöscht : C:\Users\Panti\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\Panti\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Panti\AppData\Roaming\eIntaller
Ordner Gelöscht : C:\Users\Panti\AppData\Roaming\fbDownloader
Ordner Gelöscht : C:\Users\Panti\AppData\Roaming\HELPER
Ordner Gelöscht : C:\Users\Panti\AppData\Roaming\Intermediate
Ordner Gelöscht : C:\Users\Panti\AppData\Roaming\OCS
Ordner Gelöscht : C:\Users\Panti\AppData\Roaming\Omiga Plus
Ordner Gelöscht : C:\Users\Panti\AppData\Roaming\SCheck
Ordner Gelöscht : C:\Users\Panti\AppData\Roaming\SSync
Ordner Gelöscht : C:\Users\Panti\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Panti\AppData\Roaming\Windows Net Data
Ordner Gelöscht : C:\Users\Panti\AppData\Roaming\WinZipper
Ordner Gelöscht : C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\0kreotmv.default\jetpack
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
Ordner Gelöscht : C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\120
Ordner Gelöscht : C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\Users\Panti\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Ordner Gelöscht : C:\Users\Panti\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
Datei Gelöscht : C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\\invalidprefs.js
Datei Gelöscht : C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\0kreotmv.default\searchplugins\Mysearchdial.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml
Datei Gelöscht : C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\0kreotmv.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\0kreotmv.default\user.js
Datei Gelöscht : C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\user.js
Datei Gelöscht : C:\Windows\Tasks\Dealply.job
Datei Gelöscht : C:\Windows\System32\Tasks\Dealply
Datei Gelöscht : C:\Windows\System32\Tasks\DSite
Datei Gelöscht : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser
Datei Gelöscht : C:\Windows\System32\Tasks\QtraxPlayer

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{77BEC163-D389-42c1-91A4-C758846296A5}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [dnshelp@dnshelp.com]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [firejump@firejump.net]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ToolbarBroker.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ZGClnt.Mngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ZGClnt.Mngr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings Extension_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings Extension_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings Extension-InternalInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings Extension-InternalInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Schlüssel Gelöscht : HKCU\Software\868cd1b43dbf12
Schlüssel Gelöscht : HKLM\SOFTWARE\868cd1b43dbf12
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3298566
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_gta-iv-san-andreas_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_gta-iv-san-andreas_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_need-for-speed-underground_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_need-for-speed-underground_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_real-pool_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_real-pool_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_vindictus_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_vindictus_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_age-of-conan-unchained_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_age-of-conan-unchained_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_carom3d_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_carom3d_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_directx_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_directx_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fifa-online-2_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fifa-online-2_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_google-chrome_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_google-chrome_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_kmplayer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_kmplayer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_operation7_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_operation7_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photoscape_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photoscape_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_pokemon-revolution_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_pokemon-revolution_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_pokemon-world-online_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_pokemon-world-online_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_pool-sharks_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_pool-sharks_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_summoning-wars_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_summoning-wars_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{FAA8C612-F1B6-461B-8B60-B54D74D9642E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{38BF9661-BDA0-4A74-BB3B-576EC7AE16DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5911488E-9D1E-40EC-8CBB-06B231CC153F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Wert Gelöscht : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Cr_Installer
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\FoxyDeal
Schlüssel Gelöscht : HKCU\Software\Headlight
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\PIP
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\smartbar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\V9
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\Zugo
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Giant Savings Extension
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Plus-HD-2.3
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Search Settings
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\smartbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\TubeSaver
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\Desksvc
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\InstallCore
Schlüssel Gelöscht : HKLM\Software\omigaplusSvc
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\Software\StartNow Toolbar
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Uniblue\DriverScanner
Schlüssel Gelöscht : HKLM\Software\V9
Schlüssel Gelöscht : HKLM\Software\Video downloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Video downloader

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16686

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page Restore]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v24.0 (de)

[ Datei : C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\0kreotmv.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultenginename", "Web Search");
Zeile gelöscht : user_pref("browser.search.defaultengine", "Web Search");
Zeile gelöscht : user_pref("browser.search.order.1", "Web Search");
Zeile gelöscht : user_pref("wtb6787.homepage", "hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1378712919604&tguid=66920-6787-1378712919604-F3E7F2539B469CEDA782D812367D0FB4");
Zeile gelöscht : user_pref("wtb6787.newtab", "hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1378712919604&tguid=66920-6787-1378712919604-F3E7F2539B469CEDA782D812367D0FB4");

[ Datei : C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\prefs.js ]

Zeile gelöscht : user_pref("CT3298566.FF19Solved", "true");
Zeile gelöscht : user_pref("CT3298566.UserID", "UN14193273552257016");
Zeile gelöscht : user_pref("CT3298566.browser.search.defaultthis.engineName", "true");
Zeile gelöscht : user_pref("CT3298566.fullUserID", "UN14193273552257016.IN.20130827184452");
Zeile gelöscht : user_pref("CT3298566.installDate", "27/08/2013 18:44:59");
Zeile gelöscht : user_pref("CT3298566.installSessionId", "{080F067A-383A-40CE-81DE-D7E40F867245}");
Zeile gelöscht : user_pref("CT3298566.installSp", "TRUE");
Zeile gelöscht : user_pref("CT3298566.installerVersion", "1.6.1.2");
Zeile gelöscht : user_pref("CT3298566.keyword", "true");
Zeile gelöscht : user_pref("CT3298566.originalSearchAddressUrl", "");
Zeile gelöscht : user_pref("CT3298566.originalSearchEngine", "");
Zeile gelöscht : user_pref("CT3298566.originalSearchEngineName", "");
Zeile gelöscht : user_pref("CT3298566.searchRevert", "false");
Zeile gelöscht : user_pref("CT3298566.searchUserMode", "2");
Zeile gelöscht : user_pref("CT3298566.smartbar.homepage", "true");
Zeile gelöscht : user_pref("CT3298566.versionFromInstaller", "10.19.2.5");
Zeile gelöscht : user_pref("CT3298566.xpeMode", "0");
Zeile gelöscht : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3298566&octid=CT3298566&SearchSource=61&CUI=UN14193273552257016&UM=2&UP=SP73FA902B-1A15-42C7-9D42-9D52650050BD");
Zeile gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Zeile gelöscht : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\15.2.0.5");
Zeile gelöscht : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.com|google\\.\\w+|yahoo\\.\\w+|gmail\\.\\w+|hotmail\\.\\w+|live\\.\\w+|isearch\\.avg\\.com|mysearch\\.avg\\.com");
Zeile gelöscht : user_pref("browser.search.defaultengine", "Web Search");
Zeile gelöscht : user_pref("browser.search.defaultthis.engineName", "MixiDJ V30 Customized Web Search");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&CUI=UN14193273552257016&UM=2&SearchSource=3&q={searchTerms}");
Zeile gelöscht : user_pref("browser.search.order.1", "Web Search");
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.backgroundjs", "\n\n/*****************************************************************************[...]
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.internaldb.cache/3518e1eac042730aa1274618984462b3_DE.value", "%22var%20cat_3518e1eac042730aa127461[...]
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.value", "%22function%20tcmMarkWindow%28a%29%7Bva[...]
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.internaldb.cache/d5baae4ef839769f8eb7e9f9d82d8a40_DE.value", "%22var%20cat_d5baae4ef839769f8eb7e9f[...]
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.internaldb.cache/d9fe5d2850f1ed167451b193e8bd0e0c_DE.value", "%22var%20cat_d9fe5d2850f1ed167451b19[...]
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.js", "\n\n  /************************************************************************************\[...]
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return app[...]
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.plugins.plugin_104.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n    appAP[...]
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n    appAP[...]
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.plugins.plugin_120.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n    appAP[...]
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.plugins.plugin_123.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n    appAP[...]
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.plugins.plugin_13.name", "CrossriderAppUtils");
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.plugins.plugin_138.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n    appAP[...]
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.plugins.plugin_14.name", "CrossriderUtils");
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.plugins.plugin_155.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n    appAP[...]
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _[...]
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1[...]
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.a[...]
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.que[...]
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_con[...]
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a};}()var [...]
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.plugins.plugin_78.name", "CrossriderInfo");
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jquery;if(appAPI.platform==\[...]
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.plugins.plugin_91.code", "(function(h){var p=(function(){var R=0;var Z=\"\";function Q(ac){return [...]
Zeile gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.33426.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"undefined\"){appAPI.internal.[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.backgroundjs", "\n\n/*****************************************************************************[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.js", "\n\n  /************************************************************************************\[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return app[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n    appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_104.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n    appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n    appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_120.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n    appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_123.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n    appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_13.name", "CrossriderAppUtils");
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_138.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n    appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_14.name", "CrossriderUtils");
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_155.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n    appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.a[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.que[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_con[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a};}()var [...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_78.name", "CrossriderInfo");
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jquery;if(appAPI.platform==\[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_91.code", "(function(h){var p=(function(){var R=0;var Z=\"\";function Q(ac){return [...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"undefined\"){appAPI.internal.[...]
Zeile gelöscht : user_pref("extensions.crossrider.bic", "13fce590bf42868b8e387e0745968d1b");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.id", "c0b801cc000000000000485b3960e811");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15967");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.24.6");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.24.610:04:17");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.24.6");
Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=119828&tsp=5010");
Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Zeile gelöscht : user_pref("extensions.mysearchdial.aflt", "solimmsd");
Zeile gelöscht : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Zeile gelöscht : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyCtD0EzztCtCtDtC0C0CtN0D0Tzu0CyDtAyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1B1F1I1L1H1H1B1Q");
Zeile gelöscht : user_pref("extensions.mysearchdial.cr", "2050220089");
Zeile gelöscht : user_pref("extensions.mysearchdial.dfltLng", "");
Zeile gelöscht : user_pref("extensions.mysearchdial.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.mysearchdial.dnsErr", true);
Zeile gelöscht : user_pref("extensions.mysearchdial.excTlbr", false);
Zeile gelöscht : user_pref("extensions.mysearchdial.hmpg", true);
Zeile gelöscht : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=solimmsd&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyCtD0EzztCtCtDtC0C0CtN0D0Tzu0CyDtAyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1B1F1I1[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.id", "485B3960E81101CC");
Zeile gelöscht : user_pref("extensions.mysearchdial.instlDay", "15875");
Zeile gelöscht : user_pref("extensions.mysearchdial.instlRef", "");
Zeile gelöscht : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=solimmsd&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyCtD0EzztCtCtDtC0C0CtN0D0Tzu0CyDtAyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1B1F1[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Zeile gelöscht : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Zeile gelöscht : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Zeile gelöscht : user_pref("extensions.mysearchdial.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=solimmsd&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzyyCtD0EzztCtCtDtC0C0CtN0D0Tzu0CyDtAyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1B1[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.vrsn", "");
Zeile gelöscht : user_pref("extensions.mysearchdial.vrsni", "");
Zeile gelöscht : user_pref("extensions.mysearchdial_i.hmpg", true);
Zeile gelöscht : user_pref("extensions.mysearchdial_i.newTab", false);
Zeile gelöscht : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.mysearchdial_i.vrsnTs", "16:28:32");
Zeile gelöscht : user_pref("extensions.wajam.affiliate_id", "6447");
Zeile gelöscht : user_pref("extensions.wajam.firstrun", "false");
Zeile gelöscht : user_pref("extensions.wajam.log_send_info", "false");
Zeile gelöscht : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"supported_sites\":{\"google\":{\"patterns\":[\"^hxxp\\\\:\\/\\/www\\\\.google\\\\..{2,3}(|\\\\\\/ig|\\\\\\/firefox)\",\"[...]
Zeile gelöscht : user_pref("extensions.wajam.no_trace", "false");
Zeile gelöscht : user_pref("extensions.wajam.server_current_mapping_version", "0.21087");
Zeile gelöscht : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'W[...]
Zeile gelöscht : user_pref("extensions.wajam.trace_log", "1374487455974 - processInstallationUpgrade - version set to : 1.26\n1374487455974 - processBrowserLoad - Bad mappingListJsonString: null\n1374487456236 - proce[...]
Zeile gelöscht : user_pref("extensions.wajam.unique_id", "449CFF984065E89E0C808EBA07EDBF69");
Zeile gelöscht : user_pref("extensions.wajam.user_current_mapping_version", "0");
Zeile gelöscht : user_pref("extensions.wajam.version", "1.26");
Zeile gelöscht : user_pref("smartbar.addressBarOwnerCTID", "CT3298566");
Zeile gelöscht : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3298566&CUI=UN14193273552257016&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3298566&octid=CT3298566&SearchSource[...]
Zeile gelöscht : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&SearchSource=2&CUI=UN14193273552257016&UM=2&q=");
Zeile gelöscht : user_pref("smartbar.defaultSearchOwnerCTID", "CT3298566");
Zeile gelöscht : user_pref("smartbar.homePageOwnerCTID", "CT3298566");
Zeile gelöscht : user_pref("smartbar.machineId", "YN0IQIDYVTRP4HKCKTZ/8INFP6RA3HOPSUJKBGXQAONMVAQJWTR4KXER009TURFALL5JQOJX/IWPFGDQKSYBRA");
Zeile gelöscht : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3298566&CUI=UN14193273552257016&UM=2&SearchSource=13");
Zeile gelöscht : user_pref("wtb6787.homepage", "hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1378712919604&tguid=66920-6787-1378712919604-F3E7F2539B469CEDA782D812367D0FB4");
Zeile gelöscht : user_pref("wtb6787.newtab", "hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1378712919604&tguid=66920-6787-1378712919604-F3E7F2539B469CEDA782D812367D0FB4");

*************************

AdwCleaner[R0].txt - [56348 octets] - [08/10/2013 14:43:50]
AdwCleaner[S0].txt - [52198 octets] - [08/10/2013 14:44:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [52259 octets] ##########

--- --- ---

Combofix Logfile:

Code:

ATTFilter

ComboFix 13-10-08.01 - Panti 08.10.2013  14:55:53.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3071.1513 [GMT 2:00]
ausgeführt von:: c:\users\Panti\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
FW: Kaspersky Internet Security *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
SP: Kaspersky Internet Security *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\cflog\CrashLog_20130923.txt
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-09-08 bis 2013-10-08  ))))))))))))))))))))))))))))))
.
.
2013-10-08 12:42 . 2013-10-08 12:44	--------	d-----w-	C:\AdwCleaner
2013-10-08 07:18 . 2013-10-08 07:19	--------	d-----w-	c:\programdata\CDB
2013-10-08 06:55 . 2013-10-08 06:55	--------	d-----w-	c:\users\Panti\AppData\Roaming\Malwarebytes
2013-10-08 06:55 . 2013-10-08 06:55	--------	d-----w-	c:\programdata\Malwarebytes
2013-10-08 06:51 . 2013-10-08 06:56	--------	d-----w-	c:\windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-10-08 06:24 . 2013-10-08 06:24	--------	d-----w-	C:\FRST
2013-10-07 21:01 . 2013-10-07 21:12	--------	d-----w-	C:\Perfect World Entertainment
2013-10-07 20:20 . 2013-10-07 20:20	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2013-10-07 20:18 . 2013-10-07 20:19	--------	d-----w-	c:\users\UpdatusUser.Panti-PC
2013-10-07 14:53 . 2013-10-07 14:53	--------	d-----w-	c:\program files (x86)\EXPERTool
2013-10-07 14:53 . 2013-09-11 22:06	3361114	----a-w-	c:\windows\system32\nvcoproc.bin
2013-10-05 16:20 . 2013-10-05 16:20	--------	d-----w-	c:\program files (x86)\FreeHDSport.TV
2013-10-05 16:20 . 2013-10-05 17:25	--------	d-----w-	c:\program files (x86)\FirstRowSportApp.com
2013-10-05 07:08 . 2013-09-05 05:32	9694160	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{029DC3F0-C00C-4073-9355-AC79A117B651}\mpengine.dll
2013-10-03 14:49 . 2013-10-03 14:49	40960	----a-r-	c:\users\Panti\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
2013-10-03 14:49 . 2013-10-03 14:49	40960	----a-r-	c:\users\Panti\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
2013-10-03 14:49 . 2013-10-03 14:50	--------	d-----w-	c:\program files (x86)\Project64 1.6
2013-10-03 09:02 . 2013-10-03 09:02	--------	d-----w-	c:\program files (x86)\MADFINGER Games
2013-10-02 18:12 . 2013-10-02 18:15	--------	d-----w-	c:\users\Panti\AppData\Roaming\smc
2013-10-02 18:10 . 2013-10-02 18:10	--------	d-----w-	c:\program files (x86)\Secret Maryo Chronicles
2013-10-01 17:27 . 2013-10-01 18:10	--------	d-----w-	c:\program files (x86)\Obscure
2013-10-01 16:22 . 2013-10-01 16:22	--------	d-----w-	c:\programdata\Logs
2013-10-01 16:19 . 2013-10-01 16:19	--------	d-sh--w-	c:\programdata\SecuROM
2013-10-01 16:08 . 2013-10-01 16:08	--------	d-----w-	c:\program files (x86)\2K Games
2013-10-01 15:26 . 2013-10-01 15:26	--------	d-----w-	c:\windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2013-09-28 15:36 . 2013-09-28 15:40	--------	d-----w-	c:\users\Panti\AppData\Local\Origin
2013-09-28 05:26 . 2013-09-28 15:39	--------	d-----w-	c:\program files (x86)\Origin
2013-09-27 10:43 . 2013-09-27 10:43	--------	d-----w-	c:\program files (x86)\Microsoft WSE
2013-09-24 13:43 . 2013-09-25 12:49	--------	d-----w-	c:\program files (x86)\Ubi Soft
2013-09-24 11:50 . 2013-09-26 07:18	--------	d-----w-	c:\program files (x86)\Call of Duty
2013-09-24 10:58 . 2013-09-24 10:58	--------	d-----w-	c:\users\Panti\AppData\Local\Wicked_Interactive_LTD
2013-09-23 11:36 . 2013-09-23 11:40	--------	d-----w-	C:\Counter-Strike 2D
2013-09-19 14:42 . 2013-09-19 14:42	0	----a-w-	c:\windows\SysWow64\FAP56D2.tmp
2013-09-19 14:42 . 2013-09-19 14:42	0	----a-w-	c:\windows\SysWow64\FAP53A4.tmp
2013-09-19 14:42 . 2013-09-19 14:42	0	----a-w-	c:\windows\SysWow64\FAP38E1.tmp
2013-09-19 14:42 . 2013-09-19 14:42	0	----a-w-	c:\windows\SysWow64\FAP3526.tmp
2013-09-19 14:41 . 2013-09-19 14:41	0	----a-w-	c:\windows\SysWow64\FAP5A4F.tmp
2013-09-19 14:41 . 2013-09-19 14:41	0	----a-w-	c:\windows\SysWow64\FAP5618.tmp
2013-09-19 14:40 . 2013-09-19 14:40	0	----a-w-	c:\windows\SysWow64\FAPEB90.tmp
2013-09-19 14:40 . 2013-09-19 14:40	0	----a-w-	c:\windows\SysWow64\FAPEB00.tmp
2013-09-19 14:40 . 2013-09-19 14:40	0	----a-w-	c:\windows\SysWow64\FAPB33B.tmp
2013-09-19 14:40 . 2013-09-19 14:40	0	----a-w-	c:\windows\SysWow64\FAPB24E.tmp
2013-09-19 14:40 . 2013-09-19 14:40	0	----a-w-	c:\windows\SysWow64\FAP4F35.tmp
2013-09-19 14:40 . 2013-09-19 14:40	0	----a-w-	c:\windows\SysWow64\FAP4E68.tmp
2013-09-19 14:38 . 2013-09-19 14:38	0	----a-w-	c:\windows\SysWow64\FAP2A71.tmp
2013-09-19 14:38 . 2013-09-19 14:38	0	----a-w-	c:\windows\SysWow64\FAP2A00.tmp
2013-09-19 14:38 . 2013-09-19 14:38	0	----a-w-	c:\windows\SysWow64\FAPD1A1.tmp
2013-09-19 14:38 . 2013-09-19 14:38	0	----a-w-	c:\windows\SysWow64\FAPCF6D.tmp
2013-09-19 14:38 . 2013-09-19 14:38	0	----a-w-	c:\windows\SysWow64\FAPC404.tmp
2013-09-19 14:38 . 2013-09-19 14:38	0	----a-w-	c:\windows\SysWow64\FAPC23D.tmp
2013-09-19 14:38 . 2013-09-19 14:38	0	----a-w-	c:\windows\SysWow64\FAP911C.tmp
2013-09-19 14:38 . 2013-09-19 14:38	0	----a-w-	c:\windows\SysWow64\FAP90BC.tmp
2013-09-19 14:37 . 2013-09-19 14:37	0	----a-w-	c:\windows\SysWow64\FAPE953.tmp
2013-09-19 14:37 . 2013-09-19 14:37	0	----a-w-	c:\windows\SysWow64\FAPE885.tmp
2013-09-19 10:00 . 2013-09-19 10:00	--------	d-----w-	c:\users\Panti\AppData\Roaming\FEAR-Community.org
2013-09-18 19:39 . 2013-09-18 19:39	--------	d-----w-	c:\users\Panti\AppData\Roaming\ProtectDisc
2013-09-18 08:34 . 2013-09-18 08:34	--------	d-----w-	c:\program files (x86)\Bethesda Softworks
2013-09-18 08:33 . 2005-04-03 21:00	63488	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2013-09-18 08:33 . 2005-04-03 21:02	753664	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2013-09-18 08:33 . 2005-04-03 21:02	69714	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2013-09-18 08:33 . 2005-04-03 21:01	274432	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2013-09-18 08:33 . 2005-04-03 21:00	184320	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2013-09-18 08:33 . 2005-04-03 20:59	5632	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2013-09-18 08:33 . 2013-09-18 08:33	331908	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2013-09-18 08:33 . 2013-09-18 08:33	200836	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2013-09-18 08:32 . 2013-09-18 08:32	178800	----a-w-	c:\windows\SysWow64\CmdLineExt_x64.dll
2013-09-18 08:32 . 2013-09-18 08:47	--------	d-----w-	c:\users\Panti\AppData\Local\Oblivion
2013-09-17 07:54 . 2013-09-17 07:55	--------	d-----w-	c:\programdata\Package Cache
2013-09-15 17:21 . 2013-09-15 17:21	--------	d-----w-	c:\users\Panti\AppData\Local\Red 5 Studios
2013-09-15 14:04 . 2013-09-15 14:04	--------	d-----w-	c:\program files (x86)\Red 5 Studios
2013-09-15 11:53 . 2013-09-15 11:53	--------	d-----w-	c:\users\Panti\AppData\Roaming\library_dir
2013-09-15 11:40 . 2013-09-15 12:40	--------	d---a-w-	c:\program files (x86)\MicroVolts
2013-09-14 19:18 . 2013-10-05 16:24	--------	d-----w-	C:\SG Interactive
2013-09-14 10:24 . 2013-09-23 16:46	--------	d-----w-	c:\program files (x86)\ACR
2013-09-13 15:45 . 2013-10-08 05:31	--------	d-----w-	c:\program files (x86)\Steam
2013-09-11 23:17 . 2013-09-11 23:17	571168	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2013-09-11 06:04 . 2013-08-05 02:25	155584	----a-w-	c:\windows\system32\drivers\ataport.sys
2013-09-11 06:03 . 2013-07-26 02:24	197120	----a-w-	c:\windows\system32\shdocvw.dll
2013-09-09 07:49 . 2013-08-13 06:38	32328	----a-w-	c:\windows\Launcher.exe
2013-09-09 07:33 . 2013-09-09 07:33	--------	d-----w-	c:\users\Panti\.thumb
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-26 17:12 . 2012-12-08 09:08	189248	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-09-26 17:11 . 2012-12-08 09:08	189248	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2013-09-26 17:11 . 2012-12-08 09:08	75136	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2013-09-19 20:54 . 2012-11-28 19:15	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-19 20:54 . 2012-11-28 19:15	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-13 14:41 . 2012-12-08 12:23	283032	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-09-12 08:58 . 2013-02-19 20:32	2986672	----a-w-	c:\windows\system32\nvapi64.dll
2013-09-12 08:58 . 2013-02-19 20:32	1412832	----a-w-	c:\windows\system32\nvumdshimx.dll
2013-09-12 08:58 . 2013-02-19 20:32	15901448	----a-w-	c:\windows\system32\nvwgf2umx.dll
2013-09-12 08:58 . 2012-11-29 14:44	61216	----a-w-	c:\windows\system32\OpenCL.dll
2013-09-12 08:58 . 2012-11-29 14:44	53024	----a-w-	c:\windows\SysWow64\OpenCL.dll
2013-09-12 07:25 . 2012-11-29 14:45	6599968	----a-w-	c:\windows\system32\nvcpl.dll
2013-09-12 07:25 . 2012-11-29 14:45	3452192	----a-w-	c:\windows\system32\nvsvc64.dll
2013-09-12 07:25 . 2012-11-29 14:45	920864	----a-w-	c:\windows\system32\nvvsvc.exe
2013-09-12 07:25 . 2012-11-29 14:45	63776	----a-w-	c:\windows\system32\nvshext.dll
2013-09-12 07:25 . 2012-11-29 14:45	2559776	----a-w-	c:\windows\system32\nvsvcr.dll
2013-09-12 07:25 . 2012-11-29 14:45	219424	----a-w-	c:\windows\system32\nvmctray.dll
2013-09-11 07:02 . 2012-11-29 11:01	79143768	----a-w-	c:\windows\system32\MRT.exe
2013-08-16 12:05 . 2013-07-04 10:46	431104	----a-w-	c:\windows\system32\wrap_oal.dll
2013-08-16 12:05 . 2013-07-04 10:46	116736	----a-w-	c:\windows\system32\OpenAL32.dll
2013-08-16 12:05 . 2013-01-23 18:34	86016	----a-w-	c:\windows\SysWow64\OpenAL32.dll
2013-08-16 12:05 . 2013-01-23 18:34	413696	----a-w-	c:\windows\SysWow64\wrap_oal.dll
2013-08-14 16:33 . 2012-11-29 17:56	235	----a-w-	c:\windows\SysWow64\nxEuUninstall.bat
2013-08-14 16:33 . 2013-07-22 13:34	446464	----a-w-	c:\windows\NEXON_EU_DownloaderUpdater.exe
2013-08-07 02:22 . 2010-11-21 03:27	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-08-02 01:48 . 2013-09-11 06:04	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-07-25 09:25 . 2013-09-03 09:08	1888768	----a-w-	c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-09-03 09:08	1620992	----a-w-	c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58 . 2013-09-03 09:09	2048	----a-w-	c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-09-03 09:09	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2006-05-03 10:06	163328	--sha-r-	c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47	31232	--sha-r-	c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30	216064	--sha-r-	c:\windows\SysWOW64\nbDX.dll
2010-01-06 23:00	107520	--sha-r-	c:\windows\SysWOW64\TAKDSDecoder.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{9B6B03F1-16CF-4491-BBBB-E872802DD717}]
2013-02-14 09:14	138752	----a-w-	c:\programdata\DNSErrorHelper\bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{e9e8eb35-ff77-455d-b677-91e5e4fc06c2}]
2010-11-21 03:24	297808	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-05-24 10:28	220632	----a-w-	c:\users\Panti\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-05-24 10:28	220632	----a-w-	c:\users\Panti\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-05-24 10:28	220632	----a-w-	c:\users\Panti\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2012-12-07 3093624]
"Akamai NetSession Interface"="c:\users\Panti\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [2013-06-16 356376]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"DisableLocalMachineRun"= 0 (0x0)
"DisableLocalMachineRunOnce"= 0 (0x0)
"DisableCurrentUserRun"= 0 (0x0)
"DisableCurrentUserRunOnce"= 0 (0x0)
"NoFile"= 0 (0x0)
"HideClock"= 0 (0x0)
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 4game-service;4game-service;c:\program files (x86)\4game\4game-service.exe;c:\program files (x86)\4game\4game-service.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ArcService;Arc Service;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe [x]
R3 cpuz134;cpuz134;c:\users\Panti\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\Panti\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 cpuz135;cpuz135;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 Ph3xIB64;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB64.sys;c:\windows\SYSNATIVE\DRIVERS\Ph3xIB64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys;c:\windows\SYSNATIVE\DRIVERS\s0016bus.sys [x]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mdfl.sys [x]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mdm.sys [x]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mgmt.sys [x]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s0016nd5.sys [x]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys;c:\windows\SYSNATIVE\DRIVERS\s0016obex.sys [x]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys;c:\windows\SYSNATIVE\DRIVERS\s0016unic.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R3 X6va014;X6va014;c:\windows\SysWOW64\Drivers\X6va014;c:\windows\SysWOW64\Drivers\X6va014 [x]
R3 X6va015;X6va015;c:\windows\SysWOW64\Drivers\X6va015;c:\windows\SysWOW64\Drivers\X6va015 [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
R4 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
R4 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 DCamUSBNovatek;USB2.0 HD UVC Camera;c:\windows\system32\Drivers\nvtcam.sys;c:\windows\SYSNATIVE\Drivers\nvtcam.sys [x]
S3 guillflt;Guillemot Audio Lower Filter;c:\windows\system32\DRIVERS\guillflt.sys;c:\windows\SYSNATIVE\DRIVERS\guillflt.sys [x]
S3 hxctlflt;hxctlflt;c:\windows\system32\Drivers\hxctlflt.sys;c:\windows\SYSNATIVE\Drivers\hxctlflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2013-10-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-28 20:54]
.
2013-10-08 c:\windows\Tasks\WpsUpdateTask_Panti.job
- c:\program files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [2012-09-03 16:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-05-24 10:28	244696	----a-w-	c:\users\Panti\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-05-24 10:28	244696	----a-w-	c:\users\Panti\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-05-24 10:28	244696	----a-w-	c:\users\Panti\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Mit Mipony herunterladen - file://c:\program files (x86)\MiPony\Browser\IEContext.htm
Trusted Zone: 4game.com
Trusted Zone: aeriagames.com
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\
FF - prefs.js: browser.startup.homepage - chrome://fvd.speeddial/content/fvd_about_blank.html
FF - ExtSQL: 2013-09-28 19:13; {000F1EA4-5E08-4564-A29B-29076F63A37A}; c:\users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
.
.
------- Dateityp-Verknüpfung -------
.
inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*
txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Akamai - c:\program files (x86)\Common Files\Akamai\uninstall.exe
AddRemove-BandiMPEG1 - c:\program files (x86)\BandiMPEG1\uninstall.exe
AddRemove-Nero - Burning Rom!UninstallKey - c:\program files (x86)\Nero\Nero 7\\nero\uninstall\UNNERO.exe
AddRemove-PunkBusterSvc - c:\program files (x86)\EA Games\Battlefield Heroes\pbsvc_heroes.exe
AddRemove-UltraBrowser a9699 - c:\users\Panti\AppData\Local\Temp\OCS\Downloads\705f49176579a643660bff5ff6ae3956\bc75ff7fa7c93911d66636932445c82f\UB200Setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va014]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va014"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va015]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va015"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{DFEFCDEE-CF1A-4FC8-88AD-129872198372}"=hex:51,66,7a,6c,4c,1d,38,12,80,ce,fc,
   db,28,81,a6,0a,f7,bb,51,d8,77,47,c7,66
"{11111111-1111-1111-1111-110211181110}"=hex:51,66,7a,6c,4c,1d,38,12,7f,12,02,
   15,23,5f,7f,54,6e,07,52,42,14,46,55,04
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
   1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
   36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{9B6B03F1-16CF-4491-BBBB-E872802DD717}"=hex:51,66,7a,6c,4c,1d,38,12,9f,00,78,
   9f,fd,58,ff,01,c4,ad,ab,32,85,73,93,03
"{E33CF602-D945-461A-83F0-819F76A199F8}"=hex:51,66,7a,6c,4c,1d,38,12,6c,f5,2f,
   e7,77,97,74,03,fc,e6,c2,df,73,ff,dd,ec
"{E9E8EB35-FF77-455D-B677-91E5E4FC06C2}"=hex:51,66,7a,6c,4c,1d,38,12,5b,e8,fb,
   ed,45,b1,33,00,c9,61,d2,a5,e1,a2,42,d6
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:20,ec,06,fd,e0,0c,ce,01
.
[HKEY_USERS\S-1-5-21-3609988531-2309053988-1203174479-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3609988531-2309053988-1203174479-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\3d559b07-551d-406d-a932-1b54bc57da14]
@Denied: (Full) (AuthenticatedUsers)
@Denied: (Full) (Administrators)
"16vokl5vmx5vz"=hex:65,38,32,31,34,63,37,35,2d,63,65,36,66,2d,34,63,36,30,2d,
   62,66,66,35,2d,62,37,30,39,37,30,36,32,62,33,30,66
"1hc5gun77bh40"=hex:65,00,00,00,f8,00,00,00,97,0e,7d,dd,50,61,6e,74,68,65,72,
   63,68,65,6e,00,00,00,00,00,75,4c,21,e8,6f,ce,60,4c,bf,f5,b7,09,70,62,b3,0f,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-10-08  15:12:18 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-10-08 13:12
.
Vor Suchlauf: 20 Verzeichnis(se), 307.706.855.424 Bytes frei
Nach Suchlauf: 26 Verzeichnis(se), 307.492.089.856 Bytes frei
.
- - End Of File - - F3CD10CA58D47337526ED1C657526B7B

--- --- ---
A36C5E4F47E84449FF07ED3517B43A31

Pantherchen · 08.10.2013, 14:31

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Panti (administrator) on PANTI-PC on 08-10-2013 15:14:21
Running from C:\Users\Panti\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-08] ()
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Panti\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKCU\...\Policies\Explorer: [NoSetTaskbar] 0
HKCU\...\Policies\Explorer: [NoDeletePrinter] 0
HKCU\...\Policies\Explorer: [NoDFSTab] 0
HKCU\...\Policies\Explorer: [NoChangeStartMenu] 0
HKCU\...\Policies\Explorer: [NoEncryptOnMove] 0
HKCU\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKCU\...\Policies\Explorer: [NoResolveSearch] 0
HKCU\...\Policies\Explorer: [NoHardwareTab] 0
HKCU\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-06-16] (Kaspersky Lab ZAO)
HKU\UpdatusUser\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-08] ()
HKU\UpdatusUser\...\Run: [Akamai NetSession Interface] - C:\Users\Panti\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA098058C93CDCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {578B0716-AC2D-438C-E57C-6F342B742C2A} URL = QVO6
SearchScopes: HKLM-x32 - {100FC86F-6E50-C21F-216D-4BC185BDC35A} URL = QVO6
SearchScopes: HKLM-x32 - {5230F8E7-9259-4305-B51A-C090D3E2096D} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1378712919604&tguid=66920-6787-1378712919604-F3E7F2539B469CEDA782D812367D0FB4&q={searchTerms}
SearchScopes: HKLM-x32 - {5230F8E7-9259-4305-B51A-C090D3E2096D}昀 URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1378712919604&tguid=66920-6787-1378712919604-F3E7F2539B469CEDA782D812367D0FB4&q={searchTerms}
SearchScopes: HKCU - 29E6287BFF0A4DB3B7B107085A23A93C URL = hxxp://search.fbdownloader.com/search.php?channel=sfde206&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {5230F8E7-9259-4305-B51A-C090D3E2096D} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1378712919604&tguid=66920-6787-1378712919604-F3E7F2539B469CEDA782D812367D0FB4&q={searchTerms}
SearchScopes: HKCU - {5230F8E7-9259-4305-B51A-C090D3E2096D}昀 URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1378712919604&tguid=66920-6787-1378712919604-F3E7F2539B469CEDA782D812367D0FB4&q={searchTerms}
SearchScopes: HKCU - {578B0716-AC2D-438C-E57C-6F342B742C2A} URL = QVO6
SearchScopes: HKCU - {877CD8CD-B2F4-49BF-801A-7E54BEEC5D54} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=407956&p={searchTerms}
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: CBAbzockschutz.InitToolbarBHO - {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll ()
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Webroot Vault - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default
FF NewTab: chrome://fvd.speeddial/content/fvd_about_blank.html
FF Homepage: chrome://fvd.speeddial/content/fvd_about_blank.html
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @4game.com/plugin - C:\Program Files (x86)\4game\npplugin4game.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll No File
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @eximion.com/KalydoPlayer - C:\Users\Panti\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll (Eximion B.V.)
FF Plugin HKCU: @gentek.com/thinclient - C:\IGG\twclient_us\npthinclient.dll No File
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll ()
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Panti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: TubeSaver - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\116
FF Extension: No Name - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com
FF Extension: No Name - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\pavel.sherbakov@gmail.com
FF Extension:     <em:name>SOE Web Installer - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
FF Extension: FoxLingo - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
FF Extension: google.button - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\google.button@mali37.net.xpi
FF Extension: langpack-de - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\langpack-de@firefox.mozilla.org.xpi
FF Extension: zoompage - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\zoompage@DW-dev.xpi
FF Extension: No Name - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Panti\AppData\Roaming\Mozilla\Firefox\Profiles\51222exo.default\Extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}.xpi
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: () - C:\Users\Panti\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\background.html
CHR Extension: (Plus-HD-3.8) - C:\Users\Panti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0
CHR HKLM\...\Chrome\Extension: [khldgopgjjapmbkgflpoclebjjmkmbnk] - C:\Program Files\Video downloader\source.crx
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [khldgopgjjapmbkgflpoclebjjmkmbnk] - C:\Program Files\Video downloader\source.crx
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88424 2013-09-05] (Perfect World Entertainment Inc)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-06-16] (Kaspersky Lab ZAO)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [8704 2013-07-19] (Ellora Assets Corp.)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [5110192 2012-10-24] (INCA Internet Co., Ltd.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-09-26] ()
R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [189248 2013-09-26] ()
S2 4game-service; "C:\Program Files (x86)\4game\4game-service.exe" [x]
S4 vToolbarUpdater15.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [x]

==================== Drivers (Whitelisted) ====================

S4 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-05-21] (AVG Technologies)
R3 DCamUSBNovatek; C:\Windows\System32\Drivers\nvtcam.sys [2754432 2011-07-07] (NTK)
R3 guillflt; C:\Windows\System32\DRIVERS\guillflt.sys [65024 2009-06-04] (Guillemot Corp S.A.)
R3 hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [111104 2009-02-09] (Guillemot Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [620128 2013-06-16] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29016 2012-10-25] (Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29528 2012-10-25] (Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-18] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-06-16] (Kaspersky Lab ZAO)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
S3 Ph3xIB64; C:\Windows\System32\DRIVERS\Ph3xIB64.sys [1627520 2009-06-10] (NXP Semiconductors)
S1 prodrv06; C:\Windows\SysWow64\drivers\prodrv06.sys [54272 2004-04-08] (Protection Technology)
S0 prohlp02; C:\Windows\SysWow64\drivers\prohlp02.sys [70400 2004-04-08] (Protection Technology)
S0 prosync1; C:\Windows\SysWow64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S0 sfhlp01; C:\Windows\SysWow64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz134; \??\C:\Users\Panti\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
S3 cpuz135; \??\C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [x]
U3 DfSdkS; 
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-06-16] (Kaspersky Lab ZAO)
S3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [x]
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [x]
S0 prohlp02; System32\drivers\prohlp02.sys [x]
S0 prosync1; System32\drivers\prosync1.sys [x]
S0 sfhlp01; System32\drivers\sfhlp01.sys [x]
U0 SR; 
U2 srservice; 
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 X6va014; \??\C:\Windows\SysWOW64\Drivers\X6va014 [x]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-08 15:12 - 2013-10-08 15:12 - 00034447 _____ C:\ComboFix.txt
2013-10-08 14:53 - 2013-10-08 15:12 - 00000000 ____D C:\Qoobox
2013-10-08 14:53 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-10-08 14:53 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-10-08 14:53 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-10-08 14:53 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-10-08 14:53 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-10-08 14:53 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-10-08 14:53 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-10-08 14:53 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-10-08 14:52 - 2013-10-08 15:11 - 00000000 ____D C:\Windows\erdnt
2013-10-08 14:50 - 2013-10-08 14:51 - 05132072 ____R (Swearware) C:\Users\Panti\Desktop\ComboFix.exe
2013-10-08 14:42 - 2013-10-08 14:44 - 00000000 ____D C:\AdwCleaner
2013-10-08 14:41 - 2013-10-08 14:42 - 01045226 _____ C:\Users\Panti\Desktop\adwcleaner.exe
2013-10-08 13:14 - 2013-10-08 13:15 - 00030634 _____ C:\Users\Panti\Desktop\Addition.txt
2013-10-08 13:10 - 2013-10-08 13:10 - 01954124 _____ (Farbar) C:\Users\Panti\Desktop\FRST64.exe
2013-10-08 09:42 - 2013-10-08 15:07 - 00057470 _____ C:\Windows\PFRO.log
2013-10-08 09:18 - 2013-10-08 09:19 - 00000000 ____D C:\ProgramData\CDB
2013-10-08 09:16 - 2013-10-08 09:22 - 00000162 _____ C:\Windows\Reimage.ini
2013-10-08 08:55 - 2013-10-08 08:55 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Malwarebytes
2013-10-08 08:55 - 2013-10-08 08:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-08 08:54 - 2013-10-08 08:54 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Panti\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-08 08:51 - 2013-10-08 08:56 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-10-08 08:48 - 2013-10-08 08:49 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Panti\Downloads\SpyHunter-Installer.exe
2013-10-08 08:39 - 2013-10-08 15:07 - 00000840 _____ C:\Windows\setupact.log
2013-10-08 08:39 - 2013-10-08 08:39 - 00000000 _____ C:\Windows\setuperr.log
2013-10-08 08:24 - 2013-10-08 08:24 - 00000000 ____D C:\FRST
2013-10-07 23:01 - 2013-10-07 23:12 - 00000000 ____D C:\Perfect World Entertainment
2013-10-07 22:20 - 2013-10-07 22:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-07 22:18 - 2013-10-07 22:19 - 00000000 ____D C:\Users\UpdatusUser.Panti-PC
2013-10-07 22:18 - 2013-10-07 22:18 - 00000020 ___SH C:\Users\UpdatusUser.Panti-PC\ntuser.ini
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Vorlagen
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Startmenü
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Netzwerkumgebung
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Lokale Einstellungen
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Eigene Dateien
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Druckumgebung
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Documents\Eigene Musik
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Documents\Eigene Bilder
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\AppData\Local\Verlauf
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\AppData\Local\Anwendungsdaten
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Anwendungsdaten
2013-10-07 22:18 - 2013-05-24 12:28 - 00002084 _____ C:\Users\UpdatusUser.Panti-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-10-07 22:18 - 2013-03-08 11:36 - 00000000 ____D C:\Users\UpdatusUser.Panti-PC\AppData\Roaming\TuneUp Software
2013-10-07 22:18 - 2012-12-21 15:07 - 00000000 ____D C:\Users\UpdatusUser.Panti-PC\AppData\Roaming\Macromedia
2013-10-07 22:18 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\UpdatusUser.Panti-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-07 22:18 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\UpdatusUser.Panti-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-07 22:13 - 2013-09-12 10:58 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 12947360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-07 22:13 - 2013-09-12 10:58 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-10-07 22:13 - 2013-09-12 10:58 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-07 22:13 - 2013-08-20 15:33 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-10-07 22:13 - 2013-08-20 15:32 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-10-07 22:13 - 2013-08-20 15:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-10-07 22:13 - 2013-06-16 14:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-10-07 22:13 - 2013-06-16 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-10-07 21:28 - 2013-10-07 21:28 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warframe
2013-10-07 16:53 - 2013-10-07 16:53 - 00000000 ____D C:\Program Files (x86)\EXPERTool
2013-10-07 16:53 - 2013-09-12 00:06 - 03361114 _____ C:\Windows\system32\nvcoproc.bin
2013-10-05 18:20 - 2013-10-05 19:25 - 00000000 ____D C:\Program Files (x86)\FirstRowSportApp.com
2013-10-05 18:20 - 2013-10-05 18:20 - 00000000 ____D C:\Program Files (x86)\FreeHDSport.TV
2013-10-05 14:34 - 2013-10-05 14:36 - 00000000 ____D C:\Users\Panti\Documents\PCSX2
2013-10-03 16:49 - 2013-10-03 16:50 - 00000000 ____D C:\Program Files (x86)\Project64 1.6
2013-10-03 16:49 - 2013-10-03 16:49 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
2013-10-03 11:03 - 2013-10-03 11:03 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MADFINGER Games
2013-10-03 11:02 - 2013-10-03 11:02 - 00000000 ____D C:\Program Files (x86)\MADFINGER Games
2013-10-02 20:12 - 2013-10-02 20:15 - 00000000 ____D C:\Users\Panti\AppData\Roaming\smc
2013-10-02 20:10 - 2013-10-02 20:11 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Secret Maryo Chronicles
2013-10-02 20:10 - 2013-10-02 20:10 - 00000000 ____D C:\Program Files (x86)\Secret Maryo Chronicles
2013-10-01 22:15 - 2013-10-01 22:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-01 19:27 - 2013-10-01 20:10 - 00000000 ____D C:\Program Files (x86)\Obscure
2013-10-01 18:19 - 2013-10-01 18:19 - 00000000 __SHD C:\ProgramData\SecuROM
2013-10-01 18:08 - 2013-10-01 18:08 - 00000000 ____D C:\Program Files (x86)\2K Games
2013-10-01 17:26 - 2013-10-01 17:26 - 00000000 ____D C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2013-09-28 17:36 - 2013-09-28 17:40 - 00000000 ____D C:\Users\Panti\AppData\Local\Origin
2013-09-28 07:26 - 2013-09-28 17:39 - 00000000 ____D C:\Program Files (x86)\Origin
2013-09-27 17:46 - 2013-09-27 17:46 - 00000000 ____D C:\Users\Panti\Documents\Electronic Arts
2013-09-27 12:43 - 2013-09-27 12:43 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2013-09-24 15:47 - 2013-09-24 15:47 - 00002166 _____ C:\Users\UpdatusUser\Desktop\Ubi Soft Product Registration.lnk
2013-09-24 15:43 - 2013-09-25 14:49 - 00000000 ____D C:\Program Files (x86)\Ubi Soft
2013-09-24 14:08 - 2013-09-24 14:08 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Call of Duty
2013-09-24 13:50 - 2013-09-26 09:18 - 00000000 ____D C:\Program Files (x86)\Call of Duty
2013-09-24 13:48 - 2013-09-29 16:26 - 00000766 _____ C:\Windows\CoD.INI
2013-09-24 12:58 - 2013-09-24 12:58 - 00000000 ____D C:\Users\Panti\AppData\Local\Wicked_Interactive_LTD
2013-09-23 20:10 - 2013-09-23 20:10 - 00000845 _____ C:\Users\UpdatusUser\Desktop\Crossfire Europe.lnk
2013-09-23 13:36 - 2013-09-23 13:40 - 00000000 ____D C:\Counter-Strike 2D
2013-09-23 11:36 - 2013-09-23 11:36 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IAHGames
2013-09-19 19:22 - 2013-09-19 19:22 - 00000000 ___HD C:\Users\Panti\Documents\Freemake_do_not_remove_this_folder635152153343906000
2013-09-19 16:42 - 2013-09-19 16:42 - 00000000 _____ C:\Windows\SysWOW64\FAP56D2.tmp
2013-09-19 16:42 - 2013-09-19 16:42 - 00000000 _____ C:\Windows\SysWOW64\FAP53A4.tmp
2013-09-19 16:42 - 2013-09-19 16:42 - 00000000 _____ C:\Windows\SysWOW64\FAP38E1.tmp
2013-09-19 16:42 - 2013-09-19 16:42 - 00000000 _____ C:\Windows\SysWOW64\FAP3526.tmp
2013-09-19 16:41 - 2013-09-19 16:41 - 00000000 _____ C:\Windows\SysWOW64\FAP5A4F.tmp
2013-09-19 16:41 - 2013-09-19 16:41 - 00000000 _____ C:\Windows\SysWOW64\FAP5618.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAPEB90.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAPEB00.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAPB33B.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAPB24E.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAP4F35.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAP4E68.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAPD1A1.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAPCF6D.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAPC404.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAPC23D.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAP911C.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAP90BC.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAP2A71.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAP2A00.tmp
2013-09-19 16:37 - 2013-09-19 16:37 - 00000000 _____ C:\Windows\SysWOW64\FAPE953.tmp
2013-09-19 16:37 - 2013-09-19 16:37 - 00000000 _____ C:\Windows\SysWOW64\FAPE885.tmp
2013-09-19 13:10 - 2013-09-19 14:22 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MgameEU
2013-09-19 12:00 - 2013-09-19 12:00 - 00000000 ____D C:\Users\Panti\AppData\Roaming\FEAR-Community.org
2013-09-18 21:40 - 2013-09-18 21:48 - 00004096 _____ C:\Users\Public\Documents\00001119.LCS
2013-09-18 21:39 - 2013-09-18 21:39 - 00000000 ____D C:\Users\Panti\AppData\Roaming\ProtectDisc
2013-09-18 10:34 - 2013-09-18 10:34 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks
2013-09-18 10:32 - 2013-09-18 10:47 - 00000000 ____D C:\Users\Panti\AppData\Local\Oblivion
2013-09-18 10:32 - 2013-09-18 10:32 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2013-09-17 09:54 - 2013-09-17 09:55 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-15 19:21 - 2013-09-15 19:21 - 00000000 ____D C:\Users\Panti\Documents\Firefall
2013-09-15 19:21 - 2013-09-15 19:21 - 00000000 ____D C:\Users\Panti\AppData\Local\Red 5 Studios
2013-09-15 16:04 - 2013-09-15 16:04 - 00000000 ____D C:\Program Files (x86)\Red 5 Studios
2013-09-15 13:53 - 2013-09-15 13:53 - 00000000 ____D C:\Users\Panti\AppData\Roaming\library_dir
2013-09-15 13:40 - 2013-09-15 14:40 - 00000000 ____D C:\Program Files (x86)\MicroVolts
2013-09-14 21:42 - 2013-09-14 21:42 - 00000000 ____D C:\Windows\pss
2013-09-14 21:18 - 2013-10-05 18:24 - 00000000 ____D C:\SG Interactive
2013-09-14 12:35 - 2013-09-14 12:35 - 00000000 ____D C:\Users\Panti\Documents\ACR
2013-09-14 12:24 - 2013-09-23 18:46 - 00000000 ____D C:\Program Files (x86)\ACR
2013-09-13 18:05 - 2013-09-27 16:29 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-09-13 17:45 - 2013-10-08 07:31 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-12 17:56 - 2013-09-23 21:18 - 00000000 _____ C:\dfu.log
2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-09-11 09:08 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 09:08 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 09:08 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 09:08 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 09:08 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 09:08 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 09:08 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 09:08 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 09:08 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 09:08 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 09:08 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-11 09:08 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 09:08 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 09:08 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 09:08 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 09:08 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 09:08 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-11 09:08 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 09:08 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 09:08 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-11 09:08 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 08:04 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 08:04 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 08:04 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 08:04 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 08:04 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 08:04 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 08:04 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 08:04 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 08:04 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 08:04 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 08:04 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 08:04 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 08:04 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 08:04 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 08:04 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 08:04 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 08:04 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 08:04 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 08:04 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 08:04 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 08:04 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 08:04 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 08:04 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 08:03 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 08:03 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 08:03 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-09 09:49 - 2013-08-13 08:38 - 00032328 _____ C:\Windows\Launcher.exe
2013-09-09 09:33 - 2013-09-09 09:33 - 00000000 ____D C:\Users\Panti\.thumb

==================== One Month Modified Files and Folders =======

2013-10-08 15:12 - 2013-10-08 15:12 - 00034447 _____ C:\ComboFix.txt
2013-10-08 15:12 - 2013-10-08 14:53 - 00000000 ____D C:\Qoobox
2013-10-08 15:12 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-10-08 15:11 - 2013-10-08 14:52 - 00000000 ____D C:\Windows\erdnt
2013-10-08 15:07 - 2013-10-08 09:42 - 00057470 _____ C:\Windows\PFRO.log
2013-10-08 15:07 - 2013-10-08 08:39 - 00000840 _____ C:\Windows\setupact.log
2013-10-08 15:07 - 2013-06-16 10:15 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-10-08 15:07 - 2012-11-29 16:45 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-08 15:07 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-08 15:07 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-10-08 15:06 - 2012-11-28 20:06 - 01880225 _____ C:\Windows\WindowsUpdate.log
2013-10-08 15:06 - 2009-07-14 04:34 - 66322432 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-10-08 15:06 - 2009-07-14 04:34 - 18874368 _____ C:\Windows\system32\config\SYSTEM.bak
2013-10-08 15:06 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2013-10-08 15:06 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2013-10-08 15:06 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2013-10-08 15:05 - 2012-12-08 00:25 - 00000000 ____D C:\Users\Panti\AppData\Local\PMB Files
2013-10-08 14:59 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-08 14:59 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-08 14:51 - 2013-10-08 14:50 - 05132072 ____R (Swearware) C:\Users\Panti\Desktop\ComboFix.exe
2013-10-08 14:44 - 2013-10-08 14:42 - 00000000 ____D C:\AdwCleaner
2013-10-08 14:44 - 2013-06-22 13:00 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Common
2013-10-08 14:44 - 2012-11-28 20:07 - 00000000 ___RD C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-08 14:42 - 2013-10-08 14:41 - 01045226 _____ C:\Users\Panti\Desktop\adwcleaner.exe
2013-10-08 14:38 - 2012-11-28 21:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-08 14:29 - 2012-11-29 10:21 - 00000374 _____ C:\Windows\Tasks\WpsUpdateTask_Panti.job
2013-10-08 14:14 - 2013-08-15 20:28 - 00000000 ____D C:\Users\Panti\AppData\Local\Warframe
2013-10-08 13:15 - 2013-10-08 13:14 - 00030634 _____ C:\Users\Panti\Desktop\Addition.txt
2013-10-08 13:10 - 2013-10-08 13:10 - 01954124 _____ (Farbar) C:\Users\Panti\Desktop\FRST64.exe
2013-10-08 09:22 - 2013-10-08 09:16 - 00000162 _____ C:\Windows\Reimage.ini
2013-10-08 09:19 - 2013-10-08 09:18 - 00000000 ____D C:\ProgramData\CDB
2013-10-08 08:56 - 2013-10-08 08:51 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-10-08 08:55 - 2013-10-08 08:55 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Malwarebytes
2013-10-08 08:55 - 2013-10-08 08:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-08 08:54 - 2013-10-08 08:54 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Panti\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-08 08:49 - 2013-10-08 08:48 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Panti\Downloads\SpyHunter-Installer.exe
2013-10-08 08:39 - 2013-10-08 08:39 - 00000000 _____ C:\Windows\setuperr.log
2013-10-08 08:24 - 2013-10-08 08:24 - 00000000 ____D C:\FRST
2013-10-08 07:31 - 2013-09-13 17:45 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-07 23:55 - 2012-12-29 10:39 - 00000000 ___RD C:\Users\Panti\Desktop\Spiele
2013-10-07 23:12 - 2013-10-07 23:01 - 00000000 ____D C:\Perfect World Entertainment
2013-10-07 22:22 - 2012-11-29 16:45 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-07 22:22 - 2012-11-29 16:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-10-07 22:20 - 2013-10-07 22:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-07 22:20 - 2012-11-29 16:42 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-10-07 22:19 - 2013-10-07 22:18 - 00000000 ____D C:\Users\UpdatusUser.Panti-PC
2013-10-07 22:18 - 2013-10-07 22:18 - 00000020 ___SH C:\Users\UpdatusUser.Panti-PC\ntuser.ini
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Vorlagen
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Startmenü
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Netzwerkumgebung
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Lokale Einstellungen
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Eigene Dateien
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Druckumgebung
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Documents\Eigene Musik
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Documents\Eigene Bilder
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\AppData\Local\Verlauf
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\AppData\Local\Anwendungsdaten
2013-10-07 22:18 - 2013-10-07 22:18 - 00000000 _SHDL C:\Users\UpdatusUser.Panti-PC\Anwendungsdaten
2013-10-07 21:29 - 2012-11-28 21:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-07 21:28 - 2013-10-07 21:28 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warframe
2013-10-07 17:11 - 2012-12-21 10:34 - 00000000 ____D C:\Users\Panti\AppData\Roaming\NVIDIA
2013-10-07 16:53 - 2013-10-07 16:53 - 00000000 ____D C:\Program Files (x86)\EXPERTool
2013-10-05 19:25 - 2013-10-05 18:20 - 00000000 ____D C:\Program Files (x86)\FirstRowSportApp.com
2013-10-05 18:26 - 2013-01-23 09:32 - 00003583 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-10-05 18:24 - 2013-09-14 21:18 - 00000000 ____D C:\SG Interactive
2013-10-05 18:20 - 2013-10-05 18:20 - 00000000 ____D C:\Program Files (x86)\FreeHDSport.TV
2013-10-05 14:36 - 2013-10-05 14:34 - 00000000 ____D C:\Users\Panti\Documents\PCSX2
2013-10-05 13:52 - 2012-11-29 16:29 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-10-05 13:52 - 2012-11-29 16:29 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-10-03 20:27 - 2012-11-28 21:59 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Skype
2013-10-03 16:50 - 2013-10-03 16:49 - 00000000 ____D C:\Program Files (x86)\Project64 1.6
2013-10-03 16:49 - 2013-10-03 16:49 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
2013-10-03 11:03 - 2013-10-03 11:03 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MADFINGER Games
2013-10-03 11:02 - 2013-10-03 11:02 - 00000000 ____D C:\Program Files (x86)\MADFINGER Games
2013-10-02 20:15 - 2013-10-02 20:12 - 00000000 ____D C:\Users\Panti\AppData\Roaming\smc
2013-10-02 20:11 - 2013-10-02 20:10 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Secret Maryo Chronicles
2013-10-02 20:10 - 2013-10-02 20:10 - 00000000 ____D C:\Program Files (x86)\Secret Maryo Chronicles
2013-10-02 07:14 - 2013-04-09 08:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-01 22:17 - 2012-11-28 20:14 - 00000000 ____D C:\Users\Panti\AppData\Local\Mozilla
2013-10-01 22:15 - 2013-10-01 22:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-01 20:10 - 2013-10-01 19:27 - 00000000 ____D C:\Program Files (x86)\Obscure
2013-10-01 18:19 - 2013-10-01 18:19 - 00000000 __SHD C:\ProgramData\SecuROM
2013-10-01 18:08 - 2013-10-01 18:08 - 00000000 ____D C:\Program Files (x86)\2K Games
2013-10-01 17:41 - 2013-07-31 12:13 - 00000000 ____D C:\Users\Panti\Documents\My Games
2013-10-01 17:26 - 2013-10-01 17:26 - 00000000 ____D C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2013-09-30 21:12 - 2012-12-28 21:22 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-09-29 16:26 - 2013-09-24 13:48 - 00000766 _____ C:\Windows\CoD.INI
2013-09-28 17:40 - 2013-09-28 17:36 - 00000000 ____D C:\Users\Panti\AppData\Local\Origin
2013-09-28 17:40 - 2012-12-08 09:39 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Origin
2013-09-28 17:40 - 2012-12-08 09:36 - 00000000 ____D C:\ProgramData\Origin
2013-09-28 17:39 - 2013-09-28 07:26 - 00000000 ____D C:\Program Files (x86)\Origin
2013-09-28 07:26 - 2013-01-07 12:20 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-09-28 07:26 - 2013-01-07 12:20 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-09-27 17:46 - 2013-09-27 17:46 - 00000000 ____D C:\Users\Panti\Documents\Electronic Arts
2013-09-27 16:29 - 2013-09-13 18:05 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-09-27 16:26 - 2012-11-28 23:53 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eFusion
2013-09-27 12:43 - 2013-09-27 12:43 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2013-09-26 19:12 - 2012-12-08 11:08 - 00189248 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-09-26 19:11 - 2012-12-08 11:08 - 00189248 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-09-26 19:11 - 2012-12-08 11:08 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-09-26 09:18 - 2013-09-24 13:50 - 00000000 ____D C:\Program Files (x86)\Call of Duty
2013-09-25 14:55 - 2013-01-10 13:36 - 00002201 _____ C:\Users\UpdatusUser\Desktop\Ubisoft Product Registration.lnk
2013-09-25 14:49 - 2013-09-24 15:43 - 00000000 ____D C:\Program Files (x86)\Ubi Soft
2013-09-24 15:47 - 2013-09-24 15:47 - 00002166 _____ C:\Users\UpdatusUser\Desktop\Ubi Soft Product Registration.lnk
2013-09-24 14:08 - 2013-09-24 14:08 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Call of Duty
2013-09-24 14:08 - 2013-01-04 17:39 - 00000950 _____ C:\Users\UpdatusUser\Desktop\Call of Duty Mehrspieler.lnk
2013-09-24 14:08 - 2013-01-04 17:39 - 00000950 _____ C:\Users\UpdatusUser\Desktop\Call of Duty Einzelspieler.lnk
2013-09-24 12:58 - 2013-09-24 12:58 - 00000000 ____D C:\Users\Panti\AppData\Local\Wicked_Interactive_LTD
2013-09-23 21:18 - 2013-09-12 17:56 - 00000000 _____ C:\dfu.log
2013-09-23 21:17 - 2013-02-16 11:30 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2013-09-23 20:10 - 2013-09-23 20:10 - 00000845 _____ C:\Users\UpdatusUser\Desktop\Crossfire Europe.lnk
2013-09-23 19:17 - 2012-12-08 00:25 - 00000000 ____D C:\ProgramData\PMB Files
2013-09-23 18:46 - 2013-09-14 12:24 - 00000000 ____D C:\Program Files (x86)\ACR
2013-09-23 13:40 - 2013-09-23 13:36 - 00000000 ____D C:\Counter-Strike 2D
2013-09-23 12:20 - 2011-04-12 09:43 - 00707088 _____ C:\Windows\system32\perfh007.dat
2013-09-23 12:20 - 2011-04-12 09:43 - 00152680 _____ C:\Windows\system32\perfc007.dat
2013-09-23 12:20 - 2009-07-14 07:13 - 01641292 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-23 11:51 - 2012-12-28 13:42 - 00000000 ____D C:\Users\Panti\AppData\Local\CSO
2013-09-23 11:40 - 2012-11-28 22:26 - 00000000 ____D C:\Users\Panti\AppData\Local\Akamai
2013-09-23 11:36 - 2013-09-23 11:36 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IAHGames
2013-09-20 11:17 - 2012-12-29 14:38 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2013-09-20 11:17 - 2012-12-29 12:49 - 00000000 ____D C:\Program Files (x86)\AVA-DE
2013-09-19 22:54 - 2012-11-28 21:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-19 22:54 - 2012-11-28 21:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-19 22:54 - 2012-11-28 21:15 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-19 19:22 - 2013-09-19 19:22 - 00000000 ___HD C:\Users\Panti\Documents\Freemake_do_not_remove_this_folder635152153343906000
2013-09-19 16:42 - 2013-09-19 16:42 - 00000000 _____ C:\Windows\SysWOW64\FAP56D2.tmp
2013-09-19 16:42 - 2013-09-19 16:42 - 00000000 _____ C:\Windows\SysWOW64\FAP53A4.tmp
2013-09-19 16:42 - 2013-09-19 16:42 - 00000000 _____ C:\Windows\SysWOW64\FAP38E1.tmp
2013-09-19 16:42 - 2013-09-19 16:42 - 00000000 _____ C:\Windows\SysWOW64\FAP3526.tmp
2013-09-19 16:41 - 2013-09-19 16:41 - 00000000 _____ C:\Windows\SysWOW64\FAP5A4F.tmp
2013-09-19 16:41 - 2013-09-19 16:41 - 00000000 _____ C:\Windows\SysWOW64\FAP5618.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAPEB90.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAPEB00.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAPB33B.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAPB24E.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAP4F35.tmp
2013-09-19 16:40 - 2013-09-19 16:40 - 00000000 _____ C:\Windows\SysWOW64\FAP4E68.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAPD1A1.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAPCF6D.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAPC404.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAPC23D.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAP911C.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAP90BC.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAP2A71.tmp
2013-09-19 16:38 - 2013-09-19 16:38 - 00000000 _____ C:\Windows\SysWOW64\FAP2A00.tmp
2013-09-19 16:37 - 2013-09-19 16:37 - 00000000 _____ C:\Windows\SysWOW64\FAPE953.tmp
2013-09-19 16:37 - 2013-09-19 16:37 - 00000000 _____ C:\Windows\SysWOW64\FAPE885.tmp
2013-09-19 14:22 - 2013-09-19 13:10 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MgameEU
2013-09-19 12:00 - 2013-09-19 12:00 - 00000000 ____D C:\Users\Panti\AppData\Roaming\FEAR-Community.org
2013-09-19 10:02 - 2012-12-06 11:21 - 00000000 ____D C:\Users\Panti\AppData\Roaming\Opera
2013-09-18 21:48 - 2013-09-18 21:40 - 00004096 _____ C:\Users\Public\Documents\00001119.LCS
2013-09-18 21:39 - 2013-09-18 21:39 - 00000000 ____D C:\Users\Panti\AppData\Roaming\ProtectDisc
2013-09-18 10:47 - 2013-09-18 10:32 - 00000000 ____D C:\Users\Panti\AppData\Local\Oblivion
2013-09-18 10:34 - 2013-09-18 10:34 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks
2013-09-18 10:32 - 2013-09-18 10:32 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2013-09-17 09:55 - 2013-09-17 09:54 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-15 19:21 - 2013-09-15 19:21 - 00000000 ____D C:\Users\Panti\Documents\Firefall
2013-09-15 19:21 - 2013-09-15 19:21 - 00000000 ____D C:\Users\Panti\AppData\Local\Red 5 Studios
2013-09-15 16:04 - 2013-09-15 16:04 - 00000000 ____D C:\Program Files (x86)\Red 5 Studios
2013-09-15 14:40 - 2013-09-15 13:40 - 00000000 ____D C:\Program Files (x86)\MicroVolts
2013-09-15 13:53 - 2013-09-15 13:53 - 00000000 ____D C:\Users\Panti\AppData\Roaming\library_dir
2013-09-14 21:42 - 2013-09-14 21:42 - 00000000 ____D C:\Windows\pss
2013-09-14 20:10 - 2012-11-29 19:57 - 00000000 ____D C:\Download
2013-09-14 15:25 - 2012-12-08 01:24 - 00001107 _____ C:\Users\UpdatusUser\Desktop\BlackShot.lnk
2013-09-14 12:35 - 2013-09-14 12:35 - 00000000 ____D C:\Users\Panti\Documents\ACR
2013-09-14 10:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-13 22:46 - 2013-07-22 15:34 - 00000000 ____D C:\Nexon
2013-09-13 17:45 - 2012-11-28 20:06 - 00000000 ____D C:\Users\Panti
2013-09-13 16:41 - 2012-12-08 14:23 - 00283032 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-09-12 17:56 - 2012-11-28 19:58 - 00000000 ____D C:\Windows\Panther
2013-09-12 10:58 - 2013-10-07 22:13 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 12947360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-12 10:58 - 2013-10-07 22:13 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-09-12 10:58 - 2013-10-07 22:13 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-09-12 10:58 - 2013-02-19 22:32 - 15901448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-09-12 10:58 - 2013-02-19 22:32 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-09-12 10:58 - 2013-02-19 22:32 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-09-12 10:58 - 2012-11-29 16:44 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-09-12 10:58 - 2012-11-29 16:44 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-09-12 10:58 - 2012-11-29 16:43 - 00022814 _____ C:\Windows\system32\nvinfo.pb
2013-09-12 09:25 - 2012-11-29 16:45 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-09-12 09:25 - 2012-11-29 16:45 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-09-12 09:25 - 2012-11-29 16:45 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-09-12 09:25 - 2012-11-29 16:45 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-09-12 09:25 - 2012-11-29 16:45 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-09-12 09:25 - 2012-11-29 16:45 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-09-12 00:06 - 2013-10-07 16:53 - 03361114 _____ C:\Windows\system32\nvcoproc.bin
2013-09-11 09:14 - 2012-11-28 20:07 - 00000000 ___RD C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-11 09:12 - 2009-07-14 06:45 - 00285696 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-11 09:08 - 2013-09-03 22:44 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 09:02 - 2012-11-29 13:01 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-09 09:49 - 2012-11-28 20:08 - 00001425 _____ C:\Users\Panti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-09 09:33 - 2013-09-09 09:33 - 00000000 ____D C:\Users\Panti\.thumb
2013-09-09 07:39 - 2013-06-21 13:47 - 00000000 ____D C:\Program Files\CCleaner
2013-09-08 23:36 - 2012-12-12 21:25 - 00015360 ____H C:\Users\Panti\Desktop\photothumb.db

Files to move or delete:
====================
C:\ProgramData\hash.dat
C:\Users\Panti\jagex_cl_runescape_LIVE.dat
C:\Users\Panti\jagex_cl_runescape_LIVE1.dat
C:\Users\Panti\random.dat


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-01 08:26

==================== End Of Log ============================

--- --- ---

--- --- ---
so ^^

Dankeschön für deine hilfe

aharonov · 09.10.2013, 21:55

Wie läuft der Rechner jetzt?

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

SearchScopes: HKLM - {578B0716-AC2D-438C-E57C-6F342B742C2A} URL = QVO6
SearchScopes: HKLM-x32 - {100FC86F-6E50-C21F-216D-4BC185BDC35A} URL = QVO6
SearchScopes: HKLM-x32 - {5230F8E7-9259-4305-B51A-C090D3E2096D} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1378712919604&tguid=66920-6787-1378712919604-F3E7F2539B469CEDA782D812367D0FB4&q={searchTerms}
SearchScopes: HKLM-x32 - {5230F8E7-9259-4305-B51A-C090D3E2096D}昀 URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1378712919604&tguid=66920-6787-1378712919604-F3E7F2539B469CEDA782D812367D0FB4&q={searchTerms}
SearchScopes: HKCU - 29E6287BFF0A4DB3B7B107085A23A93C URL = hxxp://search.fbdownloader.com/search.php?channel=sfde206&q={searchTerms}
SearchScopes: HKCU - {5230F8E7-9259-4305-B51A-C090D3E2096D} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1378712919604&tguid=66920-6787-1378712919604-F3E7F2539B469CEDA782D812367D0FB4&q={searchTerms}
SearchScopes: HKCU - {5230F8E7-9259-4305-B51A-C090D3E2096D}昀 URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1378712919604&tguid=66920-6787-1378712919604-F3E7F2539B469CEDA782D812367D0FB4&q={searchTerms}
SearchScopes: HKCU - {578B0716-AC2D-438C-E57C-6F342B742C2A} URL = QVO6
BHO-x32: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll ()
C:\ProgramData\DNSErrorHelper
S4 vToolbarUpdater15.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [x]
C:\Users\Panti\random.dat
C:\ProgramData\hash.dat

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

Öffne das Programm Malwarebytes Anti-Malware.
Vista und Win7 User mit Rechtsklick "als Administrator starten".
Klicke auf Aktualisierung --> Suche nach Aktualisierung.
Wenn das Update beendet wurde, aktiviere im Reiter Suchlauf die Option Quick-Scan durchführen und drücke auf Scannen.
Wenn der Scan fertig ist, klicke auf Ergebnisse anzeigen.
Versichere dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
Nachträglich kannst du den Bericht unter dem Reiter Logdateien finden.

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 4

Downloade dir bitte

Farbar Service Scanner

Starte das Tool mit Doppelklick auf die FSS.exe
Gehe sicher, dass folgende Optionen angehakt sind.
- Internet Services
- Windows Firewall
- System Restore
- Security Center/Action Center
- Windows Update
- Windows Defender
- Other Services
Klicke auf Scan.
Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.

aharonov · 16.10.2013, 12:25

Hi,

ich hab schon länger keine Antwort mehr von dir erhalten. Brauchst du weiterhin noch Hilfe?

Wenn ich in den nächsten 24 Stunden nichts von dir höre, gehe ich davon aus, dass sich das Thema erledigt hat und lösche es aus meinen Abos.

aharonov · 22.10.2013, 20:55

Fehlende Rückmeldung
Dieses Thema wurde aus meinen Abos gelöscht. Somit bekomme ich keine Benachrichtigung mehr über neue Antworten.
Schreib mir eine PM, falls du das Thema doch wieder fortsetzen möchtest. Dann machen wir hier weiter.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass dein Rechner schon sauber ist.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.

08.10.2013, 13:23	#7
aharonov /// TB-Ausbilder	Problemm mit hxxp://www_getwindowinfo/ Ok, dann mach einfach mit dem nächsten weiter. __________________ cheers, Leo

16.10.2013, 12:25	#11
aharonov /// TB-Ausbilder	Problemm mit hxxp://www_getwindowinfo/ Hi, ich hab schon länger keine Antwort mehr von dir erhalten. Brauchst du weiterhin noch Hilfe? Wenn ich in den nächsten 24 Stunden nichts von dir höre, gehe ich davon aus, dass sich das Thema erledigt hat und lösche es aus meinen Abos. __________________ cheers, Leo

Problemm mit hxxp://www_getwindowinfo/

Log-Analyse und Auswertung: Problemm mit hxxp://www_getwindowinfo/