| |
| |||||||
Log-Analyse und Auswertung: Windows 7 | Tab/Fensterwechsel, nach 10sek kurzer FreezeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
28.03.2014, 13:18
| #1 |
| |  Windows 7 | Tab/Fensterwechsel, nach 10sek kurzer Freeze Also, wie der Titel vielleicht vermuten lässt, habe ich das Problem, das sobald ich ein anderes Video auf Youtube, oder ein Spiel etc öffne, nach 10sek ein freeze folgt. Je nach dem was ich spiele, kommen zwischendurch Freez' vor. Der Freeze ist nur eine halbe Sekunde lang, geht aber doch nerven. Besonders wenn man bedenkt, das es vor 2 Tagen noch nicht so war. Habe auch schon CCleaner, den vom Forum empfohlen Malware Scanner und mehrere Male eine Defragmentierung laufen lassen. Habe auch schon einen FRST-Scan gemacht. Hier die Logdaten: FRST: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Max (administrator) on SUPERNOVA on 28-03-2014 12:57:28
Running from C:\Users\Max\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
() C:\Program Files (x86)\puush\puush.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\SndVol.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-25] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-19\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-252815299-2609012233-3364361215-1000\...\Run: [puush] - C:\Program Files (x86)\puush\puush.exe [567880 2014-02-26] ()
HKU\S-1-5-21-252815299-2609012233-3364361215-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-252815299-2609012233-3364361215-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-252815299-2609012233-3364361215-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-252815299-2609012233-3364361215-1000\...\MountPoints2: {7906024b-df8b-11e0-8ea0-806e6f6e6963} - E:\Launcher.exe
AppInit_DLLs-x32: C:\PROGRA~3\Wincert\WIN32C~1.DLL => "C:\PROGRA~3\Wincert\WIN32C~1.DLL" File Not Found
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
==================== Internet (Whitelisted) ====================
URLSearchHook: HKLM-x32 - Default Value = {3B81079D-2AC9-425f-A494-A1C7D93AFA3C}
URLSearchHook: HKCU - (No Name) - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {71B15D21-1CAB-4589-9EED-99B186FEF4FF} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - {71B15D21-1CAB-4589-9EED-99B186FEF4FF} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - {42D7884D-418B-496B-8C5E-FE39C4AF6E01} URL = hxxp://de.search.yahoo.com/search?ei=utf-8&fr=chr-greentree_ie&type=827316&ilc=12&p={searchTerms}
SearchScopes: HKCU - {71B15D21-1CAB-4589-9EED-99B186FEF4FF} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {753E1201-5CEA-41AD-88EA-DD3D2E810D7D} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3227980
SearchScopes: HKCU - {9BC6950A-1E45-43B5-B296-14D031C2FF0B} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=E2D02D8F-1314-45D5-8598-E4AABAFEFDC0&apn_sauid=3043A45E-016E-47CE-86C6-771AF20C0CF0
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - {FAD9379F-F361-4ADB-B5B8-311DFEC6BB94} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2247187
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - No Name - !{26647ca4-a2a7-4eac-8a72-761aa9141de7} - No File
Toolbar: HKLM - No Name - !{3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - No File
Toolbar: HKLM - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - No File
Toolbar: HKLM - No Name - !{707db484-2428-402d-afb5-d85b387544c7} - No File
Toolbar: HKLM - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM - No Name - !{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No File
Toolbar: HKLM - No Name - !{c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File
Toolbar: HKLM - No Name - !{DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No File
Toolbar: HKLM - No Name - !{DFEFCDEE-CF1A-4FC8-89AF-189327213627} - No File
Toolbar: HKLM-x32 - No Name - !{26647ca4-a2a7-4eac-8a72-761aa9141de7} - No File
Toolbar: HKLM-x32 - No Name - !{3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - No File
Toolbar: HKLM-x32 - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - No File
Toolbar: HKLM-x32 - No Name - !{707db484-2428-402d-afb5-d85b387544c7} - No File
Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - No Name - !{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No File
Toolbar: HKLM-x32 - No Name - !{c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File
Toolbar: HKLM-x32 - No Name - !{DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No File
Toolbar: HKLM-x32 - No Name - !{DFEFCDEE-CF1A-4FC8-89AF-189327213627} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {26647CA4-A2A7-4EAC-8A72-761AA9141DE7} - No File
Toolbar: HKCU - No Name - {474DCBF4-0DB1-4C6A-A014-1C2544E82698} - No File
Toolbar: HKCU - No Name - {707DB484-2428-402D-AFB5-D85B387544C7} - No File
Toolbar: HKCU - No Name - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-09-15] (EasyBits Software Corp.)
Hosts: 127.0.0.1 cadb.nflavor.com
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\kjfzlluk.default
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.2.1 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.2.1 - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Max\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\kjfzlluk.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-25]
FF Extension: Adblock Plus - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\kjfzlluk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-06-18]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2012-05-08]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2012-05-08]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2012-09-19]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-03-03]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-05-10]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-05-10]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-05-10]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-05-10]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-05-10]
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Extension: (ProxTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2012-08-25]
CHR Extension: (Max - Tom) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\afojndljdhnnonodcgbpkadmmmenpalp [2014-01-31]
CHR Extension: (Angry Birds) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-10-19]
CHR Extension: (Google Drive) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-10]
CHR Extension: (YouTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-10]
CHR Extension: (Umineko No Naku Koro Ni) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\cenhmdbdlikfoghldekhnfgkmdffojdk [2013-09-23]
CHR Extension: (Google Search) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-10]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-03-26]
CHR Extension: (AdBlock) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-09-24]
CHR Extension: (Dragon - Max) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkhngagbpeeckkcchocjacbginlafhne [2013-08-08]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-03-26]
CHR Extension: (Konochan) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoomppjijcipepcjaeeboagogoajocjh [2013-09-23]
CHR Extension: (Virtuelle Tastatur) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-03-26]
CHR Extension: (Website Logon) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe [2014-03-26]
CHR Extension: (Skype Click to Call) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-16]
CHR Extension: (DvdVideoSoft Free Youtube Download) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2014-03-26]
CHR Extension: (Google Wallet) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Mein Chrome-Design) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2013-07-14]
CHR Extension: (Max - Rammstein (1)) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogleioplphbkikodongmejkafhakhbeh [2014-02-12]
CHR Extension: (Gmail) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-10]
CHR Extension: (Anti-Banner) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-03-26]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Max\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-09-30]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-08-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-08-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-08-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-08-17]
CHR HKLM-x32\...\Chrome\Extension: [jpgfhihjicjofdejkbjgnjlaglaciobe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-06-03]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-08-17]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-03-03] (Adobe Systems)
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-01-24] (Perfect World Entertainment Inc)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] ()
R2 hasplms; C:\Windows\system32\hasplms.exe [4889032 2011-12-30] (SafeNet Inc.)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [61916000 2011-04-23] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-06] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-26] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [123664 2012-08-25] (SANDBOXIE L.T.D)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [428384 2011-04-23] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S3 AVEO; C:\Windows\System32\DRIVERS\AVEOdcnt.sys [305920 2011-10-24] (AVEO)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-11] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-05-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-05-10] (Kaspersky Lab ZAO)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-09-15] ()
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [70400 2004-04-08] (Protection Technology)
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202632 2012-08-25] (SANDBOXIE L.T.D)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [X]
S3 RtlProt; \??\C:\Windows\System32\Drivers\RtlProt.sys [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-28 12:57 - 2014-03-28 12:57 - 00028184 _____ () C:\Users\Max\Downloads\FRST.txt
2014-03-28 12:57 - 2014-03-28 12:57 - 00000000 ____D () C:\FRST
2014-03-28 12:55 - 2014-03-28 12:55 - 02157056 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe
2014-03-28 11:24 - 2014-03-28 12:56 - 00000000 ____D () C:\Users\Max\Desktop\Ebay-Kleinanzeigen
2014-03-28 10:29 - 2014-03-28 10:32 - 05140176 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-28 10:29 - 2014-03-28 10:30 - 00000168 _____ () C:\Windows\setupact.log
2014-03-28 10:29 - 2014-03-28 10:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-28 10:16 - 2014-03-28 10:16 - 00135552 _____ () C:\Users\Max\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-28 00:08 - 2014-03-28 00:11 - 00000000 ____D () C:\AdwCleaner
2014-03-28 00:08 - 2014-03-28 00:08 - 01950720 _____ () C:\Users\Max\Downloads\adwcleaner.exe
2014-03-28 00:02 - 2014-03-28 00:02 - 00001423 _____ () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-27 23:55 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-03-27 23:53 - 2014-03-27 23:55 - 00001270 _____ () C:\Windows\system32\Commander David wollte ein 1vs1 und war als Techniker in ner Flotten Dreadnought Galaxy gegen meinen BoP immer kurz vor'm krepieren - lol - am Ende hatte ich nen Disconnect - schade - Commander David h..lnk
2014-03-27 23:52 - 2014-03-27 23:52 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-27 23:52 - 2014-03-27 23:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-27 23:52 - 2014-03-27 23:52 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-27 23:52 - 2014-03-27 23:52 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-27 23:52 - 2014-03-27 23:52 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-27 23:52 - 2014-03-27 23:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-27 23:52 - 2014-03-27 23:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-27 23:52 - 2014-03-27 23:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-27 23:52 - 2014-03-27 23:52 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-27 23:52 - 2014-03-27 23:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-27 23:52 - 2014-03-27 23:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-27 23:48 - 2014-03-27 23:48 - 00613200 _____ (Chip Digital GmbH) C:\Users\Max\Downloads\Internet Explorer 11 64 Bit - CHIP-Downloader.exe
2014-03-27 23:34 - 2014-03-27 23:34 - 00001224 _____ () C:\Users\Max\Documents\cc_20140327_233406.reg
2014-03-27 23:29 - 2014-03-27 23:29 - 00017648 _____ () C:\Users\Max\Documents\cc_20140327_232909.reg
2014-03-27 23:28 - 2014-03-27 23:28 - 00037148 _____ () C:\Users\Max\Documents\cc_20140327_232850.reg
2014-03-27 23:20 - 2014-03-27 23:20 - 04853880 _____ (Systweak Inc ) C:\Users\Max\Downloads\rcpsetup_2005.exe
2014-03-27 23:14 - 2014-03-27 23:30 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-03-27 23:14 - 2014-03-27 23:14 - 02365840 _____ () C:\Users\Max\Downloads\SecurityTaskManager_Setup.exe
2014-03-27 23:14 - 2014-03-27 23:14 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager
2014-03-27 19:00 - 2014-03-27 19:00 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Malwarebytes
2014-03-27 19:00 - 2014-03-27 19:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-27 19:00 - 2014-03-27 19:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-27 19:00 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-27 18:56 - 2014-03-27 18:56 - 03098210 _____ () C:\Users\Max\Downloads\tweaking.com_windows_repair_aio.zip
2014-03-26 13:46 - 2014-03-26 13:47 - 27998329 _____ () C:\Users\Max\Downloads\WoT_7.5_Sounds.zip
2014-03-25 21:09 - 2014-03-25 21:09 - 03667522 _____ () C:\Users\Max\Documents\AutoRuns.arn
2014-03-25 21:04 - 2014-03-25 21:04 - 00550371 _____ () C:\Users\Max\Downloads\Autoruns.zip
2014-03-21 16:55 - 2014-03-21 16:57 - 68950680 _____ (SiSoftware ) C:\Users\Max\Downloads\san2021.exe
2014-03-18 15:23 - 2014-03-18 15:23 - 00249613 _____ () C:\Users\Max\Downloads\nvidiaInspector.zip
2014-03-14 17:07 - 2014-03-14 17:07 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Awesomium
2014-03-14 10:12 - 2014-03-14 10:12 - 00000000 ____D () C:\Users\Max\Documents\Elder Scrolls Online
2014-03-14 10:12 - 2014-03-14 10:12 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-03-13 14:07 - 2014-03-13 14:07 - 00000000 ____D () C:\Users\Max\AppData\Local\Skype
2014-03-12 15:08 - 2014-03-14 10:54 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online
2014-03-12 15:07 - 2014-03-12 15:08 - 55903624 _____ ( ) C:\Users\Max\Downloads\Install_ESO_Beta.exe
2014-03-12 14:22 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 14:22 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 14:22 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 14:22 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 14:22 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 14:22 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 14:22 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 14:22 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-11 19:58 - 2014-03-11 19:58 - 00821760 _____ (NVIDIA Corporation) C:\Users\Max\Downloads\NVIDIA SSAA.exe
2014-03-11 19:55 - 2014-03-04 12:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-11 19:51 - 2014-03-04 15:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-11 19:51 - 2014-03-04 15:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 00484296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 00409544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 00377688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-11 19:51 - 2014-03-04 15:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-10 20:47 - 2014-03-10 20:47 - 14325662 _____ (diclovit ) C:\Users\Max\Downloads\dmp_1.10.4_setup.exe
2014-03-10 16:36 - 2014-03-10 16:36 - 00613200 _____ (Chip Digital GmbH) C:\Users\Max\Downloads\GPU Z - CHIP-Downloader.exe
2014-03-08 14:49 - 2014-03-23 18:16 - 00000000 ____D () C:\Users\Max\AppData\Roaming\IrfanView
2014-03-08 14:48 - 2014-03-08 14:48 - 02179728 _____ (Irfan Skiljan) C:\Users\Max\Downloads\iview437g_setup.exe
2014-03-08 14:47 - 2014-03-08 14:47 - 00000000 ____D () C:\Users\Max\AppData\Local\{FAC9F114-4E1C-4369-9DB6-E00183653B16}
2014-03-08 14:14 - 2014-03-08 14:15 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-03-08 14:14 - 2014-03-08 14:14 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2014-03-08 14:13 - 2014-03-08 14:13 - 22990573 _____ () C:\Users\Max\Downloads\MSIAfterburnerSetup231.zip
2014-03-08 14:12 - 2014-03-08 14:12 - 00613200 _____ (Chip Digital GmbH) C:\Users\Max\Downloads\MSI Afterburner - CHIP-Downloader.exe
2014-03-08 12:58 - 2014-03-08 12:58 - 00000000 ____D () C:\Program Files (x86)\directx
2014-03-08 12:53 - 2014-03-08 12:53 - 00000000 ____D () C:\Program Files (x86)\TDK
2014-03-06 15:33 - 2014-03-06 15:33 - 00000000 ____D () C:\Users\Max\AppData\Roaming\steamvr
2014-03-03 18:20 - 2014-03-03 18:20 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-03-03 18:13 - 2014-03-03 18:13 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uCertify
2014-03-03 18:13 - 2014-03-03 18:13 - 00000000 ____D () C:\Program Files (x86)\uCertify
2014-03-03 18:12 - 2014-03-03 18:12 - 00930952 _____ (CNET Download.com) C:\Users\Max\Downloads\cbsidlm-cbsi183-uCertify__9A0044_ADOBE_ACE_Photoshop_CS2-ORG-10715851.exe
2014-03-03 18:10 - 2014-03-03 18:10 - 00000000 ____D () C:\PS_CS2_Gr_NonRet
2014-03-03 16:50 - 2014-03-03 16:59 - 375232764 _____ (Adobe Systems Inc. ) C:\Users\Max\Downloads\PS_CS2_Gr_NonRet.exe
2014-02-27 22:38 - 2014-02-27 22:38 - 00092642 _____ () C:\Users\Max\Downloads\91.rar
2014-02-27 18:42 - 2014-02-27 18:42 - 01610309 _____ () C:\Users\Max\Downloads\20140101_2008_germany-E-75_29_el_hallouf.wotreplay
2014-02-26 23:26 - 2014-02-26 23:26 - 00000000 ____D () C:\Users\Max\AppData\Roaming\puush
2014-02-26 23:25 - 2014-02-26 23:26 - 00000000 ____D () C:\Program Files (x86)\puush
2014-02-26 23:25 - 2014-02-26 23:25 - 01085440 _____ () C:\Users\Max\Downloads\puush.msi
==================== One Month Modified Files and Folders =======
2014-03-28 12:57 - 2014-03-28 12:57 - 00028184 _____ () C:\Users\Max\Downloads\FRST.txt
2014-03-28 12:57 - 2014-03-28 12:57 - 00000000 ____D () C:\FRST
2014-03-28 12:56 - 2014-03-28 11:24 - 00000000 ____D () C:\Users\Max\Desktop\Ebay-Kleinanzeigen
2014-03-28 12:55 - 2014-03-28 12:55 - 02157056 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe
2014-03-28 12:55 - 2012-06-04 12:20 - 00000284 ____H () C:\Windows\Tasks\GenericUpdaterRefreshTask.job
2014-03-28 12:49 - 2013-05-10 22:47 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-28 12:39 - 2012-02-18 18:34 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-28 12:30 - 2012-01-03 21:59 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Skype
2014-03-28 12:08 - 2012-07-02 15:10 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-28 11:26 - 2011-09-15 11:26 - 00766040 _____ () C:\Windows\system32\perfh007.dat
2014-03-28 11:26 - 2011-09-15 11:26 - 00175012 _____ () C:\Windows\system32\perfc007.dat
2014-03-28 11:26 - 2009-07-14 06:13 - 01808890 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-28 10:58 - 2012-01-15 09:16 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-28 10:38 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-28 10:38 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-28 10:34 - 2014-02-12 20:04 - 01137000 _____ () C:\Windows\WindowsUpdate.log
2014-03-28 10:34 - 2012-11-10 16:11 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-252815299-2609012233-3364361215-1000UA.job
2014-03-28 10:32 - 2014-03-28 10:29 - 05140176 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-28 10:32 - 2012-06-04 12:20 - 00000304 ____H () C:\Windows\Tasks\GenericUpdaterLogonTask.job
2014-03-28 10:32 - 2012-02-18 18:34 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-28 10:32 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-28 10:31 - 2011-09-15 11:54 - 00000000 ____D () C:\ProgramData\PDFC
2014-03-28 10:31 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-28 10:30 - 2014-03-28 10:29 - 00000168 _____ () C:\Windows\setupact.log
2014-03-28 10:29 - 2014-03-28 10:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-28 10:29 - 2011-09-15 11:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-28 10:16 - 2014-03-28 10:16 - 00135552 _____ () C:\Users\Max\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-28 10:15 - 2012-03-02 17:53 - 00000000 ___RD () C:\Users\Max\Desktop\Games
2014-03-28 03:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-03-28 03:41 - 2012-04-01 18:14 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-03-28 00:19 - 2011-02-11 18:00 - 00000000 ____D () C:\Windows\Panther
2014-03-28 00:11 - 2014-03-28 00:08 - 00000000 ____D () C:\AdwCleaner
2014-03-28 00:08 - 2014-03-28 00:08 - 01950720 _____ () C:\Users\Max\Downloads\adwcleaner.exe
2014-03-28 00:02 - 2014-03-28 00:02 - 00001423 _____ () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-28 00:00 - 2011-09-15 11:59 - 00000000 ____D () C:\ProgramData\truesuite
2014-03-27 23:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-27 23:58 - 2012-03-03 12:01 - 00007605 _____ () C:\Users\Max\AppData\Local\Resmon.ResmonCfg
2014-03-27 23:55 - 2014-03-27 23:53 - 00001270 _____ () C:\Windows\system32\Commander David wollte ein 1vs1 und war als Techniker in ner Flotten Dreadnought Galaxy gegen meinen BoP immer kurz vor'm krepieren - lol - am Ende hatte ich nen Disconnect - schade - Commander David h..lnk
2014-03-27 23:52 - 2014-03-27 23:52 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-27 23:52 - 2014-03-27 23:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-27 23:52 - 2014-03-27 23:52 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-27 23:52 - 2014-03-27 23:52 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-27 23:52 - 2014-03-27 23:52 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-27 23:52 - 2014-03-27 23:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-27 23:52 - 2014-03-27 23:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-27 23:52 - 2014-03-27 23:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-27 23:52 - 2014-03-27 23:52 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-27 23:52 - 2014-03-27 23:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-27 23:52 - 2014-03-27 23:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-27 23:52 - 2014-03-27 23:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-27 23:52 - 2014-03-27 23:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-27 23:48 - 2014-03-27 23:48 - 00613200 _____ (Chip Digital GmbH) C:\Users\Max\Downloads\Internet Explorer 11 64 Bit - CHIP-Downloader.exe
2014-03-27 23:34 - 2014-03-27 23:34 - 00001224 _____ () C:\Users\Max\Documents\cc_20140327_233406.reg
2014-03-27 23:30 - 2014-03-27 23:14 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-03-27 23:30 - 2013-11-23 16:11 - 00000000 ____D () C:\Program Files (x86)\Combat-Rivals
2014-03-27 23:29 - 2014-03-27 23:29 - 00017648 _____ () C:\Users\Max\Documents\cc_20140327_232909.reg
2014-03-27 23:28 - 2014-03-27 23:28 - 00037148 _____ () C:\Users\Max\Documents\cc_20140327_232850.reg
2014-03-27 23:20 - 2014-03-27 23:20 - 04853880 _____ (Systweak Inc ) C:\Users\Max\Downloads\rcpsetup_2005.exe
2014-03-27 23:14 - 2014-03-27 23:14 - 02365840 _____ () C:\Users\Max\Downloads\SecurityTaskManager_Setup.exe
2014-03-27 23:14 - 2014-03-27 23:14 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager
2014-03-27 23:09 - 2013-09-15 21:04 - 00000000 ____D () C:\Program Files (x86)\World_of_Tanks
2014-03-27 20:52 - 2012-01-18 12:28 - 00003174 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMax
2014-03-27 20:52 - 2012-01-18 12:28 - 00000324 _____ () C:\Windows\Tasks\HPCeeScheduleForMax.job
2014-03-27 19:24 - 2012-01-03 19:13 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{51EE8C70-F409-4E79-B6F6-266A5F381A99}
2014-03-27 19:00 - 2014-03-27 19:00 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Malwarebytes
2014-03-27 19:00 - 2014-03-27 19:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-27 19:00 - 2014-03-27 19:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-27 18:56 - 2014-03-27 18:56 - 03098210 _____ () C:\Users\Max\Downloads\tweaking.com_windows_repair_aio.zip
2014-03-27 16:34 - 2012-11-10 16:11 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-252815299-2609012233-3364361215-1000Core.job
2014-03-26 14:37 - 2012-01-18 12:28 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-26 14:37 - 2012-01-11 20:35 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-26 13:47 - 2014-03-26 13:46 - 27998329 _____ () C:\Users\Max\Downloads\WoT_7.5_Sounds.zip
2014-03-26 11:58 - 2012-01-29 01:06 - 00000000 ____D () C:\Users\Max\AppData\Roaming\TS3Client
2014-03-26 11:57 - 2012-01-03 20:52 - 00000000 ____D () C:\Users\Max\AppData\Local\CrashDumps
2014-03-25 21:09 - 2014-03-25 21:09 - 03667522 _____ () C:\Users\Max\Documents\AutoRuns.arn
2014-03-25 21:08 - 2012-06-24 06:46 - 00000000 ___RD () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-25 21:04 - 2014-03-25 21:04 - 00550371 _____ () C:\Users\Max\Downloads\Autoruns.zip
2014-03-25 16:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-24 07:46 - 2013-11-15 13:41 - 00000142 _____ () C:\Users\Max\Downloads\movie1080p.mkv.zip
2014-03-24 07:41 - 2012-05-13 17:20 - 00000000 ____D () C:\Program Files (x86)\Sky-Fighter
2014-03-23 18:18 - 2014-02-13 17:43 - 00000000 ____D () C:\Windows\System32\Tasks\Abelssoft
2014-03-23 18:16 - 2014-03-08 14:49 - 00000000 ____D () C:\Users\Max\AppData\Roaming\IrfanView
2014-03-21 16:57 - 2014-03-21 16:55 - 68950680 _____ (SiSoftware ) C:\Users\Max\Downloads\san2021.exe
2014-03-19 18:05 - 2012-01-15 09:33 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-03-18 15:23 - 2014-03-18 15:23 - 00249613 _____ () C:\Users\Max\Downloads\nvidiaInspector.zip
2014-03-18 03:02 - 2013-08-16 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 03:00 - 2012-02-19 08:33 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-14 17:07 - 2014-03-14 17:07 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Awesomium
2014-03-14 10:54 - 2014-03-12 15:08 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online
2014-03-14 10:12 - 2014-03-14 10:12 - 00000000 ____D () C:\Users\Max\Documents\Elder Scrolls Online
2014-03-14 10:12 - 2014-03-14 10:12 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-03-14 07:27 - 2012-01-12 13:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-14 07:27 - 2012-01-03 21:58 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-13 14:07 - 2014-03-13 14:07 - 00000000 ____D () C:\Users\Max\AppData\Local\Skype
2014-03-13 14:07 - 2012-01-03 21:58 - 00000000 ____D () C:\ProgramData\Skype
2014-03-13 03:01 - 2012-01-24 18:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-12 20:08 - 2012-07-02 15:10 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 20:08 - 2012-07-02 15:10 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 20:08 - 2011-09-15 11:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 15:08 - 2014-03-12 15:07 - 55903624 _____ ( ) C:\Users\Max\Downloads\Install_ESO_Beta.exe
2014-03-11 19:58 - 2014-03-11 19:58 - 00821760 _____ (NVIDIA Corporation) C:\Users\Max\Downloads\NVIDIA SSAA.exe
2014-03-11 19:55 - 2011-09-15 11:39 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-10 20:47 - 2014-03-10 20:47 - 14325662 _____ (diclovit ) C:\Users\Max\Downloads\dmp_1.10.4_setup.exe
2014-03-10 16:36 - 2014-03-10 16:36 - 00613200 _____ (Chip Digital GmbH) C:\Users\Max\Downloads\GPU Z - CHIP-Downloader.exe
2014-03-08 14:48 - 2014-03-08 14:48 - 02179728 _____ (Irfan Skiljan) C:\Users\Max\Downloads\iview437g_setup.exe
2014-03-08 14:47 - 2014-03-08 14:47 - 00000000 ____D () C:\Users\Max\AppData\Local\{FAC9F114-4E1C-4369-9DB6-E00183653B16}
2014-03-08 14:47 - 2012-01-21 18:09 - 00000000 ____D () C:\Users\Max\AppData\Local\Windows Live
2014-03-08 14:15 - 2014-03-08 14:14 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-03-08 14:15 - 2012-01-15 17:13 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-03-08 14:14 - 2014-03-08 14:14 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2014-03-08 14:13 - 2014-03-08 14:13 - 22990573 _____ () C:\Users\Max\Downloads\MSIAfterburnerSetup231.zip
2014-03-08 14:12 - 2014-03-08 14:12 - 00613200 _____ (Chip Digital GmbH) C:\Users\Max\Downloads\MSI Afterburner - CHIP-Downloader.exe
2014-03-08 12:58 - 2014-03-08 12:58 - 00000000 ____D () C:\Program Files (x86)\directx
2014-03-08 12:58 - 2011-09-15 11:44 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-08 12:53 - 2014-03-08 12:53 - 00000000 ____D () C:\Program Files (x86)\TDK
2014-03-07 14:42 - 2012-01-03 19:08 - 00000000 ____D () C:\Users\Max
2014-03-07 08:58 - 2013-06-15 16:16 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2
2014-03-06 16:32 - 2013-07-30 22:30 - 00000000 ____D () C:\Users\Max\AppData\Local\Warframe
2014-03-06 15:33 - 2014-03-06 15:33 - 00000000 ____D () C:\Users\Max\AppData\Roaming\steamvr
2014-03-04 15:35 - 2014-03-11 19:51 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-04 15:35 - 2014-03-11 19:51 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 00484296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 00409544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 00377688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-04 15:35 - 2014-03-11 19:51 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-04 15:35 - 2013-12-15 16:51 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-04 15:35 - 2013-07-18 20:28 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-04 15:35 - 2013-07-18 19:12 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-04 15:35 - 2013-07-18 19:12 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-04 15:35 - 2013-07-15 12:47 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-04 15:35 - 2013-07-15 12:47 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-03-04 15:35 - 2011-09-15 11:35 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-03-04 15:35 - 2011-09-15 11:35 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-03-04 14:06 - 2011-03-30 09:45 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-04 14:06 - 2011-03-30 09:44 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-04 14:05 - 2013-07-15 12:48 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-03-04 14:05 - 2011-03-30 09:45 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-03-04 14:05 - 2011-03-30 09:45 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-04 14:05 - 2011-03-30 09:45 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-04 14:05 - 2011-03-30 09:45 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-04 12:32 - 2014-03-11 19:55 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-03 22:33 - 2012-06-20 09:37 - 00000000 ____D () C:\Users\Max\AppData\Local\Adobe
2014-03-03 22:33 - 2012-01-04 09:29 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Adobe
2014-03-03 18:23 - 2011-09-15 11:54 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-03 18:20 - 2014-03-03 18:20 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-03-03 18:19 - 2012-06-20 09:36 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-03 18:13 - 2014-03-03 18:13 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uCertify
2014-03-03 18:13 - 2014-03-03 18:13 - 00000000 ____D () C:\Program Files (x86)\uCertify
2014-03-03 18:12 - 2014-03-03 18:12 - 00930952 _____ (CNET Download.com) C:\Users\Max\Downloads\cbsidlm-cbsi183-uCertify__9A0044_ADOBE_ACE_Photoshop_CS2-ORG-10715851.exe
2014-03-03 18:10 - 2014-03-03 18:10 - 00000000 ____D () C:\PS_CS2_Gr_NonRet
2014-03-03 16:59 - 2014-03-03 16:50 - 375232764 _____ (Adobe Systems Inc. ) C:\Users\Max\Downloads\PS_CS2_Gr_NonRet.exe
2014-02-27 22:38 - 2014-02-27 22:38 - 00092642 _____ () C:\Users\Max\Downloads\91.rar
2014-02-27 21:09 - 2012-02-26 15:31 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-02-27 18:42 - 2014-02-27 18:42 - 01610309 _____ () C:\Users\Max\Downloads\20140101_2008_germany-E-75_29_el_hallouf.wotreplay
2014-02-27 11:32 - 2014-01-26 20:44 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-02-27 11:32 - 2013-10-26 07:55 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-02-27 03:00 - 2011-02-11 18:15 - 01782234 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-26 23:26 - 2014-02-26 23:26 - 00000000 ____D () C:\Users\Max\AppData\Roaming\puush
2014-02-26 23:26 - 2014-02-26 23:25 - 00000000 ____D () C:\Program Files (x86)\puush
2014-02-26 23:25 - 2014-02-26 23:25 - 01085440 _____ () C:\Users\Max\Downloads\puush.msi
Files to move or delete:
====================
C:\ProgramData\hsdk5313dv.dat
Some content of TEMP:
====================
C:\Users\Max\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Max\AppData\Local\Temp\mbam-setup.exe
C:\Users\Max\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-20 01:09
==================== End Of Log ============================
--- --- --- --- --- --- Ich hoffe, dass ihr mir helfen könnt. Geändert von Bardiel (28.03.2014 um 13:42 Uhr) |
|
28.03.2014, 13:29
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 7 | Tab/Fensterwechsel, nach 10sek kurzer Freeze Hi,
__________________Additional.txt fehlt noch.
__________________ |
|
28.03.2014, 13:32
| #3 |
| | Windows 7 | Tab/Fensterwechsel, nach 10sek kurzer Freeze Hier ist das Additional Log:
__________________Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Max at 2014-03-28 12:57:55
Running from C:\Users\Max\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3 - )
18 Wheels of Steel: American Long Haul (HKLM-x32\...\18 Wheels of Steel: American Long Haul) (Version: - ValuSoft)
3D Sound Back Beta0.1 (HKLM-x32\...\{39DB116F-E088-486F-B13C-8925ECE7A6E5}) (Version: 0.1 - Realtek Semiconductor Corp.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Reader X (10.1.6) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.6 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
aerofly5 (HKLM-x32\...\aerofly5_is1) (Version: 5.7.1.3 - IPACS)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Armada 2526 Gold (HKLM-x32\...\Armada 2526 Gold) (Version: 1.0.4.1 - Iceberg Interactive)
Armada 2526 Gold (x32 Version: 1.0.4.1 - Iceberg Interactive) Hidden
Artweaver Free 3.1 (HKLM-x32\...\{96A9A1C8-FBAD-4703-ABF1-E93AA8FE85A0}_is1) (Version: 3.1 - Boris Eyrich Software)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version: - Audacity Team)
AuthenTec TrueAPI (Version: 1.3.0.116 - AuthenTec, Inc.) Hidden
Borderlands (HKLM-x32\...\{52B65911-1559-4ED5-9461-46957FDD48CD}) (Version: 1.0.295 - 2K Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Call of Juarez Gunslinger (HKLM-x32\...\Steam App 204450) (Version: - Techland)
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
CivCity (HKLM-x32\...\{994E24A6-EC47-4201-8D0B-D4563B7AD66B}) (Version: 1.10.0000 - Firefly Studios)
Combat Wings - Battle of Britain (HKLM-x32\...\cw2_ger_is1) (Version: - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.64.0 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crashday (HKLM-x32\...\{9C27ADE1-EAFB-4BB7-9FE3-5DD9BA9A3DD2}) (Version: 0 - ATARI)
CustoPackTools (HKLM\...\CustoPackTools) (Version: - neOceane)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
diclovit's mod pack 1.10.4 (HKLM-x32\...\{28B1238E-1C18-4637-A2B7-95315E94EB29}_is1) (Version: 1.10.4 - diclovit)
DIE SIEDLER - Das Erbe der Könige (HKLM-x32\...\{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}) (Version: 1.00.0000 - Blue Byte)
Dokan Library 0.6.0 (HKLM-x32\...\DokanLibrary) (Version: - )
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
EA Download Manager (x32 Version: 4.0.0.396 - Electronic Arts) Hidden
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version: 1.20 - Sierra)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Far Cry® 3 Blood Dragon (HKLM-x32\...\Steam App 233270) (Version: - Ubisoft Montreal)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free YouTube Download Manager (x32 Version: 1.0.0.4 - Freetec) Hidden
Free YouTube to MP3 Converter version 3.11.32.918 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.32.918 - DVDVideoSoft Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GDR 1617 für SQL Server 2008 R2 (KB2494088) (64-bit) (HKLM\...\KB2494088) (Version: 10.50.1617.0 - Microsoft Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Ghost Recon Online (NCSA-Live) (HKCU\...\fc418bf9b18f76aa) (Version: 1.34.5072.1 - Ubisoft)
Global Agenda (HKLM-x32\...\Steam App 17020) (Version: - Hi-Rez Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GPGNet (HKLM-x32\...\{C194D333-B84A-4BB7-B35E-060732D98DC4}) (Version: 1.0.0 - Gas Powered Games)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version: - Valve)
Hard Truck Apocalypse (HKLM-x32\...\Hard Truck Apocalypse_is1) (Version: 1.0 - Buka)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Highway Pursuit v1.1 (HKLM-x32\...\Highway Pursuit_is1) (Version: - Adam Dawes)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP SimplePass PE 2011 (HKLM-x32\...\{00FF4EB6-6AAC-4E9D-A60A-8F388691BB27}) (Version: 5.3.0.194 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.5.3 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Java(TM) 7 Update 2 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417002FF}) (Version: 7.0.20 - Oracle)
Java(TM) SE Development Kit 7 Update 2 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170020}) (Version: 1.7.0.20 - Oracle)
JavaFX 2.0.2 (64-bit) (HKLM\...\{1111706F-666A-4037-7777-202648764D10}) (Version: 2.0.2 - Oracle Corporation)
JavaFX 2.0.2 SDK (64-bit) (HKLM\...\{2222706F-666A-4037-7777-202648764D10}) (Version: 2.0.2 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
King (HKLM-x32\...\King) (Version: - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LIMBO (HKLM-x32\...\Steam App 48000) (Version: - Playdead)
Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version: - Nadeo)
MATonline2.1.6.350 (HKLM-x32\...\Mission Against Terror Online_is1) (Version: 2.1.6.350 - Dalian Kingsoft Interactive Entertainment Co., Ltd.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F112F66E-25CA-42DD-983C-6118EB38F606}) (Version: 3.0.89.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Report Viewer Redistributable 2008 (KB971119) (x32 Version: 9.0.30731 - Microsoft Corporation) Hidden
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{362A3FDF-B12E-436A-9097-1B795A9FFCC5}) (Version: 10.50.1617.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{79FB3E7E-FD92-49A9-AAD1-193EE4CB85D3}) (Version: 10.50.1617.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{0E8D886F-3205-4472-848E-990F400FF218}) (Version: 7601 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 15.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 15.0.1 (x86 de)) (Version: 15.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 15.0.1 - Mozilla)
Mp3tag v2.52 (HKLM-x32\...\Mp3tag) (Version: v2.52 - Florian Heidenreich)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Naval Warfare (HKLM-x32\...\Steam App 98500) (Version: - Game Distillery s.r.o.)
Need for Speed™ Carbon (HKLM-x32\...\{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}) (Version: - )
Need for Speed™ Undercover (HKLM-x32\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.722 - Electronic Arts)
NETGEAR WG111v3 wireless USB 2.0 adapter (HKLM-x32\...\InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}) (Version: 1.01.10 - NETGEAR)
NETGEAR WG111v3 wireless USB 2.0 adapter (x32 Version: 1.01.10 - NETGEAR) Hidden
Nexon Game Manager (HKLM-x32\...\{289AC7E0-0AEE-4a7b-913C-709D9803D23E}) (Version: - )
Next Generation Visualisations (HKLM-x32\...\{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}) (Version: 1.0.0 - Microsoft)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.46.0 - Black Tree Gaming)
NFS Underground (HKLM-x32\...\{A99968BE-C155-474C-0089-33239DEE1CE2}) (Version: - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.4.1 - Frank Heindörfer, Philip Chinery)
Photomizer (HKLM-x32\...\{A00F8237-F496-44D2-0001-E3CCF8CD58AE}) (Version: 1.0.12.229 - Engelmann Media GmbH)
Pirate Galaxy (HKCU\...\Pirate Galaxy) (Version: 1000274.0.0.0 - Splitscreen Studios GmbH)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)
PlanetSide 2 Live Test (HKCU\...\SOE-PlanetSide 2 PSG) (Version: - Sony Online Entertainment)
PlanetSide 2 PSG-Livetest (HKCU\...\soe-PlanetSide 2 PSG-Livetest) (Version: 1.0.3.183 - Sony Online Entertainment)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Race Driver 2 (HKLM-x32\...\InstallShield_{D474A0E8-4421-43C0-BE8E-F454F91E2E2A}) (Version: 1.01.0000 - Codemasters)
Race Driver 2 (x32 Version: 1.01.0000 - Codemasters) Hidden
RAR Password Recovery v1.1 RC16 (remove only) (HKLM-x32\...\Intelore - RAR Password Recovery) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6387 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
Red Faction Guerrilla (HKLM-x32\...\InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}) (Version: 1.00.0000 - Ihr Firmenname)
Red Faction Guerrilla (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
RollerCoaster Tycoon 2: Time Twister (HKLM-x32\...\{BA1E1AFD-D1F2-4C52-88C3-186FC5E61604}) (Version: 1.00.000 - )
RollerCoaster Tycoon 2: Wacky Worlds (HKLM-x32\...\{B1AD83A0-DC92-41E3-B111-E9472349768C}) (Version: - )
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version: - Atari)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version: - Volition)
Sandboxie 3.74 (64-bit) (HKLM\...\Sandboxie) (Version: 3.74 - SANDBOXIE L.T.D)
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Silent Hunter 5 (HKLM-x32\...\{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}) (Version: 1.2.0 - Ubisoft)
SimCity 3000 (HKLM-x32\...\SimCity 3000) (Version: - )
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version: - )
Simple Port Forwarding (HKLM-x32\...\Simple Port Forwarding) (Version: 3.2.10 - PcWinTech.com)
Sky-Fighter (HKLM-x32\...\{5C9EAB5E-84A5-47D4-9065-C29043F6E629}) (Version: 4.5.0.1 - Sky-Network)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SPEEDLINK USB GAMEPAD (HKLM-x32\...\{9C42F308-A660-4445-9269-A740EEDCC1F0}) (Version: 09.28.2009 - SPEEDLINK)
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Management Studio (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Star Trek Online (HKLM-x32\...\Steam App 9900) (Version: - Cryptic Studios)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold 2 Deluxe (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.000 - Firefly Studios)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - )
Supreme Commander - Forged Alliance (HKLM-x32\...\{31D95937-B237-405D-920C-A3EF4E482395}) (Version: 1.00.0000 - Gas Powered Games)
Supreme Commander (HKLM-x32\...\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}) (Version: 1.00.0000 - Gas Powered Games)
Supreme Commander 2 (HKLM-x32\...\Steam App 40100) (Version: - Gas Powered Games)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.12979 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Basement Collection (HKLM-x32\...\Steam App 214790) (Version: - )
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Thrillville(TM): '07 (HKLM-x32\...\InstallShield_{3BC8D2F1-8CA2-4AF9-99C7-8598AFFDEF8F}) (Version: 1.0.0 - LucasArts)
Thrillville(TM): '07 (x32 Version: 1.0.0 - LucasArts) Hidden
TmUnitedForever (HKLM-x32\...\TmUnitedForever_is1) (Version: - Nadeo)
Tom Clancy's H.A.W.X. 2 (HKLM-x32\...\{76A232AF-B7D6-41A4-B795-6B355E6D32B1}) (Version: 1.0.0 - Ubisoft)
Tom Clancy's Splinter Cell Conviction (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}) (Version: 1.04.000 - Ubisoft)
Tom Clancy's Splinter Cell Double Agent (HKLM-x32\...\{CAD1691A-FA24-4B95-9009-3257B8440ECC}) (Version: 1.00.0000 - Ubisoft)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.03 - Ubisoft)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - Runic Games)
TrackMania Sunrise Extreme 1.5.1 (HKLM-x32\...\TmSunrise_is1) (Version: - Nadeo)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
Vangers (HKLM-x32\...\Vangers) (Version: - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
War Thunder Launcher 1.0.1.252 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2013 Gaijin Entertainment Corporation)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.10 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
WinRAR 4.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
World of Tanks - Common Test (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812CT}_is1) (Version: - Wargaming.net)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World Racing (HKLM-x32\...\InstallShield_{B151F020-1DEE-4716-944F-2759FC3C51DA}) (Version: 1.01.01 - SYNETIC)
World Racing (x32 Version: 1.01.01 - SYNETIC) Hidden
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 03:34 - 2012-07-07 07:54 - 00000852 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 cadb.nflavor.com
==================== Scheduled Tasks (whitelisted) =============
Task: {0081D51F-01A9-462F-AD25-6B2619DAA744} - System32\Tasks\{B763D317-475A-47DA-B4AD-84BAF9935762} => C:\Users\Max\Desktop\COMANCHE4\DXLAUNCH.EXE
Task: {00FE0DE1-9E7A-405C-A4D8-87491C49D944} - System32\Tasks\{3C6F5C27-CFEE-409E-ADD8-7BC11B3AFB12} => E:\autorun.exe
Task: {05E3E887-605D-4CD4-8484-F214997982DA} - System32\Tasks\{45B667CC-10AB-425E-8F2B-4DDB85F859E6} => C:\Program Files (x86)\Buka\Hard Truck Apocalypse\hta.exe [2006-01-19] (Targem)
Task: {0D888911-8F2E-4F1F-90CD-1C8BC769A0C9} - System32\Tasks\{1773BAB9-2CDB-4972-9766-5DEFD69FCC75} => C:\Program Files (x86)\Buka\Hard Truck Apocalypse\hta.exe [2006-01-19] (Targem)
Task: {159B2DF7-A6E4-4EA7-A5D3-1EF7F07B0628} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {15F92EB9-55F6-407A-ABAD-500C89748C70} - System32\Tasks\{769FE2FB-B1FC-4CFC-A93A-3D3688D6C523} => C:\I-Magic\Vangers\road.exe [1998-10-08] ()
Task: {19A1C6A9-411D-436E-BBAA-446C488AF799} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-252815299-2609012233-3364361215-1000UA => C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-10] (Facebook Inc.)
Task: {1BB982D7-FD1A-48A5-B1BB-3C930A7D7A3B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {1FCFDE3C-A124-472D-A494-3556D64E2738} - System32\Tasks\{CF9DEC33-F693-4685-809F-92F86AAFC2A5} => C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\gu.exe [2013-08-03] (Ubisoft)
Task: {29E1F7EE-3A9B-47C1-AA09-2A1289172D40} - System32\Tasks\{B979F3B0-20FC-4EDA-9A9C-F237ECC619F8} => C:\Program Files (x86)\Buka\Hard Truck Apocalypse\hta.exe [2006-01-19] (Targem)
Task: {2A04004D-3DC1-4A18-BE67-5FB882995699} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-18] (Google Inc.)
Task: {2E1452C5-1A04-4209-BD45-016B48B89D02} - System32\Tasks\{BC5F264D-C0DD-4A99-8F5E-FCF9FC5DEA49} => C:\I-Magic\Vangers\road.exe [1998-10-08] ()
Task: {361BA7FB-7078-49B0-B2CB-BD22A25E39D8} - System32\Tasks\{86DC7745-968D-44E2-970A-E79057E531AA} => E:\Autorun.exe
Task: {368555A5-1EFC-4A1F-8015-69465F935B4B} - System32\Tasks\{ACD97DB0-537D-4E18-AB6F-7C8C821285A5} => C:\I-Magic\Vangers\road.exe [1998-10-08] ()
Task: {3CB947FE-0066-41FB-80C4-49FD4BAD938F} - System32\Tasks\GenericUpdaterRefreshTask => C:\ProgramData\GboxUpdater\updater.exe
Task: {40740699-FCE7-46C1-9958-648FAEE8813D} - System32\Tasks\{6CB25B3A-B1C8-4E30-B540-542C0A72C976} => C:\Program Files (x86)\Buka\Hard Truck Apocalypse\hta.exe [2006-01-19] (Targem)
Task: {44CA98B5-938D-426F-95A6-FC66F84AA2A4} - System32\Tasks\{355D9A9E-460C-4328-9E25-B7317FD944C7} => E:\autorun.exe
Task: {4628CEE5-9DCA-4627-837C-1941D181D048} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2011-07-21] (CyberLink)
Task: {4725F50B-61D5-4281-BCB7-E33E7FEA4B4C} - System32\Tasks\{AE77131E-C5F2-46C8-BC27-516625A4DF95} => C:\I-Magic\Vangers\road.exe [1998-10-08] ()
Task: {4BCE21DC-096B-4FBE-B8D6-4B1615ABA7FA} - System32\Tasks\{A61857F4-B46B-4782-9CA2-B9EB3F45A958} => C:\Program Files (x86)\Buka\Hard Truck Apocalypse\hta.exe [2006-01-19] (Targem)
Task: {51F8989B-1D15-4047-888B-C15365078EB5} - System32\Tasks\{89578BE4-6319-4718-9E25-6F1155201B56} => E:\nfsc.exe
Task: {5A36C6A0-5F23-4244-8C03-DD0222586C44} - System32\Tasks\{1ACC0E35-7D2C-4AA8-A956-0EF3D4C941F6} => C:\Program Files (x86)\Buka\Hard Truck Apocalypse\hta.exe [2006-01-19] (Targem)
Task: {5D94EA0F-B048-48E5-A86B-5B42C678B051} - System32\Tasks\{A344221E-8D70-4225-B92B-881868A5A26A} => C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe [2008-06-13] ()
Task: {5E142CBF-D289-4E2D-8BA5-162C7536123B} - System32\Tasks\{5D1B15DA-E660-4E3F-82EB-883406085F59} => E:\autorun.exe
Task: {5E9F1103-1209-436B-A939-B370F7FC4946} - System32\Tasks\{A8326C83-EA33-4D99-93C8-1EE610717D59} => C:\Program Files (x86)\TrackMania Sunrise\TmSunriseLauncher.exe [2007-02-27] ()
Task: {5FED8F5A-6DBA-40E6-B5E7-D936DAB7E505} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe
Task: {62A52C53-3206-4E94-BD08-FA2F1682D130} - System32\Tasks\{C298B444-22A0-4E3C-9D26-968C196B92A0} => E:\King.exe
Task: {64B90763-795F-424C-A4F7-149A63D3A8B7} - System32\Tasks\{C9D2DF69-3E6A-4719-9CDC-D868B6AA4150} => E:\nfsc.exe
Task: {66AB139F-369B-4A63-ADCC-054E27F29096} - System32\Tasks\{A06E9492-702A-4CCB-B541-3A94CC9EB1B0} => E:\Autorun.exe
Task: {6EA1AD97-A6F8-48AD-9706-0AB28BD35868} - \Desk 365 RunAsStdUser No Task File
Task: {717D0BFF-B3E0-4B40-B737-8BDB47D31D3F} - System32\Tasks\{9B2EE4B2-A41B-4EA8-ACE4-8AB5B0D33503} => C:\Program Files (x86)\Buka\Hard Truck Apocalypse\hta.exe [2006-01-19] (Targem)
Task: {728C500A-0972-4683-AC52-5FE39F381A6C} - System32\Tasks\{221A2AB9-D5E8-44F9-8B57-2C6E498BA6B9} => C:\Program Files (x86)\Buka\Hard Truck Apocalypse\hta.exe [2006-01-19] (Targem)
Task: {7359E2EC-865A-4475-9136-1B388A7724BD} - System32\Tasks\{5D3C280D-0BB1-411C-BFBC-1612FEDAE279} => C:\Program Files (x86)\Realtek\3D Sound Back Beta0.1\3DSoundBack.exe [2008-07-11] (Realtek Semiconductor Corp.)
Task: {7557C6E2-F3F4-4317-92CF-A22D88C802BD} - \YourFile Update No Task File
Task: {75C6DE84-F8EE-4824-9C29-12F946F3F6A1} - System32\Tasks\{7D9EAB37-AF1A-40AF-AD3B-42440C320E91} => C:\I-Magic\Vangers\road.exe [1998-10-08] ()
Task: {7855F318-DC23-4362-8DA3-B8B2979B095A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-252815299-2609012233-3364361215-1000Core => C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-10] (Facebook Inc.)
Task: {7D15E951-C503-4155-BCD3-AF0DD4050547} - System32\Tasks\{1F7BD041-A283-461B-9DEF-6DFB1971C23F} => C:\Program Files (x86)\Buka\Hard Truck Apocalypse\hta.exe [2006-01-19] (Targem)
Task: {7D461944-4FA1-4FFA-8CE3-0E7DFEA2F71F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {7EA0CE43-7AB3-4643-B80D-BF533CC6DFB5} - System32\Tasks\eType Setup => C:\Users\Max\AppData\Local\Temp\eType Setup403431.exe <==== ATTENTION
Task: {854BBD57-60FC-4995-A909-98C2ED31FEE6} - System32\Tasks\{6007780A-3D2A-4DCC-822F-6E4D2895240D} => C:\Program Files (x86)\Buka\Hard Truck Apocalypse\hta.exe [2006-01-19] (Targem)
Task: {85A47888-D92A-4856-987B-D2F77A5B6113} - System32\Tasks\{8368656F-1A58-4843-A3D3-210F8CEE718C} => C:\Users\Max\Desktop\SteelDevils_B&WC_Skins_Vers._1.1.exe
Task: {87130F97-C05F-4421-A900-AC9F3D396092} - System32\Tasks\{2E2A09FA-0990-462C-90CF-2DE89251A246} => C:\Users\Max\Desktop\SteelDevils_B&WC_Skins_Vers._1.1.exe
Task: {8FC526CC-8182-4685-9614-6B4299643D59} - System32\Tasks\{D92F65F4-A982-4BBF-B868-37A8285E1DD3} => C:\Program Files (x86)\Buka\Hard Truck Apocalypse\hta.exe [2006-01-19] (Targem)
Task: {9199A963-21B4-44CC-AADD-1C339657B52C} - System32\Tasks\{9CD9A9E5-6A7D-47AD-BE2C-6592AFB9A11A} => C:\Program Files (x86)\TrackMania Sunrise\TmSunriseLauncher.exe [2007-02-27] ()
Task: {91AE74A3-E14A-4F19-921B-611803477544} - System32\Tasks\{4FE9F413-3968-47A7-862A-63EC4D3E10CE} => E:\nfsc.exe
Task: {9300A768-4C11-4024-B9F7-90C0E7F3F912} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {94ECE977-4C76-4B29-AA1C-7542DE82FD69} - System32\Tasks\GenericUpdaterLogonTask => C:\ProgramData\GboxUpdater\updater.exe
Task: {9869E2E5-F3CE-4CDD-9960-CFD23978E8BA} - \DealPly No Task File
Task: {98DB0300-1B12-4C15-B050-4FF662D9F53C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {9AEF5BE6-28E3-4DBE-9838-F173AF661845} - System32\Tasks\{E26BF86A-0960-4658-915C-2755346CA313} => C:\I-Magic\Vangers\road.exe [1998-10-08] ()
Task: {9B8FC07D-48AA-4E2E-9311-C5ADB5FE05B8} - System32\Tasks\{68FAB595-7D7D-4AD2-A25A-49DC04AA2598} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {9D3CA80D-BAD7-4F6A-BE23-967112AB22D5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {9DA2BFC4-4B04-49CD-8C1A-43ADBD91F3B4} - \Software Updater No Task File
Task: {AC21489C-5155-4589-9798-F2BA10F3454F} - System32\Tasks\{D42B591A-380A-4750-A1A6-0B2F22D12A34} => C:\I-Magic\Vangers\road.exe [1998-10-08] ()
Task: {AD89D5CD-9FE1-41C3-81F6-1E212EC83B06} - System32\Tasks\{1F88CADD-F2C4-49C8-B54A-3D89E14AE83B} => C:\Program Files (x86)\TrackMania Sunrise\TmSunriseLauncher.exe [2007-02-27] ()
Task: {ADE4F06A-95E4-4E67-A4EB-EB428DFA5F62} - System32\Tasks\{9EA0C920-5B8D-4930-AD4E-21C0E9DA7E0B} => C:\I-Magic\Vangers\road.exe [1998-10-08] ()
Task: {B627F19A-EC31-4094-B448-81F6BA9A5468} - System32\Tasks\{4DAB5313-0320-4A3E-A869-BD5B853B3009} => C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe [2008-06-13] ()
Task: {B6368A84-62E2-43F9-BCD3-414E854AD856} - System32\Tasks\{13529B8D-B01E-4839-9862-7E1A7467A80A} => C:\Program Files (x86)\HighwayPursuit\HighwayPursuit.exe [2005-01-05] (adamdawes.com/Retrospec)
Task: {C0C9865E-6DA0-4250-B828-CAFE6D8BDCE9} - System32\Tasks\{F20FCA24-26FE-4963-BFFF-BE0D8263F45A} => C:\I-Magic\Vangers\road.exe [1998-10-08] ()
Task: {C14ED28E-1E99-4412-AB50-0EB3FCC63F06} - System32\Tasks\{4F7636A0-050B-406A-B32F-31AADF1B5C11} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {C49F089C-82AB-43FE-A32B-016360B2201B} - System32\Tasks\{66872E5A-4BC1-49F7-91A0-CB46E328C881} => C:\I-Magic\Vangers\road.exe [1998-10-08] ()
Task: {C4C0FA04-DB91-457A-B628-9E654DFCA3BE} - System32\Tasks\{7D630486-E1DD-43A9-AF69-8362A55B39F0} => E:\Autorun.exe
Task: {CF28D493-A89F-4276-8C62-1CBD12238907} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-18] (Google Inc.)
Task: {D4087B10-02CB-4F7E-8C6C-689219814A65} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard)
Task: {D5ED738A-4CA0-4252-973C-0BF8F1F9C994} - System32\Tasks\{EC42ADF9-C65F-402E-A35F-59F71C9BF450} => C:\I-Magic\Vangers\road.exe [1998-10-08] ()
Task: {DA550CB1-264B-4E1C-9751-23786638855D} - System32\Tasks\{58FADB18-7366-47D9-A022-4BD74029952F} => C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe [2008-06-13] ()
Task: {E8A49AE1-FDCB-41DC-86A6-7DBB07A31DF9} - System32\Tasks\{F3AA2B9F-D719-46A6-9330-585ED8661DD6} => E:\nfsc.exe
Task: {E993E266-3455-4C77-989E-F885C25BF9CE} - System32\Tasks\HPCeeScheduleForMax => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {ECEA4EAE-F2AC-4DD2-BFFD-A92DEB05543E} - System32\Tasks\{152C6334-2CBA-4D7D-8117-286399F8C924} => C:\Program Files (x86)\Infogrames\RollerCoaster Tycoon 2\RCT2.EXE [2002-09-16] ()
Task: {EE15045D-19A5-447E-8F4C-C5F70F396EF7} - System32\Tasks\{A1B6FF27-EDAB-4E99-99D5-C93751255951} => C:\Program Files (x86)\Buka\Hard Truck Apocalypse\hta.exe [2006-01-19] (Targem)
Task: {F15203FC-43D1-4600-93D8-81518870986A} - System32\Tasks\{74118FBD-CC18-40A6-9C3A-AA2E461B14FB} => C:\Program Files (x86)\Codemasters\Race Driver 2\sfdrvup.exe [2012-12-21] (Protection Technology (StarForce))
Task: {F235DD52-3E50-4392-B0B4-0305B027A8AC} - System32\Tasks\{61FA4950-89A7-4174-AC2E-674517BF227D} => C:\Program Files (x86)\TrackMania Sunrise\TmSunriseLauncher.exe [2007-02-27] ()
Task: {F552D8A9-B201-4E89-A8CA-9569B763B4D5} - \Software Updater Ui No Task File
Task: {F9FA645E-3FC4-45CC-A187-0E3BA0DA0814} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {FB91F3D7-1749-4417-9FBC-00F4B40A35D7} - System32\Tasks\{27AE84A6-4B6B-460D-9D24-151138D766ED} => C:\Program Files (x86)\Buka\Hard Truck Apocalypse\hta.exe [2006-01-19] (Targem)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-252815299-2609012233-3364361215-1000Core.job => C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-252815299-2609012233-3364361215-1000UA.job => C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GenericUpdaterLogonTask.job => C:\ProgramData\GboxUpdater\updater.exe
Task: C:\Windows\Tasks\GenericUpdaterRefreshTask.job => C:\ProgramData\GboxUpdater\updater.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMax.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2013-07-15 12:48 - 2014-03-04 14:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-12 20:39 - 2012-01-09 19:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2011-01-10 13:49 - 2011-01-10 13:49 - 00014848 _____ () C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
2014-01-26 20:44 - 2014-01-26 20:44 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-01-10 14:41 - 2014-02-26 23:26 - 00567880 _____ () C:\Program Files (x86)\puush\puush.exe
2012-08-17 20:39 - 2013-05-10 22:52 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2012-08-17 20:38 - 2012-08-17 20:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2014-03-15 18:40 - 2014-03-15 01:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-15 18:40 - 2014-03-15 01:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-15 18:40 - 2014-03-15 01:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-15 18:40 - 2014-03-15 01:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 18:40 - 2014-03-15 01:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 18:40 - 2014-03-15 01:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-01-08 16:13 - 2013-12-12 23:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-08 16:13 - 2013-11-05 02:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-03-12 17:10 - 2014-02-11 03:34 - 00751616 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2012-01-15 09:17 - 2014-02-25 22:57 - 01135296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-01-15 09:17 - 2014-01-11 00:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-03-18 15:43 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-03-18 15:43 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-03-18 15:43 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:AD022376
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
==================== Faulty Device Manager Devices =============
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft Virtual WiFi Miniport Adapter #3
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/28/2014 10:31:31 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_LanmanServer, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: SSCORE.DLL, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9ec
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000146d
ID des fehlerhaften Prozesses: 0x440
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_LanmanServer0
Pfad der fehlerhaften Anwendung: svchost.exe_LanmanServer1
Pfad des fehlerhaften Moduls: svchost.exe_LanmanServer2
Berichtskennung: svchost.exe_LanmanServer3
Error: (03/28/2014 10:30:18 AM) (Source: ESENT) (User: )
Description: taskhost (1880) WebCacheLocal: Fehler -1811 beim Öffnen von Protokolldatei C:\Users\Max\AppData\Local\Microsoft\Windows\WebCache\V0100002.log.
System errors:
=============
Error: (03/28/2014 00:57:10 PM) (Source: nvlddmkm) (User: )
Description: \Device\Video715b0(1f3c) 00000000 00000000
Error: (03/28/2014 00:57:07 PM) (Source: nvlddmkm) (User: )
Description: \Device\Video715b0(1f48) 00000000 00000000
Error: (03/28/2014 00:48:18 PM) (Source: nvlddmkm) (User: )
Description: \Device\Video715b0(1f48) 00000000 00000000
Error: (03/28/2014 00:24:20 PM) (Source: nvlddmkm) (User: )
Description: \Device\Video715b0(1f48) 00000000 00000000
Error: (03/28/2014 00:11:45 PM) (Source: nvlddmkm) (User: )
Description: \Device\Video715b0(1f3c) 00000000 00000000
Error: (03/28/2014 10:33:43 AM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (03/28/2014 10:33:43 AM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "RAS-Verbindungsverwaltung" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (03/28/2014 10:33:43 AM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (03/28/2014 10:32:42 AM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Server" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (03/28/2014 10:31:48 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" wurde mit folgendem Fehler beendet:
%%13876
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-03-28 03:37:31.369
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-28 03:37:31.367
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-28 03:37:31.366
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-28 03:37:31.354
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-28 03:37:31.353
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-28 03:37:31.351
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-26 06:49:44.440
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-26 06:49:44.438
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-26 06:49:44.437
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-26 06:49:44.404
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 36%
Total physical RAM: 8172.83 MB
Available physical RAM: 5223.88 MB
Total Pagefile: 20171.01 MB
Available Pagefile: 16517.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:918.4 GB) (Free:262.26 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:13.01 GB) (Free:1.6 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: FAF06210)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
29.03.2014, 09:30
| #4 |
| /// the machine /// TB-Ausbilder | Windows 7 | Tab/Fensterwechsel, nach 10sek kurzer Freeze hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.03.2014, 11:45
| #5 |
| | Windows 7 | Tab/Fensterwechsel, nach 10sek kurzer Freeze Danke für die Antwort und weiteren Anweisungen, hier ist die Logfile: Combofix Logfile: Code:
ATTFilter ComboFix 14-03-24.01 - Max 29.03.2014 11:24:28.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8173.5663 [GMT 1:00]
ausgeführt von:: c:\users\Max\Downloads\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
FW: Kaspersky Internet Security *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
SP: Kaspersky Internet Security *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Launcher.exe
c:\programdata\3b3c23313d3c363e28_c
c:\users\Max\AppData\Roaming\Microsoft\Windows\Templates\VideoSpin_2_0_Setup.exe
c:\users\Max\AppData\Roaming\Secure-Soft Stealer
c:\windows\IsUn0407.exe
c:\windows\SysWow64\DEBUG.log
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-02-28 bis 2014-03-29 ))))))))))))))))))))))))))))))
.
.
2014-03-29 10:33 . 2014-03-29 10:33 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2014-03-29 10:33 . 2014-03-29 10:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-29 02:00 . 2013-12-21 08:56 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-03-29 02:00 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-03-28 21:02 . 2014-03-29 02:22 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{85114B01-7A82-455F-B521-1B4B2F37EE25}\offreg.dll
2014-03-28 12:57 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{85114B01-7A82-455F-B521-1B4B2F37EE25}\mpengine.dll
2014-03-28 11:57 . 2014-03-28 11:58 -------- d-----w- C:\FRST
2014-03-28 06:58 . 2014-03-28 06:59 -------- d-----w- c:\program files (x86)\Windows Mail
2014-03-27 23:08 . 2014-03-27 23:11 -------- d-----w- C:\AdwCleaner
2014-03-27 22:55 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-03-27 22:14 . 2014-03-27 22:30 -------- d-----w- c:\programdata\SecTaskMan
2014-03-27 22:14 . 2014-03-27 22:14 -------- d-----w- c:\program files (x86)\Security Task Manager
2014-03-27 18:00 . 2014-03-27 18:00 -------- d-----w- c:\users\Max\AppData\Roaming\Malwarebytes
2014-03-27 18:00 . 2014-03-27 18:00 -------- d-----w- c:\programdata\Malwarebytes
2014-03-27 18:00 . 2014-03-27 18:00 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-03-27 18:00 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-03-14 16:07 . 2014-03-14 16:07 -------- d-----w- c:\users\Max\AppData\Roaming\Awesomium
2014-03-14 09:12 . 2014-03-14 09:12 -------- d-----w- c:\programdata\Elder Scrolls Online
2014-03-13 13:07 . 2014-03-13 13:07 -------- d-----w- c:\users\Max\AppData\Local\Skype
2014-03-13 13:07 . 2014-03-13 13:07 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-03-12 14:08 . 2014-03-14 09:54 -------- d-----w- c:\program files (x86)\Zenimax Online
2014-03-12 13:22 . 2014-02-07 01:23 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-03-12 13:22 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-12 13:22 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-03-12 13:22 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-03-12 13:22 . 2014-01-29 02:32 484864 ----a-w- c:\windows\system32\wer.dll
2014-03-12 13:22 . 2014-01-29 02:06 381440 ----a-w- c:\windows\SysWow64\wer.dll
2014-03-12 13:22 . 2014-01-28 02:32 228864 ----a-w- c:\windows\system32\wwansvc.dll
2014-03-12 13:22 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-03-11 18:55 . 2014-03-04 11:32 599840 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-03-08 13:49 . 2014-03-23 17:16 -------- d-----w- c:\users\Max\AppData\Roaming\IrfanView
2014-03-08 13:14 . 2014-03-08 13:15 -------- d-----w- c:\program files (x86)\MSI Afterburner
2014-03-08 11:58 . 2014-03-08 11:58 -------- d-----w- c:\program files (x86)\directx
2014-03-08 11:53 . 2014-03-08 11:53 -------- d-----w- c:\program files (x86)\TDK
2014-03-06 14:33 . 2014-03-06 14:33 -------- d-----w- c:\users\Max\AppData\Roaming\steamvr
2014-03-03 17:20 . 2014-03-03 17:20 -------- d-----w- c:\program files (x86)\Common Files\Adobe Systems Shared
2014-03-03 17:13 . 2014-03-03 17:13 -------- d-----w- c:\program files (x86)\uCertify
2014-03-03 17:10 . 2014-03-03 17:10 -------- d-----w- C:\PS_CS2_Gr_NonRet
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-18 02:00 . 2012-02-19 07:33 90015360 ----a-w- c:\windows\system32\MRT.exe
2014-03-12 19:08 . 2012-07-02 14:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-12 19:08 . 2011-09-15 10:50 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-04 14:35 . 2013-12-15 15:51 9728064 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-03-04 14:35 . 2013-07-18 19:28 15783992 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-03-04 14:35 . 2013-07-18 18:12 18302384 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-03-04 14:35 . 2013-07-18 18:12 14709720 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-03-04 14:35 . 2013-07-15 11:47 947808 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-03-04 14:35 . 2013-07-15 11:47 2715264 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-03-04 14:35 . 2011-09-15 10:35 3093280 ----a-w- c:\windows\system32\nvapi64.dll
2014-03-04 13:06 . 2011-03-30 08:45 6714312 ----a-w- c:\windows\system32\nvcpl.dll
2014-03-04 13:06 . 2011-03-30 08:44 3497816 ----a-w- c:\windows\system32\nvsvc64.dll
2014-03-04 13:05 . 2011-03-30 08:45 922968 ----a-w- c:\windows\system32\nvvsvc.exe
2014-03-04 13:05 . 2011-03-30 08:45 64968 ----a-w- c:\windows\system32\nvshext.dll
2014-03-04 13:05 . 2011-03-30 08:45 2558808 ----a-w- c:\windows\system32\nvsvcr.dll
2014-03-04 13:05 . 2011-03-30 08:45 386336 ----a-w- c:\windows\system32\nvmctray.dll
2014-03-04 13:05 . 2013-07-15 11:48 3649185 ----a-w- c:\windows\system32\nvcoproc.bin
2014-02-27 10:32 . 2014-01-26 19:44 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-02-27 10:32 . 2013-10-26 06:55 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-01-26 19:44 . 2014-01-26 19:44 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-01-26 19:44 . 2014-01-26 19:44 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-01-21 02:54 . 2013-10-29 18:25 1048152 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-01-21 02:54 . 2013-10-29 18:25 1179576 ----a-w- c:\windows\system32\nvspcap64.dll
2014-01-16 02:23 . 2014-01-16 02:23 0 ----a-w- c:\windows\SysWow64\sho2C0E.tmp
2014-01-15 23:13 . 2014-02-12 20:35 1885472 ----a-w- c:\windows\system32\nvdispco6433467.dll
2014-01-15 23:13 . 2014-02-12 20:35 1515296 ----a-w- c:\windows\system32\nvdispgenco6433467.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"puush"="c:\program files (x86)\puush\puush.exe" [2014-02-26 567880]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [2013-10-10 356128]
.
c:\users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"RequireSignedAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DokanMounter;DokanMounter;c:\program files (x86)\Dokan\DokanLibrary\mounter.exe;c:\program files (x86)\Dokan\DokanLibrary\mounter.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ArcService;Arc Service;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe [x]
R3 AVEO;STARTEC UVC Driver;c:\windows\system32\DRIVERS\AVEOdcnt.sys;c:\windows\SYSNATIVE\DRIVERS\AVEOdcnt.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys;c:\windows\SYSNATIVE\drivers\pmxdrv.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 RtlProt;RtlProt;c:\windows\System32\Drivers\RtlProt.sys;c:\windows\SYSNATIVE\Drivers\RtlProt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0150;RsFx0150 Driver;c:\windows\system32\DRIVERS\RsFx0150.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0150.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 Dokan;Dokan;c:\windows\system32\drivers\dokan.sys;c:\windows\SYSNATIVE\drivers\dokan.sys [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [x]
S2 hasplms;Sentinel Local License Manager;c:\windows\system32\hasplms.exe -run;c:\windows\SYSNATIVE\hasplms.exe -run [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Win7 Driver;c:\windows\system32\DRIVERS\wg111v3.sys;c:\windows\SYSNATIVE\DRIVERS\wg111v3.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\AutorunsDisabled\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 17:39 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-03-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-02 19:08]
.
2014-03-28 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-252815299-2609012233-3364361215-1000Core.job
- c:\users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-10 15:29]
.
2014-03-29 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-252815299-2609012233-3364361215-1000UA.job
- c:\users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-10 15:29]
.
2014-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-18 17:34]
.
2014-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-18 17:34]
.
2014-03-27 c:\windows\Tasks\HPCeeScheduleForMax.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-03-25 21720]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Free YouTube to MP3 Converter - c:\users\Max\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Hinzufügen zu Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\kjfzlluk.default\
FF - prefs.js: network.proxy.type - 2
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-!{26647ca4-a2a7-4eac-8a72-761aa9141de7} - (no file)
Toolbar-!{3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - (no file)
Toolbar-!{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - (no file)
Toolbar-!{707db484-2428-402d-afb5-d85b387544c7} - (no file)
Toolbar-!{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
Toolbar-!{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
Toolbar-!{c840e246-6b95-475e-9bd7-caa1c7eca9f2} - (no file)
Toolbar-!{DFEFCDEE-CF1A-4FC8-89AF-189327213627} - (no file)
Toolbar-10 - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-!{26647ca4-a2a7-4eac-8a72-761aa9141de7} - (no file)
Toolbar-!{707db484-2428-402d-afb5-d85b387544c7} - (no file)
Toolbar-!{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
Toolbar-!{c840e246-6b95-475e-9bd7-caa1c7eca9f2} - (no file)
Toolbar-10 - (no file)
WebBrowser-{26647CA4-A2A7-4EAC-8A72-761AA9141DE7} - (no file)
WebBrowser-{474DCBF4-0DB1-4C6A-A014-1C2544E82698} - (no file)
WebBrowser-{707DB484-2428-402D-AFB5-D85B387544C7} - (no file)
WebBrowser-{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - (no file)
AddRemove-SimCity 3000 - c:\windows\IsUn0407.exe
AddRemove-Vangers - c:\windows\IsUn0407.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-252815299-2609012233-3364361215-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:79,49,96,a1,5c,2c,7e,db,71,66,98,63,d9,3f,c5,f0,88,03,81,43,93,aa,f5,
ed,9c,98,b8,7f,01,b2,d0,14,7f,9a,13,fc,f9,45,fe,99,59,4f,25,b7,aa,51,eb,4c,\
"??"=hex:d2,a9,5a,15,2d,00,66,06,5b,ab,00,a7,72,bf,fc,48
.
[HKEY_USERS\S-1-5-21-252815299-2609012233-3364361215-1000\Software\SecuROM\License information*]
"datasecu"=hex:dc,cd,37,fe,e2,9b,97,69,a6,81,88,f6,6f,a6,bf,0f,82,c8,b4,be,b0,
55,88,1f,9a,30,3f,a9,f3,76,e2,f6,6c,db,29,91,3d,2c,d1,49,3f,51,2e,c0,39,76,\
"rkeysecu"=hex:b5,f4,76,65,a8,5c,b7,74,44,71,03,2e,77,f3,68,7d
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-03-29 11:44:20
ComboFix-quarantined-files.txt 2014-03-29 10:44
.
Vor Suchlauf: 30 Verzeichnis(se), 260.978.089.984 Bytes frei
Nach Suchlauf: 40 Verzeichnis(se), 264.345.997.312 Bytes frei
.
- - End Of File - - 5CF7FEFDA765E8DEC6391B4FC2A6B5C6
|
|
30.03.2014, 07:08
| #6 |
| /// the machine /// TB-Ausbilder | Windows 7 | Tab/Fensterwechsel, nach 10sek kurzer Freeze Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Windows 7 | Tab/Fensterwechsel, nach 10sek kurzer Freeze |
|
30.03.2014, 09:53
| #7 |
| | Windows 7 | Tab/Fensterwechsel, nach 10sek kurzer Freeze Danke für die Anweisungen. Hier das AdwCleaner Log: Code:
ATTFilter # AdwCleaner v3.022 - Bericht erstellt am 30/03/2014 um 10:02:55
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Max - SUPERNOVA
# Gestartet von : C:\Users\Max\Desktop\adwcleaner (1).exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gelöscht : C:\Users\Max\AppData\Local\Temp\Uninstall.exe
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Mozilla Firefox v15.0.1 (de)
[ Datei : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\kjfzlluk.default\prefs.js ]
-\\ Google Chrome v33.0.1750.154
[ Datei : C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [20189 octets] - [28/03/2014 01:08:52]
AdwCleaner[R1].txt - [1115 octets] - [30/03/2014 09:57:32]
AdwCleaner[S0].txt - [18063 octets] - [28/03/2014 01:11:02]
AdwCleaner[S1].txt - [1037 octets] - [30/03/2014 10:02:55]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1097 octets] ##########
MABM-Log: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 30.03.2014 Suchlauf-Zeit: 10:34:09 Logdatei: MalwarebyitesLog1.txt Administrator: Ja Version: 2.00.0.1000 Malware Datenbank: v2014.03.30.02 Rootkit Datenbank: v2014.03.27.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Max Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 293842 Verstrichene Zeit: 19 Min, 23 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Shuriken: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 2 PUP.Optional.Iminent.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, In Quarantäne, [c7395aa623dd07f9dcb268ff8d7502fe], PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, In Quarantäne, [21df9070fd038e72807ba4dfe61d6b95], Registrierungswerte: 1 PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, In Quarantäne, [21df9070fd038e72807ba4dfe61d6b95], Registrierungsdaten: 0 (No malicious items detected) Ordner: 18 PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\de-DE, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\el-GR, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\es-ES, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\fr-FR, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\it-IT, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ja-JP, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\nl-NL, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pl-PL, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pt-BR, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pt-PT, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ru-RU, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\tr-TR, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHS, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHT, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\Themes, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], Dateien: 310 PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.AVConverter.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.DVSiTunes.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.DVSVideoDownloader.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.iTunes.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.MediaTagsEditor.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.PresetEditor.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.Presets.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.Resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.RockIdHelper.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.TaskbarManager.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.VideoFileToIPOD.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.xml, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3ConverterProfile.xml, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3ConverterProfileD.xml, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\taglib-sharp.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.dat, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.exe, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\de-DE\DVDVideoSoft.AppFx.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\de-DE\DVDVideoSoft.DialogForms.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\de-DE\DVDVideoSoft.PresetEditor.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\de-DE\DVDVideoSoft.Resources.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\de-DE\FreeYouTubeToMP3Converter.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\el-GR\DVDVideoSoft.AppFx.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\el-GR\DVDVideoSoft.DialogForms.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\el-GR\DVDVideoSoft.PresetEditor.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\el-GR\DVDVideoSoft.Resources.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\el-GR\FreeYouTubeToMP3Converter.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\es-ES\DVDVideoSoft.AppFx.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\es-ES\DVDVideoSoft.DialogForms.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\es-ES\DVDVideoSoft.PresetEditor.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\es-ES\DVDVideoSoft.Resources.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\es-ES\FreeYouTubeToMP3Converter.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\fr-FR\DVDVideoSoft.AppFx.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\fr-FR\DVDVideoSoft.DialogForms.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\fr-FR\DVDVideoSoft.PresetEditor.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\fr-FR\DVDVideoSoft.Resources.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\fr-FR\FreeYouTubeToMP3Converter.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\it-IT\DVDVideoSoft.AppFx.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\it-IT\DVDVideoSoft.DialogForms.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\it-IT\DVDVideoSoft.PresetEditor.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\it-IT\DVDVideoSoft.Resources.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\it-IT\FreeYouTubeToMP3Converter.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ja-JP\DVDVideoSoft.AppFx.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ja-JP\DVDVideoSoft.DialogForms.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ja-JP\DVDVideoSoft.PresetEditor.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ja-JP\DVDVideoSoft.Resources.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ja-JP\FreeYouTubeToMP3Converter.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\nl-NL\DVDVideoSoft.AppFx.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\nl-NL\DVDVideoSoft.DialogForms.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\nl-NL\DVDVideoSoft.PresetEditor.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\nl-NL\DVDVideoSoft.Resources.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\nl-NL\FreeYouTubeToMP3Converter.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pl-PL\DVDVideoSoft.AppFx.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pl-PL\DVDVideoSoft.DialogForms.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pl-PL\DVDVideoSoft.PresetEditor.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pl-PL\DVDVideoSoft.Resources.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pl-PL\FreeYouTubeToMP3Converter.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pt-BR\DVDVideoSoft.AppFx.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pt-BR\DVDVideoSoft.DialogForms.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pt-BR\DVDVideoSoft.PresetEditor.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pt-BR\DVDVideoSoft.Resources.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pt-BR\FreeYouTubeToMP3Converter.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pt-PT\DVDVideoSoft.AppFx.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pt-PT\DVDVideoSoft.DialogForms.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pt-PT\DVDVideoSoft.PresetEditor.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pt-PT\DVDVideoSoft.Resources.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pt-PT\FreeYouTubeToMP3Converter.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ru-RU\DVDVideoSoft.AppFx.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ru-RU\DVDVideoSoft.DialogForms.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ru-RU\DVDVideoSoft.PresetEditor.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ru-RU\DVDVideoSoft.Resources.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ru-RU\FreeYouTubeToMP3Converter.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\tr-TR\DVDVideoSoft.AppFx.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\tr-TR\DVDVideoSoft.DialogForms.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\tr-TR\DVDVideoSoft.PresetEditor.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\tr-TR\DVDVideoSoft.Resources.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\tr-TR\FreeYouTubeToMP3Converter.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHS\DVDVideoSoft.AppFx.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHS\DVDVideoSoft.DialogForms.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHS\DVDVideoSoft.PresetEditor.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHS\DVDVideoSoft.Resources.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHS\FreeYouTubeToMP3Converter.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHT\DVDVideoSoft.AppFx.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHT\DVDVideoSoft.DialogForms.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHT\DVDVideoSoft.PresetEditor.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHT\DVDVideoSoft.Resources.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHT\FreeYouTubeToMP3Converter.resources.dll, In Quarantäne, [ad53847c12ee00003e4cbc9be51ddb25], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\FreeYouTubeToMP3ConverterProfile.xml, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Also Sprach Zarathustra, Op. 30 - Strauss(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Also Sprach Zarathustra, Op. 30 - Strauss(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Avengers NICE synchro von Coldmirror(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Avengers NICE synchro von Coldmirror(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Black Sun Empire - Hyper Sun(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Black Sun Empire - Hyper Sun(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Cypress Hill - Insane in the Membrane(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Cypress Hill - Insane in the Membrane(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Defiant - Powerful Effect(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Defiant - Powerful Effect(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Droideka - Clan War(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Droideka - Clan War(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Droideka - Ghetto Funk(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Knife Party - Fire Hive (Krewella Remix) [Dubstep](1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Knife Party - Fire Hive (Krewella Remix) [Dubstep](2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Knife Party - Fire Hive(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Knife Party - Fire Hive(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Knife Party - Fire Hive(3).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Knife Party - Fire Hive(4).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Metrik - Freefall (Ft. Reija Lee)(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Metrik - Freefall (Ft. Reija Lee)(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Metrik - Zero Gravity(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Metrik - Zero Gravity(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Miss Marple Theme(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Miss Marple Theme(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Netsky - Everyday(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Netsky - Everyday(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Netsky - Memory Lane(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Netsky - Memory Lane(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Netsky - Prisma(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Novexus - Dark Mystery(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Novexus - Dark Mystery(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Oomph! - No Heart no Pain(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Oomph! - No Heart no Pain(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\OOMPH!! - Der Neue Gott(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\OOMPH!! - Der Neue Gott(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Painkiller - Freestylers ft. Pendulum (Noisia Remix)(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Painkiller - Freestylers ft. Pendulum (Noisia Remix)(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Painkiller - Moonlight(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Pendulum - Another Planet(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Pendulum - Another Planet(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Pendulum - Crush(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Pendulum - Crush(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Droideka - Ghetto Funk(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Out Of The Dark(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Tout est Perplexe (Theme Q)(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Feindflug - Selbstsucht(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Knife Party - 'LRAD' - OUT NOW(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Netsky - Prisma(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Painkiller - Moonlight(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Pendulum - Distress Signal(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\pendulum fasten your seatbelts(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Amerika Limited Edition HQ(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Donaukinder (HQ)(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Ich Tu Dir Weh HQ(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Mein Herz Brennt Limited Edition HQ(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Wiener Blut(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Richard Wagner Götterdämmerung Siegfrieds Rheinfahrt _ Rhine Journey _ Classical Music(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Skillet- Hero (lyrics)(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Ich Tu Dir Weh HQ(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Ich Will(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Ich Will(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Keine Lust Limited Edition HQ(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Keine Lust Limited Edition HQ(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Küss Mich HQ(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Küss Mich HQ(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Links 2 3 4 Official Video(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Links 2 3 4 Official Video(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Los Limited Edition HQ(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Los Limited Edition HQ(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Mann gegen Mann ( +lyrics)(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Mann gegen Mann ( +lyrics)(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Mein Herz Brennt Limited Edition HQ(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Zerstören(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Zerstören(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Zwitter(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Zwitter(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein Klavier(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein Klavier(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Reporter leben Gefährlich(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Reporter leben Gefährlich(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Trust(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Trust(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\evangelion soundtrack 2.0( The Final Decision We All Must Take ).avi(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\evangelion soundtrack 2.0( The Final Decision We All Must Take ).avi(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Far Cry 3 Soundtrack - Make it Bun Dem (Drug field song) [HQ](1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Far Cry 3 Soundtrack - Make it Bun Dem (Drug field song) [HQ](2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Pendulum - Distress Signal(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Pendulum - Spiral [HD](1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Pendulum - Spiral [HD](2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\pendulum - the vulture(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\pendulum - the vulture(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Pendulum - Toxic Shock [HD](1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Pendulum - Toxic Shock [HD](2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Amerika Limited Edition HQ(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Benzin HQ(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Benzin HQ(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Bestrafe Mich HQ(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Bestrafe Mich HQ(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Bück Dich HQ(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Bück Dich HQ(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Bückstabü(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Bückstabü(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Dalai Lama HQ(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Dalai Lama HQ(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Der meister [HQ] English lyrics(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Der meister [HQ] English lyrics(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\pendulum fasten your seatbelts(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\pendulum_ girl in the fire(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\pendulum_ girl in the fire(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\pendulum_ the terminal(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\pendulum_ the terminal(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\pendulum_ through the loop(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\pendulum_ through the loop(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Skillet - Monster official video(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Skillet - Monster official video(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Skillet - Rebirthing (Official Music Video HD) Lyrics, Subtitulado(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Skillet - Rebirthing (Official Music Video HD) Lyrics, Subtitulado(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Skillet - Whispers In The Dark [HQ](1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Skillet - Whispers In The Dark [HQ](2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Rammlied HQ(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Rammlied HQ(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Rosenrot [HQ] [HD](1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Rosenrot [HQ] [HD](2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Rosenrot(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Rosenrot(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Sehnsucht HQ(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Sehnsucht HQ(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Sonne (Official Video)(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Sonne (Official Video)(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Spiel Mit Mir HQ(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Spiel Mit Mir HQ(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Tier HQ(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Tier HQ(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Wiener Blut(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Droideka - Human Error(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Droideka - Human Error(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Drowning Pool - Sermon(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Drowning Pool - Sermon(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Dubstep _ ByeByeCopyright - Droideka - Fire(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Dubstep _ ByeByeCopyright - Droideka - Fire(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Ernst Krenek_ Concerto Grosso n.2 op.25 (1924)(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Ernst Krenek_ Concerto Grosso n.2 op.25 (1924)(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Ernst Krenek_ String Quartet No.4 Op.24 (1923)(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Ernst Krenek_ String Quartet No.4 Op.24 (1923)(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Ernst Krenek_ Symphonie fur blasinstrumente und Schlagwerk op.34 (1924_25)(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Ernst Krenek_ Symphonie fur blasinstrumente und Schlagwerk op.34 (1924_25)(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Betrayal(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Betrayal(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Dark Defender(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Dark Defender(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Gods Gift(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Gods Gift(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Gods Message(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Gods Message(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - It will mean Victory(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - It will mean Victory(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - L'Apotre de la Lune (orchestre cordes)(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - L'Apotre de la Lune (orchestre cordes)(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - L'Apotre de la Lune(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - L'Apotre de la Lune(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Out Of The Dark(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Donaukinder (HQ)(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Du Hast HQ(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Du Hast HQ(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Du Riechst So Gut Deluxe Edition HQ(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Du Riechst So Gut Deluxe Edition HQ(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Eifersucht HQ(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Eifersucht HQ(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Engel HQ(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Engel HQ(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Feuer Frei ! Limited Edition HQ(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Feuer Frei ! Limited Edition HQ(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Haifisch HQ(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Haifisch HQ(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Skillet- Hero (lyrics)(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Speed Painting. Ferdinand. RanZar. Ð*андомнÑ?е Ð?аÑ?иÑовки.(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Speed Painting. Ferdinand. RanZar. Ð*андомнÑ?е Ð?аÑ?иÑовки.(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\sweet dreams(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\sweet dreams(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\This is how we do it - Montell Jordan with lyrics(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\This is how we do it - Montell Jordan with lyrics(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\VANGELIS - Conquest of Paradise.HD(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\VANGELIS - Conquest of Paradise.HD(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\ã?±ã?´ã?¡ã?³ã?²ã?ªã?²ã?³æ?°å??å*´ç??ï¼?ç*´ã??ã?µã?³ã??ã?©ã??20 Sin From Genesis(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\ã?±ã?´ã?¡ã?³ã?²ã?ªã?²ã?³æ?°å??å*´ç??ï¼?ç*´ã??ã?µã?³ã??ã?©ã??20 Sin From Genesis(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\ã?±ã?´ã?¡ã?³ã?²ã?ªã?²ã?³æ?°å??å*´ç??ï¼?ç*´ã??ã?µã?³ã??ã?©ã??5ã??Destiny(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\ã?±ã?´ã?¡ã?³ã?²ã?ªã?²ã?³æ?°å??å*´ç??ï¼?ç*´ã??ã?µã?³ã??ã?©ã??5ã??Destiny(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Feindflug - Selbstsucht(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Feindflug - Wintergedanken [Spekulatius Mix](1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Feindflug - Wintergedanken [Spekulatius Mix](2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\History.xml, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Knife Party - 'LRAD' - OUT NOW(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Alter Mann HQ(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Rammstein - Alter Mann HQ(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Peaceful Times (choeur)(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Peaceful Times (choeur)(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Quatre Mains(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Quatre Mains(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Qui veut fair l'ange fait la bete(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Qui veut fair l'ange fait la bete(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Return to Ash(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Return to Ash(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Scarred and Battled(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Scarred and Battled(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - The Anthem(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - The Anthem(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - The Ultimate Soldier(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - The Ultimate Soldier(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - The Wrath of God in All its Fury(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - The Wrath of God in All its Fury(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Evangelion 3.0 OST - Tout est Perplexe (Theme Q)(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Richard Wagner Götterdämmerung Siegfrieds Rheinfahrt _ Rhine Journey _ Classical Music(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Schulhoff - 5 Etudes de Jazz(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Schulhoff - 5 Etudes de Jazz(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Schulhoff - Fünf Pittoresken(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Schulhoff - Fünf Pittoresken(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\SIMPLY RED - STARS(1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\SIMPLY RED - STARS(2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Simply Red - Sunrise [HD](1).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], PUP.Optional.DVDVideoSoft.A, C:\Users\Max\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Simply Red - Sunrise [HD](2).png, In Quarantäne, [a35dfb058a76768a503c0354bf43847c], Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x64
Ran by Max on 30.03.2014 at 10:38:17,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-252815299-2609012233-3364361215-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\appshat-distribution_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\appshat-distribution_rasmancs
Successfully deleted: [Registry Key] HKEY_USERS\.DEFAULT\Software\bProtector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{71B15D21-1CAB-4589-9EED-99B186FEF4FF}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{753E1201-5CEA-41AD-88EA-DD3D2E810D7D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BC6950A-1E45-43B5-B296-14D031C2FF0B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FAD9379F-F361-4ADB-B5B8-311DFEC6BB94}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{71B15D21-1CAB-4589-9EED-99B186FEF4FF}
~~~ Files
Successfully deleted: [File] C:\Windows\syswow64\sho18DE.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho2AB7.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho2C0E.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho35F6.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho3D19.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho3F8B.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho4598.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho6164.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho62C8.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho81CC.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho9C5B.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA668.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB8D7.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoDF.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoE7EB.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoEDD7.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoF7C8.tmp
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Max\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\Max\AppData\Roaming\sweetpacks"
Successfully deleted: [Folder] "C:\Users\Max\appdata\local\appshat mobile apps"
Successfully deleted: [Folder] "C:\Users\Max\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Max\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Program Files (x86)\sprotector"
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{08BEBE70-D394-404B-80B5-5544C47ED2F8}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{0C619ECF-4EF4-4F44-83A7-71797D21DC2F}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{322B0AFB-D505-4B7A-9739-F4D0BBF92C47}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{4265880A-B7F8-4CAC-A078-F66BEDE29390}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{4413FE6A-9E97-42F9-A13C-D47E64B5D5EE}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{581A0FC3-10C1-48C2-863F-BEA16E225D36}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{7FD81FE0-1FA5-40CA-B593-018D01695A08}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{8768ACA3-FDC6-4E92-B804-BD626AC712C9}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{87EBD95C-17A4-46C8-9240-A073EC68FCD2}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{89CC52FB-ADDF-4838-A840-F691F97F1FEA}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{B49BC537-5556-465F-8129-37D81E6DFE89}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{FAC9F114-4E1C-4369-9DB6-E00183653B16}
~~~ FireFox
Emptied folder: C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\kjfzlluk.default\minidumps [11 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.03.2014 at 10:44:20,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
30.03.2014, 09:54
| #8 |
| | Windows 7 | Tab/Fensterwechsel, nach 10sek kurzer Freeze FRST-Log: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by Max (administrator) on SUPERNOVA on 30-03-2014 10:46:54 Running from C:\Users\Max\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe (HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe () C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe (SafeNet Inc.) C:\Windows\system32\hasplms.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe () C:\Program Files (x86)\puush\puush.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Microsoft Corporation) c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Windows\System32\alg.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Wargaming.net) C:\Games\World_of_Tanks\WorldOfTanks.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows NT\Accessories\WORDPAD.EXE (Microsoft Corporation) C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ==================== Registry (Whitelisted) ================== HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] - "C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe" "C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware " [54072 2014-03-05] (Malwarebytes Corporation) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-252815299-2609012233-3364361215-1000\...\Run: [puush] - C:\Program Files (x86)\puush\puush.exe [567880 2014-02-27] () HKU\S-1-5-21-252815299-2609012233-3364361215-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-252815299-2609012233-3364361215-1000\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-252815299-2609012233-3364361215-1000\...\Policies\system: [DisableChangePassword] 0 Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch URLSearchHook: HKLM-x32 - Default Value = {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {71B15D21-1CAB-4589-9EED-99B186FEF4FF} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKCU - {42D7884D-418B-496B-8C5E-FE39C4AF6E01} URL = hxxp://de.search.yahoo.com/search?ei=utf-8&fr=chr-greentree_ie&type=827316&ilc=12&p={searchTerms} SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc) BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) Toolbar: HKLM - No Name - !{DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No File Toolbar: HKLM-x32 - No Name - !{26647ca4-a2a7-4eac-8a72-761aa9141de7} - No File Toolbar: HKLM-x32 - No Name - !{3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - No File Toolbar: HKLM-x32 - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - No File Toolbar: HKLM-x32 - No Name - !{707db484-2428-402d-afb5-d85b387544c7} - No File Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File Toolbar: HKLM-x32 - No Name - !{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No File Toolbar: HKLM-x32 - No Name - !{c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File Toolbar: HKLM-x32 - No Name - !{DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No File Toolbar: HKLM-x32 - No Name - !{DFEFCDEE-CF1A-4FC8-89AF-189327213627} - No File Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKCU - No Name - {26647CA4-A2A7-4EAC-8A72-761AA9141DE7} - No File Toolbar: HKCU - No Name - {474DCBF4-0DB1-4C6A-A014-1C2544E82698} - No File Toolbar: HKCU - No Name - {707DB484-2428-402D-AFB5-D85B387544C7} - No File Toolbar: HKCU - No Name - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No File Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-09-15] (EasyBits Software Corp.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\kjfzlluk.default FF NetworkProxy: "type", 2 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll () FF Plugin: @java.com/DTPlugin,version=10.2.1 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.2.1 - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Max\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\kjfzlluk.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-25] FF Extension: Adblock Plus - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\kjfzlluk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-06-18] FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2012-05-08] FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2012-05-08] FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2012-09-19] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-03-03] FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-05-10] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-05-10] FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-05-10] FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-05-10] FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-05-10] Chrome: ======= CHR HomePage: hxxp://www.google.com CHR Extension: (ProxTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2012-08-25] CHR Extension: (Max - Tom) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\afojndljdhnnonodcgbpkadmmmenpalp [2014-01-31] CHR Extension: (Angry Birds) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-10-19] CHR Extension: (Google Drive) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-10] CHR Extension: (YouTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-10] CHR Extension: (Umineko No Naku Koro Ni) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\cenhmdbdlikfoghldekhnfgkmdffojdk [2013-09-23] CHR Extension: (Google Search) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-10] CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-03-26] CHR Extension: (AdBlock) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-09-24] CHR Extension: (Dragon - Max) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkhngagbpeeckkcchocjacbginlafhne [2013-08-08] CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-03-26] CHR Extension: (Konochan) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoomppjijcipepcjaeeboagogoajocjh [2013-09-23] CHR Extension: (Virtuelle Tastatur) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-03-26] CHR Extension: (Website Logon) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe [2014-03-26] CHR Extension: (Skype Click to Call) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-16] CHR Extension: (DvdVideoSoft Free Youtube Download) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2014-03-26] CHR Extension: (Google Wallet) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (Mein Chrome-Design) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2013-07-14] CHR Extension: (Max - Rammstein (1)) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogleioplphbkikodongmejkafhakhbeh [2014-02-12] CHR Extension: (Gmail) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-10] CHR Extension: (Anti-Banner) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-03-26] CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Max\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-09-30] CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-08-18] CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-08-18] CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-08-18] CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-08-18] CHR HKLM-x32\...\Chrome\Extension: [jpgfhihjicjofdejkbjgnjlaglaciobe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-06-03] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03] CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-08-18] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-03-03] (Adobe Systems) S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-01-24] (Perfect World Entertainment Inc) R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation) R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] () R2 hasplms; C:\Windows\system32\hasplms.exe [4889032 2011-12-30] (SafeNet Inc.) R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [61916000 2011-04-24] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-26] () R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [123664 2012-08-25] (SANDBOXIE L.T.D) S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [428384 2011-04-24] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) U0 auxtos; C:\Windows\System32\drivers\garx.sys [79064 2014-03-30] (Malwarebytes Corporation) S3 AVEO; C:\Windows\System32\DRIVERS\AVEOdcnt.sys [305920 2011-10-24] (AVEO) R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-11] (Kaspersky Lab ZAO) U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-05-11] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-10] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-11] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-19] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-05-11] (Kaspersky Lab ZAO) R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512 2014-03-30] (Malwarebytes Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-09-15] () S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [70400 2004-04-08] (Protection Technology) S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202632 2012-08-25] (SANDBOXIE L.T.D) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [X] S3 RtlProt; \??\C:\Windows\System32\Drivers\RtlProt.sys [X] S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-30 10:44 - 2014-03-30 10:44 - 00004715 _____ () C:\Users\Max\Desktop\JRT.txt 2014-03-30 10:34 - 2014-03-30 10:34 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\garx.sys 2014-03-30 10:13 - 2014-03-30 10:14 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-03-30 10:13 - 2014-03-30 10:13 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-03-30 10:13 - 2014-03-30 10:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-03-30 10:13 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-03-30 10:13 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-03-30 10:12 - 2014-03-30 10:12 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Max\Downloads\mbam-setup-2.0.0.1000.exe 2014-03-30 10:12 - 2014-03-30 10:12 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Max\Desktop\mbam-setup-2.0.0.1000.exe 2014-03-30 10:05 - 2014-03-30 10:05 - 00135552 _____ () C:\Users\Max\AppData\Local\GDIPFONTCACHEV1.DAT 2014-03-30 10:04 - 2014-03-30 10:05 - 00000168 _____ () C:\Windows\setupact.log 2014-03-30 10:04 - 2014-03-30 10:04 - 00000000 _____ () C:\Windows\setuperr.log 2014-03-30 10:03 - 2014-03-30 10:06 - 05140176 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-03-30 09:56 - 2014-03-30 09:54 - 01038974 _____ (Thisisu) C:\Users\Max\Desktop\JRT.exe 2014-03-30 09:55 - 2014-03-30 09:54 - 01950720 _____ () C:\Users\Max\Desktop\adwcleaner (1).exe 2014-03-30 09:54 - 2014-03-30 09:54 - 01950720 _____ () C:\Users\Max\Downloads\adwcleaner (1).exe 2014-03-30 09:54 - 2014-03-30 09:54 - 01038974 _____ (Thisisu) C:\Users\Max\Downloads\JRT.exe 2014-03-29 22:52 - 2014-03-29 22:52 - 00014012 _____ () C:\Users\Max\Documents\cc_20140329_215214.reg 2014-03-29 22:52 - 2014-03-29 22:52 - 00004566 _____ () C:\Users\Max\Documents\cc_20140329_215230.reg 2014-03-29 22:03 - 2014-03-29 22:03 - 00000000 ____D () C:\ProgramData\PDFC 2014-03-29 17:44 - 2014-03-29 17:44 - 00000308 _____ () C:\Users\Max\Documents\cc_20140329_164429.reg 2014-03-29 17:39 - 2014-03-29 17:39 - 00015762 _____ () C:\Users\Max\Documents\cc_20140329_163904.reg 2014-03-29 12:44 - 2014-03-29 12:44 - 00026228 _____ () C:\ComboFix.txt 2014-03-29 12:22 - 2014-03-29 12:45 - 00000000 ____D () C:\Qoobox 2014-03-29 12:22 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-03-29 12:22 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-03-29 12:22 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-03-29 12:22 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-03-29 12:22 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-03-29 12:22 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-03-29 12:22 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-03-29 12:22 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-03-29 12:21 - 2014-03-29 12:41 - 00000000 ____D () C:\Windows\erdnt 2014-03-29 12:20 - 2014-03-29 12:20 - 05192353 ____R (Swearware) C:\Users\Max\Downloads\ComboFix.exe 2014-03-29 04:00 - 2013-12-21 11:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-03-29 04:00 - 2013-12-21 10:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-03-29 01:16 - 2014-03-29 01:59 - 00911316 _____ () C:\Users\Max\Desktop\T59-16 HUGE amount of Luck.wotreplay 2014-03-29 01:04 - 2014-03-29 01:04 - 14851176 _____ (diclovit ) C:\Users\Max\Downloads\dmp_1.10.6_setup.exe 2014-03-29 00:40 - 2014-03-29 00:40 - 00000771 _____ () C:\Users\Public\Desktop\World of Tanks.lnk 2014-03-29 00:28 - 2014-03-29 00:28 - 00000000 ____D () C:\Users\Max\Desktop\WoT_0.8.11_eu_install 2014-03-29 00:24 - 2014-03-29 00:21 - 2419305860 _____ () C:\Users\Max\Desktop\WoT_0.8.11_eu_install.zip 2014-03-28 21:23 - 2014-03-28 21:20 - 72500829 _____ () C:\Users\Max\Desktop\HRMOD20Gun20Sounds20v1.8621.rar 2014-03-28 21:22 - 2014-03-29 00:21 - 2419305860 _____ () C:\Users\Max\Downloads\WoT_0.8.11_eu_install.zip 2014-03-28 21:18 - 2014-03-28 21:20 - 72500829 _____ () C:\Users\Max\Downloads\HRMOD20Gun20Sounds20v1.8621.rar 2014-03-28 14:59 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-28 14:59 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-28 14:59 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-03-28 14:59 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-03-28 14:59 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-03-28 14:59 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-03-28 14:59 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-03-28 14:59 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-03-28 14:59 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-03-28 14:59 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-03-28 14:59 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-03-28 14:59 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-03-28 14:59 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-03-28 14:59 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-03-28 14:59 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-03-28 14:59 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-03-28 14:59 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-03-28 14:59 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-03-28 14:59 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-03-28 14:59 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-03-28 14:59 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-03-28 14:59 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-03-28 14:59 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-03-28 14:59 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-03-28 14:59 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-03-28 14:59 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-03-28 14:59 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-03-28 14:59 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-03-28 14:59 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-03-28 14:59 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-03-28 14:59 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-03-28 14:59 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-03-28 14:59 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-03-28 14:59 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-03-28 14:59 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-03-28 14:59 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-03-28 14:59 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-03-28 14:59 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-03-28 14:59 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-03-28 14:59 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-03-28 13:57 - 2014-03-30 10:46 - 00025655 _____ () C:\Users\Max\Downloads\FRST.txt 2014-03-28 13:57 - 2014-03-30 10:46 - 00000000 ____D () C:\FRST 2014-03-28 13:57 - 2014-03-28 13:58 - 00058243 _____ () C:\Users\Max\Downloads\Addition.txt 2014-03-28 13:55 - 2014-03-28 13:55 - 02157056 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe 2014-03-28 12:24 - 2014-03-28 13:56 - 00000000 ____D () C:\Users\Max\Desktop\Ebay-Kleinanzeigen 2014-03-28 01:08 - 2014-03-30 10:03 - 00000000 ____D () C:\AdwCleaner 2014-03-28 01:08 - 2014-03-28 01:08 - 01950720 _____ () C:\Users\Max\Downloads\adwcleaner.exe 2014-03-28 01:02 - 2014-03-28 01:02 - 00001423 _____ () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-03-28 00:55 - 2013-10-14 19:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2014-03-28 00:53 - 2014-03-28 00:55 - 00001270 _____ () C:\Windows\system32\Commander David wollte ein 1vs1 und war als Techniker in ner Flotten Dreadnought Galaxy gegen meinen BoP immer kurz vor'm krepieren - lol - am Ende hatte ich nen Disconnect - schade - Commander David h..lnk 2014-03-28 00:52 - 2014-03-28 00:52 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2014-03-28 00:52 - 2014-03-28 00:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-03-28 00:52 - 2014-03-28 00:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-03-28 00:52 - 2014-03-28 00:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2014-03-28 00:52 - 2014-03-28 00:52 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-03-28 00:52 - 2014-03-28 00:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2014-03-28 00:52 - 2014-03-28 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-03-28 00:48 - 2014-03-28 00:48 - 00613200 _____ (Chip Digital GmbH) C:\Users\Max\Downloads\Internet Explorer 11 64 Bit - CHIP-Downloader.exe 2014-03-28 00:34 - 2014-03-28 00:34 - 00001224 _____ () C:\Users\Max\Documents\cc_20140327_233406.reg 2014-03-28 00:29 - 2014-03-28 00:29 - 00017648 _____ () C:\Users\Max\Documents\cc_20140327_232909.reg 2014-03-28 00:28 - 2014-03-28 00:28 - 00037148 _____ () C:\Users\Max\Documents\cc_20140327_232850.reg 2014-03-28 00:14 - 2014-03-28 00:30 - 00000000 ____D () C:\ProgramData\SecTaskMan 2014-03-28 00:14 - 2014-03-28 00:14 - 02365840 _____ () C:\Users\Max\Downloads\SecurityTaskManager_Setup.exe 2014-03-28 00:14 - 2014-03-28 00:14 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager 2014-03-27 20:00 - 2014-03-30 10:13 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Malwarebytes 2014-03-27 20:00 - 2014-03-30 10:13 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-03-27 20:00 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-03-27 19:56 - 2014-03-27 19:56 - 03098210 _____ () C:\Users\Max\Downloads\tweaking.com_windows_repair_aio.zip 2014-03-26 14:46 - 2014-03-26 14:47 - 27998329 _____ () C:\Users\Max\Downloads\WoT_7.5_Sounds.zip 2014-03-25 22:09 - 2014-03-25 22:09 - 03667522 _____ () C:\Users\Max\Documents\AutoRuns.arn 2014-03-25 22:04 - 2014-03-25 22:04 - 00550371 _____ () C:\Users\Max\Downloads\Autoruns.zip 2014-03-21 17:55 - 2014-03-21 17:57 - 68950680 _____ (SiSoftware ) C:\Users\Max\Downloads\san2021.exe 2014-03-18 16:23 - 2014-03-18 16:23 - 00249613 _____ () C:\Users\Max\Downloads\nvidiaInspector.zip 2014-03-14 18:07 - 2014-03-14 18:07 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Awesomium 2014-03-14 11:12 - 2014-03-14 11:12 - 00000000 ____D () C:\Users\Max\Documents\Elder Scrolls Online 2014-03-14 11:12 - 2014-03-14 11:12 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online 2014-03-13 15:07 - 2014-03-13 15:07 - 00000000 ____D () C:\Users\Max\AppData\Local\Skype 2014-03-12 16:08 - 2014-03-14 11:54 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online 2014-03-12 16:07 - 2014-03-12 16:08 - 55903624 _____ ( ) C:\Users\Max\Downloads\Install_ESO_Beta.exe 2014-03-12 15:22 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-03-12 15:22 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-03-12 15:22 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-03-12 15:22 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-03-12 15:22 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-03-12 15:22 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-03-12 15:22 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2014-03-12 15:22 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-03-11 20:58 - 2014-03-11 20:58 - 00821760 _____ (NVIDIA Corporation) C:\Users\Max\Downloads\NVIDIA SSAA.exe 2014-03-11 20:55 - 2014-03-04 13:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-03-11 20:51 - 2014-03-04 16:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-03-11 20:51 - 2014-03-04 16:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 00484296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 00409544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 00377688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-03-11 20:51 - 2014-03-04 16:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-03-10 21:47 - 2014-03-10 21:47 - 14325662 _____ (diclovit ) C:\Users\Max\Downloads\dmp_1.10.4_setup.exe 2014-03-10 17:36 - 2014-03-10 17:36 - 00613200 _____ (Chip Digital GmbH) C:\Users\Max\Downloads\GPU Z - CHIP-Downloader.exe 2014-03-08 15:49 - 2014-03-23 19:16 - 00000000 ____D () C:\Users\Max\AppData\Roaming\IrfanView 2014-03-08 15:48 - 2014-03-08 15:48 - 02179728 _____ (Irfan Skiljan) C:\Users\Max\Downloads\iview437g_setup.exe 2014-03-08 15:14 - 2014-03-08 15:15 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner 2014-03-08 15:14 - 2014-03-08 15:14 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner 2014-03-08 15:13 - 2014-03-08 15:13 - 22990573 _____ () C:\Users\Max\Downloads\MSIAfterburnerSetup231.zip 2014-03-08 15:12 - 2014-03-08 15:12 - 00613200 _____ (Chip Digital GmbH) C:\Users\Max\Downloads\MSI Afterburner - CHIP-Downloader.exe 2014-03-08 13:58 - 2014-03-08 13:58 - 00000000 ____D () C:\Program Files (x86)\directx 2014-03-08 13:53 - 2014-03-08 13:53 - 00000000 ____D () C:\Program Files (x86)\TDK 2014-03-06 16:33 - 2014-03-06 16:33 - 00000000 ____D () C:\Users\Max\AppData\Roaming\steamvr 2014-03-03 19:20 - 2014-03-03 19:20 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF 2014-03-03 19:13 - 2014-03-03 19:13 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uCertify 2014-03-03 19:13 - 2014-03-03 19:13 - 00000000 ____D () C:\Program Files (x86)\uCertify 2014-03-03 19:12 - 2014-03-03 19:12 - 00930952 _____ (CNET Download.com) C:\Users\Max\Downloads\cbsidlm-cbsi183-uCertify__9A0044_ADOBE_ACE_Photoshop_CS2-ORG-10715851.exe 2014-03-03 19:10 - 2014-03-03 19:10 - 00000000 ____D () C:\PS_CS2_Gr_NonRet 2014-03-03 17:50 - 2014-03-03 17:59 - 375232764 _____ (Adobe Systems Inc. ) C:\Users\Max\Downloads\PS_CS2_Gr_NonRet.exe ==================== One Month Modified Files and Folders ======= 2014-03-30 10:47 - 2014-03-28 13:57 - 00025655 _____ () C:\Users\Max\Downloads\FRST.txt 2014-03-30 10:46 - 2014-03-28 13:57 - 00000000 ____D () C:\FRST 2014-03-30 10:45 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-03-30 10:44 - 2014-03-30 10:44 - 00004715 _____ () C:\Users\Max\Desktop\JRT.txt 2014-03-30 10:38 - 2012-02-18 19:34 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-03-30 10:35 - 2012-01-03 22:59 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Skype 2014-03-30 10:34 - 2014-03-30 10:34 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\garx.sys 2014-03-30 10:34 - 2012-11-10 17:11 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-252815299-2609012233-3364361215-1000UA.job 2014-03-30 10:34 - 2012-06-30 00:11 - 00000000 ____D () C:\Windows\TopGun On Air 2014-03-30 10:34 - 2012-01-18 13:25 - 00000000 ____D () C:\Users\Max\AppData\Roaming\DVDVideoSoft 2014-03-30 10:34 - 2012-01-18 13:24 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft 2014-03-30 10:25 - 2013-05-10 23:47 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2014-03-30 10:14 - 2014-03-30 10:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-03-30 10:13 - 2014-03-30 10:13 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-03-30 10:13 - 2014-03-30 10:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-03-30 10:13 - 2014-03-27 20:00 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Malwarebytes 2014-03-30 10:13 - 2014-03-27 20:00 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-03-30 10:13 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-03-30 10:13 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-03-30 10:12 - 2014-03-30 10:12 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Max\Downloads\mbam-setup-2.0.0.1000.exe 2014-03-30 10:12 - 2014-03-30 10:12 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Max\Desktop\mbam-setup-2.0.0.1000.exe 2014-03-30 10:11 - 2011-09-15 12:26 - 00766040 _____ () C:\Windows\system32\perfh007.dat 2014-03-30 10:11 - 2011-09-15 12:26 - 00175012 _____ () C:\Windows\system32\perfc007.dat 2014-03-30 10:11 - 2009-07-14 07:13 - 01808890 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-03-30 10:09 - 2014-02-12 21:04 - 01294472 _____ () C:\Windows\WindowsUpdate.log 2014-03-30 10:08 - 2012-07-02 16:10 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-03-30 10:06 - 2014-03-30 10:03 - 05140176 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-03-30 10:05 - 2014-03-30 10:05 - 00135552 _____ () C:\Users\Max\AppData\Local\GDIPFONTCACHEV1.DAT 2014-03-30 10:05 - 2014-03-30 10:04 - 00000168 _____ () C:\Windows\setupact.log 2014-03-30 10:05 - 2012-02-18 19:34 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-03-30 10:04 - 2014-03-30 10:04 - 00000000 _____ () C:\Windows\setuperr.log 2014-03-30 10:04 - 2011-09-15 12:39 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-03-30 10:04 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-03-30 10:03 - 2014-03-28 01:08 - 00000000 ____D () C:\AdwCleaner 2014-03-30 09:54 - 2014-03-30 09:56 - 01038974 _____ (Thisisu) C:\Users\Max\Desktop\JRT.exe 2014-03-30 09:54 - 2014-03-30 09:55 - 01950720 _____ () C:\Users\Max\Desktop\adwcleaner (1).exe 2014-03-30 09:54 - 2014-03-30 09:54 - 01950720 _____ () C:\Users\Max\Downloads\adwcleaner (1).exe 2014-03-30 09:54 - 2014-03-30 09:54 - 01038974 _____ (Thisisu) C:\Users\Max\Downloads\JRT.exe 2014-03-30 02:43 - 2012-01-15 10:16 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-03-30 01:50 - 2011-09-15 12:59 - 00000000 ____D () C:\ProgramData\truesuite 2014-03-30 00:49 - 2012-05-13 18:20 - 00000000 ____D () C:\Program Files (x86)\Sky-Fighter 2014-03-29 22:52 - 2014-03-29 22:52 - 00014012 _____ () C:\Users\Max\Documents\cc_20140329_215214.reg 2014-03-29 22:52 - 2014-03-29 22:52 - 00004566 _____ () C:\Users\Max\Documents\cc_20140329_215230.reg 2014-03-29 22:14 - 2012-01-29 02:06 - 00000000 ____D () C:\Users\Max\AppData\Roaming\TS3Client 2014-03-29 22:10 - 2012-02-09 18:49 - 00000000 ____D () C:\Program Files (x86)\Simple Port Forwarding 2014-03-29 22:03 - 2014-03-29 22:03 - 00000000 ____D () C:\ProgramData\PDFC 2014-03-29 21:59 - 2013-03-15 16:35 - 00000000 ____D () C:\Symbols 2014-03-29 21:56 - 2012-03-03 13:01 - 00007588 _____ () C:\Users\Max\AppData\Local\Resmon.ResmonCfg 2014-03-29 21:56 - 2011-09-15 12:54 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-03-29 21:46 - 2012-01-03 20:13 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{51EE8C70-F409-4E79-B6F6-266A5F381A99} 2014-03-29 17:44 - 2014-03-29 17:44 - 00000308 _____ () C:\Users\Max\Documents\cc_20140329_164429.reg 2014-03-29 17:39 - 2014-03-29 17:39 - 00015762 _____ () C:\Users\Max\Documents\cc_20140329_163904.reg 2014-03-29 17:34 - 2012-11-10 17:11 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-252815299-2609012233-3364361215-1000Core.job 2014-03-29 17:20 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-03-29 16:46 - 2013-10-26 00:58 - 00000000 ____D () C:\Users\Max\AppData\Local\Apps\2.0 2014-03-29 12:45 - 2014-03-29 12:22 - 00000000 ____D () C:\Qoobox 2014-03-29 12:44 - 2014-03-29 12:44 - 00026228 _____ () C:\ComboFix.txt 2014-03-29 12:44 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2014-03-29 12:41 - 2014-03-29 12:21 - 00000000 ____D () C:\Windows\erdnt 2014-03-29 12:34 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-03-29 12:20 - 2014-03-29 12:20 - 05192353 ____R (Swearware) C:\Users\Max\Downloads\ComboFix.exe 2014-03-29 01:59 - 2014-03-29 01:16 - 00911316 _____ () C:\Users\Max\Desktop\T59-16 HUGE amount of Luck.wotreplay 2014-03-29 01:04 - 2014-03-29 01:04 - 14851176 _____ (diclovit ) C:\Users\Max\Downloads\dmp_1.10.6_setup.exe 2014-03-29 00:40 - 2014-03-29 00:40 - 00000771 _____ () C:\Users\Public\Desktop\World of Tanks.lnk 2014-03-29 00:40 - 2012-01-15 18:13 - 00000000 ___HD () C:\Windows\msdownld.tmp 2014-03-29 00:31 - 2012-01-23 20:41 - 00000000 ____D () C:\Games 2014-03-29 00:28 - 2014-03-29 00:28 - 00000000 ____D () C:\Users\Max\Desktop\WoT_0.8.11_eu_install 2014-03-29 00:21 - 2014-03-29 00:24 - 2419305860 _____ () C:\Users\Max\Desktop\WoT_0.8.11_eu_install.zip 2014-03-29 00:21 - 2014-03-28 21:22 - 2419305860 _____ () C:\Users\Max\Downloads\WoT_0.8.11_eu_install.zip 2014-03-28 21:25 - 2013-09-15 22:04 - 00000000 ____D () C:\Program Files (x86)\World_of_Tanks 2014-03-28 21:20 - 2014-03-28 21:23 - 72500829 _____ () C:\Users\Max\Desktop\HRMOD20Gun20Sounds20v1.8621.rar 2014-03-28 21:20 - 2014-03-28 21:18 - 72500829 _____ () C:\Users\Max\Downloads\HRMOD20Gun20Sounds20v1.8621.rar 2014-03-28 21:17 - 2012-01-29 02:06 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client 2014-03-28 13:58 - 2014-03-28 13:57 - 00058243 _____ () C:\Users\Max\Downloads\Addition.txt 2014-03-28 13:56 - 2014-03-28 12:24 - 00000000 ____D () C:\Users\Max\Desktop\Ebay-Kleinanzeigen 2014-03-28 13:55 - 2014-03-28 13:55 - 02157056 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe 2014-03-28 11:15 - 2012-03-02 18:53 - 00000000 ___RD () C:\Users\Max\Desktop\Games 2014-03-28 04:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-03-28 04:41 - 2012-04-01 19:14 - 00000000 ____D () C:\Windows\System32\Tasks\Games 2014-03-28 01:19 - 2011-02-11 19:00 - 00000000 ____D () C:\Windows\Panther 2014-03-28 01:08 - 2014-03-28 01:08 - 01950720 _____ () C:\Users\Max\Downloads\adwcleaner.exe 2014-03-28 01:02 - 2014-03-28 01:02 - 00001423 _____ () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-03-28 00:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-03-28 00:55 - 2014-03-28 00:53 - 00001270 _____ () C:\Windows\system32\Commander David wollte ein 1vs1 und war als Techniker in ner Flotten Dreadnought Galaxy gegen meinen BoP immer kurz vor'm krepieren - lol - am Ende hatte ich nen Disconnect - schade - Commander David h..lnk 2014-03-28 00:52 - 2014-03-28 00:52 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2014-03-28 00:52 - 2014-03-28 00:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-03-28 00:52 - 2014-03-28 00:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-03-28 00:52 - 2014-03-28 00:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2014-03-28 00:52 - 2014-03-28 00:52 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-03-28 00:52 - 2014-03-28 00:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2014-03-28 00:52 - 2014-03-28 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2014-03-28 00:52 - 2014-03-28 00:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-03-28 00:52 - 2014-03-28 00:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-03-28 00:48 - 2014-03-28 00:48 - 00613200 _____ (Chip Digital GmbH) C:\Users\Max\Downloads\Internet Explorer 11 64 Bit - CHIP-Downloader.exe 2014-03-28 00:34 - 2014-03-28 00:34 - 00001224 _____ () C:\Users\Max\Documents\cc_20140327_233406.reg 2014-03-28 00:30 - 2014-03-28 00:14 - 00000000 ____D () C:\ProgramData\SecTaskMan 2014-03-28 00:30 - 2013-11-23 17:11 - 00000000 ____D () C:\Program Files (x86)\Combat-Rivals 2014-03-28 00:29 - 2014-03-28 00:29 - 00017648 _____ () C:\Users\Max\Documents\cc_20140327_232909.reg 2014-03-28 00:28 - 2014-03-28 00:28 - 00037148 _____ () C:\Users\Max\Documents\cc_20140327_232850.reg 2014-03-28 00:14 - 2014-03-28 00:14 - 02365840 _____ () C:\Users\Max\Downloads\SecurityTaskManager_Setup.exe 2014-03-28 00:14 - 2014-03-28 00:14 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager 2014-03-27 21:52 - 2012-01-18 13:28 - 00003174 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMax 2014-03-27 21:52 - 2012-01-18 13:28 - 00000324 _____ () C:\Windows\Tasks\HPCeeScheduleForMax.job 2014-03-27 19:56 - 2014-03-27 19:56 - 03098210 _____ () C:\Users\Max\Downloads\tweaking.com_windows_repair_aio.zip 2014-03-26 15:37 - 2012-01-18 13:28 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-03-26 15:37 - 2012-01-11 21:35 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log 2014-03-26 14:47 - 2014-03-26 14:46 - 27998329 _____ () C:\Users\Max\Downloads\WoT_7.5_Sounds.zip 2014-03-26 12:57 - 2012-01-03 21:52 - 00000000 ____D () C:\Users\Max\AppData\Local\CrashDumps 2014-03-25 22:09 - 2014-03-25 22:09 - 03667522 _____ () C:\Users\Max\Documents\AutoRuns.arn 2014-03-25 22:08 - 2012-06-24 07:46 - 00000000 ___RD () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-03-25 22:04 - 2014-03-25 22:04 - 00550371 _____ () C:\Users\Max\Downloads\Autoruns.zip 2014-03-25 17:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-03-24 08:46 - 2013-11-15 14:41 - 00000142 _____ () C:\Users\Max\Downloads\movie1080p.mkv.zip 2014-03-23 19:18 - 2014-02-13 18:43 - 00000000 ____D () C:\Windows\System32\Tasks\Abelssoft 2014-03-23 19:16 - 2014-03-08 15:49 - 00000000 ____D () C:\Users\Max\AppData\Roaming\IrfanView 2014-03-21 17:57 - 2014-03-21 17:55 - 68950680 _____ (SiSoftware ) C:\Users\Max\Downloads\san2021.exe 2014-03-19 19:05 - 2012-01-15 10:33 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-03-18 16:23 - 2014-03-18 16:23 - 00249613 _____ () C:\Users\Max\Downloads\nvidiaInspector.zip 2014-03-18 04:02 - 2013-08-16 03:01 - 00000000 ____D () C:\Windows\system32\MRT 2014-03-18 04:00 - 2012-02-19 09:33 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-03-14 18:07 - 2014-03-14 18:07 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Awesomium 2014-03-14 11:54 - 2014-03-12 16:08 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online 2014-03-14 11:12 - 2014-03-14 11:12 - 00000000 ____D () C:\Users\Max\Documents\Elder Scrolls Online 2014-03-14 11:12 - 2014-03-14 11:12 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online 2014-03-14 08:27 - 2012-01-12 14:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-03-14 08:27 - 2012-01-03 22:58 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-13 15:07 - 2014-03-13 15:07 - 00000000 ____D () C:\Users\Max\AppData\Local\Skype 2014-03-13 15:07 - 2012-01-03 22:58 - 00000000 ____D () C:\ProgramData\Skype 2014-03-13 04:01 - 2012-01-24 19:26 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-03-12 21:08 - 2012-07-02 16:10 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-03-12 21:08 - 2012-07-02 16:10 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-03-12 21:08 - 2011-09-15 12:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-12 16:08 - 2014-03-12 16:07 - 55903624 _____ ( ) C:\Users\Max\Downloads\Install_ESO_Beta.exe 2014-03-11 20:58 - 2014-03-11 20:58 - 00821760 _____ (NVIDIA Corporation) C:\Users\Max\Downloads\NVIDIA SSAA.exe 2014-03-11 20:55 - 2011-09-15 12:39 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-03-10 21:47 - 2014-03-10 21:47 - 14325662 _____ (diclovit ) C:\Users\Max\Downloads\dmp_1.10.4_setup.exe 2014-03-10 17:36 - 2014-03-10 17:36 - 00613200 _____ (Chip Digital GmbH) C:\Users\Max\Downloads\GPU Z - CHIP-Downloader.exe 2014-03-08 15:48 - 2014-03-08 15:48 - 02179728 _____ (Irfan Skiljan) C:\Users\Max\Downloads\iview437g_setup.exe 2014-03-08 15:47 - 2012-01-21 19:09 - 00000000 ____D () C:\Users\Max\AppData\Local\Windows Live 2014-03-08 15:15 - 2014-03-08 15:14 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner 2014-03-08 15:14 - 2014-03-08 15:14 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner 2014-03-08 15:13 - 2014-03-08 15:13 - 22990573 _____ () C:\Users\Max\Downloads\MSIAfterburnerSetup231.zip 2014-03-08 15:12 - 2014-03-08 15:12 - 00613200 _____ (Chip Digital GmbH) C:\Users\Max\Downloads\MSI Afterburner - CHIP-Downloader.exe 2014-03-08 13:58 - 2014-03-08 13:58 - 00000000 ____D () C:\Program Files (x86)\directx 2014-03-08 13:58 - 2011-09-15 12:44 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-03-08 13:53 - 2014-03-08 13:53 - 00000000 ____D () C:\Program Files (x86)\TDK 2014-03-07 15:42 - 2012-01-03 20:08 - 00000000 ____D () C:\Users\Max 2014-03-07 09:58 - 2013-06-15 17:16 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2 2014-03-06 17:32 - 2013-07-30 23:30 - 00000000 ____D () C:\Users\Max\AppData\Local\Warframe 2014-03-06 16:33 - 2014-03-06 16:33 - 00000000 ____D () C:\Users\Max\AppData\Roaming\steamvr 2014-03-05 09:26 - 2014-03-30 10:13 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-03-05 09:26 - 2014-03-30 10:13 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-03-05 09:26 - 2014-03-27 20:00 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-03-04 16:35 - 2014-03-11 20:51 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-03-04 16:35 - 2014-03-11 20:51 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 00484296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 00409544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 00377688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-03-04 16:35 - 2014-03-11 20:51 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-03-04 16:35 - 2013-12-15 17:51 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-03-04 16:35 - 2013-07-18 21:28 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-03-04 16:35 - 2013-07-18 20:12 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2014-03-04 16:35 - 2013-07-18 20:12 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-03-04 16:35 - 2013-07-15 13:47 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2014-03-04 16:35 - 2013-07-15 13:47 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2014-03-04 16:35 - 2011-09-15 12:35 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2014-03-04 16:35 - 2011-09-15 12:35 - 00024544 _____ () C:\Windows\system32\nvinfo.pb 2014-03-04 15:06 - 2011-03-30 10:45 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2014-03-04 15:06 - 2011-03-30 10:44 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2014-03-04 15:05 - 2013-07-15 13:48 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin 2014-03-04 15:05 - 2011-03-30 10:45 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2014-03-04 15:05 - 2011-03-30 10:45 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2014-03-04 15:05 - 2011-03-30 10:45 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2014-03-04 15:05 - 2011-03-30 10:45 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2014-03-04 13:32 - 2014-03-11 20:55 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-03-03 23:33 - 2012-06-20 10:37 - 00000000 ____D () C:\Users\Max\AppData\Local\Adobe 2014-03-03 23:33 - 2012-01-04 10:29 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Adobe 2014-03-03 19:20 - 2014-03-03 19:20 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF 2014-03-03 19:19 - 2012-06-20 10:36 - 00000000 ____D () C:\ProgramData\Adobe 2014-03-03 19:13 - 2014-03-03 19:13 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uCertify 2014-03-03 19:13 - 2014-03-03 19:13 - 00000000 ____D () C:\Program Files (x86)\uCertify 2014-03-03 19:12 - 2014-03-03 19:12 - 00930952 _____ (CNET Download.com) C:\Users\Max\Downloads\cbsidlm-cbsi183-uCertify__9A0044_ADOBE_ACE_Photoshop_CS2-ORG-10715851.exe 2014-03-03 19:10 - 2014-03-03 19:10 - 00000000 ____D () C:\PS_CS2_Gr_NonRet 2014-03-03 17:59 - 2014-03-03 17:50 - 375232764 _____ (Adobe Systems Inc. ) C:\Users\Max\Downloads\PS_CS2_Gr_NonRet.exe 2014-03-01 08:05 - 2014-03-28 14:59 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-01 07:17 - 2014-03-28 14:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-01 07:16 - 2014-03-28 14:59 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-03-01 06:58 - 2014-03-28 14:59 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-03-01 06:52 - 2014-03-28 14:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-03-01 06:51 - 2014-03-28 14:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-03-01 06:42 - 2014-03-28 14:59 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-03-01 06:40 - 2014-03-28 14:59 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-03-01 06:37 - 2014-03-28 14:59 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-03-01 06:33 - 2014-03-28 14:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-03-01 06:33 - 2014-03-28 14:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-03-01 06:32 - 2014-03-28 14:59 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-03-01 06:30 - 2014-03-28 14:59 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-03-01 06:23 - 2014-03-28 14:59 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-03-01 06:17 - 2014-03-28 14:59 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-03-01 06:11 - 2014-03-28 14:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-03-01 06:02 - 2014-03-28 14:59 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-03-01 05:54 - 2014-03-28 14:59 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-03-01 05:52 - 2014-03-28 14:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-03-01 05:51 - 2014-03-28 14:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-03-01 05:47 - 2014-03-28 14:59 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-03-01 05:43 - 2014-03-28 14:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-03-01 05:43 - 2014-03-28 14:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-03-01 05:42 - 2014-03-28 14:59 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-03-01 05:40 - 2014-03-28 14:59 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-03-01 05:38 - 2014-03-28 14:59 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-03-01 05:37 - 2014-03-28 14:59 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-03-01 05:35 - 2014-03-28 14:59 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-03-01 05:18 - 2014-03-28 14:59 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-03-01 05:16 - 2014-03-28 14:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-03-01 05:14 - 2014-03-28 14:59 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-03-01 05:10 - 2014-03-28 14:59 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-03-01 05:03 - 2014-03-28 14:59 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-03-01 05:00 - 2014-03-28 14:59 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-03-01 04:57 - 2014-03-28 14:59 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-03-01 04:38 - 2014-03-28 14:59 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-03-01 04:32 - 2014-03-28 14:59 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-03-01 04:27 - 2014-03-28 14:59 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-03-01 04:25 - 2014-03-28 14:59 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-03-01 04:25 - 2014-03-28 14:59 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll Files to move or delete: ==================== C:\ProgramData\hsdk5313dv.dat Some content of TEMP: ==================== C:\Users\Max\AppData\Local\Temp\NGM.exe C:\Users\Max\AppData\Local\Temp\NGMDll.dll C:\Users\Max\AppData\Local\Temp\NGMResource.dll C:\Users\Max\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-30 04:37 ==================== End Of Log ============================ Schonmal Danke im Vorraus. |
|
31.03.2014, 09:34
| #9 |
| /// the machine /// TB-Ausbilder | Windows 7 | Tab/Fensterwechsel, nach 10sek kurzer FreezeESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.04.2014, 06:20
| #10 |
| | Windows 7 | Tab/Fensterwechsel, nach 10sek kurzer Freeze So, habe ESET über Nacht laufen lassen und dabei ist folgendes bei rumgekommen: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=544c322f554c334b96c974951de9939f
# engine=17694
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-31 03:34:23
# local_time=2014-03-31 05:34:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1286 16777213 100 98 65008 51049985 0 0
# compatibility_mode=5893 16776573 100 94 64900 147909913 0 0
# scanned=155142
# found=1
# cleaned=0
# scan_time=4113
sh=C8507C2CEB219F40272207E35B3E56337D63A061 ft=1 fh=e4fccb6651bedaa1 vn="a variant of Win32/Adware.SpeedingUpMyPC.C application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Driver Pro\DPSmartScan.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=544c322f554c334b96c974951de9939f
# engine=17697
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-01 01:40:31
# local_time=2014-04-01 03:40:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1286 16777213 100 98 20807 51086353 0 0
# compatibility_mode=5893 16776573 100 94 20645 147946281 0 0
# scanned=635019
# found=6
# cleaned=0
# scan_time=14371
sh=C8507C2CEB219F40272207E35B3E56337D63A061 ft=1 fh=e4fccb6651bedaa1 vn="a variant of Win32/Adware.SpeedingUpMyPC.C application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Driver Pro\DPSmartScan.exe.vir"
sh=8D9B78752BD3ADC185A61797BB29B623E697F348 ft=0 fh=0000000000000000 vn="Java/Exploit.Agent.AT trojan" ac=I fn="C:\Users\Max\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\56aed0-6a63b362"
sh=B4DDF6AB7C23618576ABFB17943113B3830ABA2F ft=0 fh=0000000000000000 vn="Java/Exploit.Blacole.AN trojan" ac=I fn="C:\Users\Max\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\1bbf9b5f-612e40b6"
sh=4AF73A52AD119E74C873B4E140E15D96877EF0F3 ft=0 fh=0000000000000000 vn="Java/Exploit.Agent.NBC trojan" ac=I fn="C:\Users\Max\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\754497e2-5d06318a"
sh=E041CF6486953435D93A180B4E2FFA466880ECAC ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2012-1723.E trojan" ac=I fn="C:\Users\Max\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\15d56d7e-50842d95"
sh=C8E07DF19DE987F9C1B8C6FF08F9EE2258B6DAF2 ft=0 fh=0000000000000000 vn="a variant of MSIL/FakeTool.EV trojan" ac=I fn="C:\Users\Max\Downloads\OnlineGameCheats.Net - NSFW Cash Maker v1.1.7z"
Das Ergebnis vom SecurityCheck: Code:
ATTFilter Results of screen317's Security Check version 0.99.80
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Kaspersky Internet Security
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java(TM) 6 Update 31
Java 7 Update 25
Java version out of Date!
Adobe Flash Player 12.0.0.77
Adobe Reader 10.1.6 Adobe Reader out of Date!
Mozilla Firefox 15.0.1 Firefox out of Date!
Google Chrome 33.0.1750.146
Google Chrome 33.0.1750.154
````````Process Check: objlist.exe by Laurent````````
Kaspersky Lab Kaspersky Internet Security 2013 avp.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Max (administrator) on SUPERNOVA on 01-04-2014 07:19:14
Running from C:\Users\Max\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
() C:\Program Files (x86)\puush\puush.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\prevhost.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-252815299-2609012233-3364361215-1000\...\Run: [puush] - C:\Program Files (x86)\puush\puush.exe [567880 2014-02-27] ()
HKU\S-1-5-21-252815299-2609012233-3364361215-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-252815299-2609012233-3364361215-1000\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-03-31] (Electronic Arts)
HKU\S-1-5-21-252815299-2609012233-3364361215-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-252815299-2609012233-3364361215-1000\...\Policies\system: [DisableChangePassword] 0
Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM-x32 - Default Value = {3B81079D-2AC9-425f-A494-A1C7D93AFA3C}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {71B15D21-1CAB-4589-9EED-99B186FEF4FF} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - {42D7884D-418B-496B-8C5E-FE39C4AF6E01} URL = hxxp://de.search.yahoo.com/search?ei=utf-8&fr=chr-greentree_ie&type=827316&ilc=12&p={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - No Name - !{DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No File
Toolbar: HKLM-x32 - No Name - !{26647ca4-a2a7-4eac-8a72-761aa9141de7} - No File
Toolbar: HKLM-x32 - No Name - !{3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - No File
Toolbar: HKLM-x32 - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - No File
Toolbar: HKLM-x32 - No Name - !{707db484-2428-402d-afb5-d85b387544c7} - No File
Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - No Name - !{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No File
Toolbar: HKLM-x32 - No Name - !{c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File
Toolbar: HKLM-x32 - No Name - !{DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No File
Toolbar: HKLM-x32 - No Name - !{DFEFCDEE-CF1A-4FC8-89AF-189327213627} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {26647CA4-A2A7-4EAC-8A72-761AA9141DE7} - No File
Toolbar: HKCU - No Name - {474DCBF4-0DB1-4C6A-A014-1C2544E82698} - No File
Toolbar: HKCU - No Name - {707DB484-2428-402D-AFB5-D85B387544C7} - No File
Toolbar: HKCU - No Name - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-09-15] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\kjfzlluk.default
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.2.1 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.2.1 - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Max\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\kjfzlluk.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-25]
FF Extension: Adblock Plus - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\kjfzlluk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-06-18]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2012-05-08]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2012-05-08]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2012-09-19]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-03-03]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-05-10]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-05-10]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-05-10]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-05-10]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-05-10]
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Extension: (ProxTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2012-08-25]
CHR Extension: (Max - Tom) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\afojndljdhnnonodcgbpkadmmmenpalp [2014-01-31]
CHR Extension: (Angry Birds) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-10-19]
CHR Extension: (Google Drive) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-10]
CHR Extension: (YouTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-10]
CHR Extension: (Umineko No Naku Koro Ni) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\cenhmdbdlikfoghldekhnfgkmdffojdk [2013-09-23]
CHR Extension: (Google Search) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-10]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-03-26]
CHR Extension: (AdBlock) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-09-24]
CHR Extension: (Dragon - Max) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkhngagbpeeckkcchocjacbginlafhne [2013-08-08]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-03-26]
CHR Extension: (Konochan) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoomppjijcipepcjaeeboagogoajocjh [2013-09-23]
CHR Extension: (Virtuelle Tastatur) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-03-26]
CHR Extension: (Website Logon) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe [2014-03-26]
CHR Extension: (Skype Click to Call) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-16]
CHR Extension: (DvdVideoSoft Free Youtube Download) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2014-03-26]
CHR Extension: (Google Wallet) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Mein Chrome-Design) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2013-07-14]
CHR Extension: (Max - Rammstein (1)) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogleioplphbkikodongmejkafhakhbeh [2014-02-12]
CHR Extension: (Gmail) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-10]
CHR Extension: (Anti-Banner) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-03-26]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Max\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-09-30]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [jpgfhihjicjofdejkbjgnjlaglaciobe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-06-03]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-08-18]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-03-03] (Adobe Systems)
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-01-24] (Perfect World Entertainment Inc)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] ()
R2 hasplms; C:\Windows\system32\hasplms.exe [4889032 2011-12-30] (SafeNet Inc.)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [61916000 2011-04-24] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-26] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [123664 2012-08-25] (SANDBOXIE L.T.D)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [428384 2011-04-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 AVEO; C:\Windows\System32\DRIVERS\AVEOdcnt.sys [305920 2011-10-24] (AVEO)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-11] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-05-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-05-11] (Kaspersky Lab ZAO)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-09-15] ()
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [70400 2004-04-08] (Protection Technology)
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202632 2012-08-25] (SANDBOXIE L.T.D)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [X]
S3 RtlProt; \??\C:\Windows\System32\Drivers\RtlProt.sys [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-01 07:03 - 2014-04-01 07:03 - 00987442 _____ () C:\Users\Max\Downloads\SecurityCheck.exe
2014-03-31 23:05 - 2014-03-31 23:05 - 00001040 _____ () C:\Users\Max\Documents\cc_20140331_230514.reg
2014-03-31 19:15 - 2014-03-31 19:14 - 01040504 _____ () C:\Users\Max\Desktop\ise record 83.log
2014-03-31 19:14 - 2014-03-31 19:14 - 01040504 _____ () C:\Users\Max\Downloads\ise record 83.log
2014-03-31 17:48 - 2014-03-31 17:49 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-03-31 17:37 - 2014-03-31 17:48 - 00000000 ____D () C:\Users\Max\AppData\Local\Origin
2014-03-31 17:34 - 2014-03-31 21:53 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-03-31 17:34 - 2014-03-31 17:34 - 00000981 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-03-31 17:33 - 2014-03-31 17:34 - 17009704 _____ (Electronic Arts, Inc.) C:\Users\Max\Downloads\OriginThinSetup.exe
2014-03-31 16:23 - 2014-03-31 16:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-31 16:23 - 2014-03-31 15:37 - 02347384 _____ (ESET) C:\Users\Max\Desktop\esetsmartinstaller_enu.exe
2014-03-31 15:37 - 2014-03-31 15:37 - 02347384 _____ (ESET) C:\Users\Max\Downloads\esetsmartinstaller_enu.exe
2014-03-30 10:44 - 2014-03-30 10:44 - 00004715 _____ () C:\Users\Max\Desktop\JRT.txt
2014-03-30 10:13 - 2014-03-31 21:57 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-30 10:13 - 2014-03-30 10:13 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-30 10:13 - 2014-03-30 10:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-03-30 10:13 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-30 10:13 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-30 10:12 - 2014-03-30 10:12 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Max\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-30 10:12 - 2014-03-30 10:12 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Max\Desktop\mbam-setup-2.0.0.1000.exe
2014-03-30 09:56 - 2014-03-30 09:54 - 01038974 _____ (Thisisu) C:\Users\Max\Desktop\JRT.exe
2014-03-30 09:55 - 2014-03-30 09:54 - 01950720 _____ () C:\Users\Max\Desktop\adwcleaner (1).exe
2014-03-30 09:54 - 2014-03-30 09:54 - 01950720 _____ () C:\Users\Max\Downloads\adwcleaner (1).exe
2014-03-30 09:54 - 2014-03-30 09:54 - 01038974 _____ (Thisisu) C:\Users\Max\Downloads\JRT.exe
2014-03-29 22:52 - 2014-03-29 22:52 - 00014012 _____ () C:\Users\Max\Documents\cc_20140329_215214.reg
2014-03-29 22:52 - 2014-03-29 22:52 - 00004566 _____ () C:\Users\Max\Documents\cc_20140329_215230.reg
2014-03-29 22:03 - 2014-03-29 22:03 - 00000000 ____D () C:\ProgramData\PDFC
2014-03-29 17:44 - 2014-03-29 17:44 - 00000308 _____ () C:\Users\Max\Documents\cc_20140329_164429.reg
2014-03-29 17:39 - 2014-03-29 17:39 - 00015762 _____ () C:\Users\Max\Documents\cc_20140329_163904.reg
2014-03-29 12:44 - 2014-03-29 12:44 - 00026228 _____ () C:\ComboFix.txt
2014-03-29 12:22 - 2014-03-29 12:45 - 00000000 ____D () C:\Qoobox
2014-03-29 12:22 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-03-29 12:22 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-03-29 12:22 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-03-29 12:22 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-03-29 12:22 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-03-29 12:22 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-03-29 12:22 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-03-29 12:22 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-03-29 12:21 - 2014-03-29 12:41 - 00000000 ____D () C:\Windows\erdnt
2014-03-29 12:20 - 2014-03-29 12:20 - 05192353 ____R (Swearware) C:\Users\Max\Downloads\ComboFix.exe
2014-03-29 04:00 - 2013-12-21 11:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-29 04:00 - 2013-12-21 10:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-29 01:16 - 2014-03-29 01:59 - 00911316 _____ () C:\Users\Max\Desktop\T59-16 HUGE amount of Luck.wotreplay
2014-03-29 01:04 - 2014-03-29 01:04 - 14851176 _____ (diclovit ) C:\Users\Max\Downloads\dmp_1.10.6_setup.exe
2014-03-29 00:40 - 2014-03-29 00:40 - 00000771 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-03-29 00:28 - 2014-03-29 00:28 - 00000000 ____D () C:\Users\Max\Desktop\WoT_0.8.11_eu_install
2014-03-29 00:24 - 2014-03-29 00:21 - 2419305860 _____ () C:\Users\Max\Desktop\WoT_0.8.11_eu_install.zip
2014-03-28 21:23 - 2014-03-28 21:20 - 72500829 _____ () C:\Users\Max\Desktop\HRMOD20Gun20Sounds20v1.8621.rar
2014-03-28 21:22 - 2014-03-29 00:21 - 2419305860 _____ () C:\Users\Max\Downloads\WoT_0.8.11_eu_install.zip
2014-03-28 21:18 - 2014-03-28 21:20 - 72500829 _____ () C:\Users\Max\Downloads\HRMOD20Gun20Sounds20v1.8621.rar
2014-03-28 14:59 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-28 14:59 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-28 14:59 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-28 14:59 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-28 14:59 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-28 14:59 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-28 14:59 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-28 14:59 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-28 14:59 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-28 14:59 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-28 14:59 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-28 14:59 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-28 14:59 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-28 14:59 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-28 14:59 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-28 14:59 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-28 14:59 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-28 14:59 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-28 14:59 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-28 14:59 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-28 14:59 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-28 14:59 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-28 14:59 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-28 14:59 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-28 14:59 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-28 14:59 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-28 14:59 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-28 14:59 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-28 14:59 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-28 14:59 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-28 14:59 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-28 14:59 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-28 14:59 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-28 14:59 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-28 14:59 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-28 14:59 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-28 14:59 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-28 14:59 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-28 14:59 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-28 14:59 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-28 13:57 - 2014-04-01 07:19 - 00025270 _____ () C:\Users\Max\Downloads\FRST.txt
2014-03-28 13:57 - 2014-04-01 07:19 - 00000000 ____D () C:\FRST
2014-03-28 13:57 - 2014-03-28 13:58 - 00058243 _____ () C:\Users\Max\Downloads\Addition.txt
2014-03-28 13:55 - 2014-03-28 13:55 - 02157056 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe
2014-03-28 12:24 - 2014-03-28 13:56 - 00000000 ____D () C:\Users\Max\Desktop\Ebay-Kleinanzeigen
2014-03-28 01:08 - 2014-03-30 10:03 - 00000000 ____D () C:\AdwCleaner
2014-03-28 01:08 - 2014-03-28 01:08 - 01950720 _____ () C:\Users\Max\Downloads\adwcleaner.exe
2014-03-28 01:02 - 2014-03-28 01:02 - 00001423 _____ () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-28 00:55 - 2013-10-14 19:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-03-28 00:53 - 2014-03-28 00:55 - 00001270 _____ () C:\Windows\system32\Commander David wollte ein 1vs1 und war als Techniker in ner Flotten Dreadnought Galaxy gegen meinen BoP immer kurz vor'm krepieren - lol - am Ende hatte ich nen Disconnect - schade - Commander David h..lnk
2014-03-28 00:52 - 2014-03-28 00:52 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-28 00:52 - 2014-03-28 00:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-28 00:52 - 2014-03-28 00:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-28 00:52 - 2014-03-28 00:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-28 00:52 - 2014-03-28 00:52 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-28 00:52 - 2014-03-28 00:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-28 00:52 - 2014-03-28 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-28 00:48 - 2014-03-28 00:48 - 00613200 _____ (Chip Digital GmbH) C:\Users\Max\Downloads\Internet Explorer 11 64 Bit - CHIP-Downloader.exe
2014-03-28 00:34 - 2014-03-28 00:34 - 00001224 _____ () C:\Users\Max\Documents\cc_20140327_233406.reg
2014-03-28 00:29 - 2014-03-28 00:29 - 00017648 _____ () C:\Users\Max\Documents\cc_20140327_232909.reg
2014-03-28 00:28 - 2014-03-28 00:28 - 00037148 _____ () C:\Users\Max\Documents\cc_20140327_232850.reg
2014-03-28 00:14 - 2014-03-28 00:30 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-03-28 00:14 - 2014-03-28 00:14 - 02365840 _____ () C:\Users\Max\Downloads\SecurityTaskManager_Setup.exe
2014-03-28 00:14 - 2014-03-28 00:14 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager
2014-03-27 20:00 - 2014-03-30 10:13 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Malwarebytes
2014-03-27 20:00 - 2014-03-30 10:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-27 20:00 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-27 19:56 - 2014-03-27 19:56 - 03098210 _____ () C:\Users\Max\Downloads\tweaking.com_windows_repair_aio.zip
2014-03-26 14:46 - 2014-03-26 14:47 - 27998329 _____ () C:\Users\Max\Downloads\WoT_7.5_Sounds.zip
2014-03-25 22:09 - 2014-03-25 22:09 - 03667522 _____ () C:\Users\Max\Documents\AutoRuns.arn
2014-03-25 22:04 - 2014-03-25 22:04 - 00550371 _____ () C:\Users\Max\Downloads\Autoruns.zip
2014-03-21 17:55 - 2014-03-21 17:57 - 68950680 _____ (SiSoftware ) C:\Users\Max\Downloads\san2021.exe
2014-03-18 16:23 - 2014-03-18 16:23 - 00249613 _____ () C:\Users\Max\Downloads\nvidiaInspector.zip
2014-03-14 18:07 - 2014-03-14 18:07 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Awesomium
2014-03-14 11:12 - 2014-03-14 11:12 - 00000000 ____D () C:\Users\Max\Documents\Elder Scrolls Online
2014-03-14 11:12 - 2014-03-14 11:12 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-03-13 15:07 - 2014-03-13 15:07 - 00000000 ____D () C:\Users\Max\AppData\Local\Skype
2014-03-12 16:08 - 2014-03-14 11:54 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online
2014-03-12 16:07 - 2014-03-12 16:08 - 55903624 _____ ( ) C:\Users\Max\Downloads\Install_ESO_Beta.exe
2014-03-12 15:22 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 15:22 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 15:22 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 15:22 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 15:22 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 15:22 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 15:22 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 15:22 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-11 20:58 - 2014-03-11 20:58 - 00821760 _____ (NVIDIA Corporation) C:\Users\Max\Downloads\NVIDIA SSAA.exe
2014-03-11 20:55 - 2014-03-04 13:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-11 20:51 - 2014-03-04 16:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-11 20:51 - 2014-03-04 16:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 00484296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 00409544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 00377688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-11 20:51 - 2014-03-04 16:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-10 21:47 - 2014-03-10 21:47 - 14325662 _____ (diclovit ) C:\Users\Max\Downloads\dmp_1.10.4_setup.exe
2014-03-10 17:36 - 2014-03-10 17:36 - 00613200 _____ (Chip Digital GmbH) C:\Users\Max\Downloads\GPU Z - CHIP-Downloader.exe
2014-03-08 15:49 - 2014-03-23 19:16 - 00000000 ____D () C:\Users\Max\AppData\Roaming\IrfanView
2014-03-08 15:48 - 2014-03-08 15:48 - 02179728 _____ (Irfan Skiljan) C:\Users\Max\Downloads\iview437g_setup.exe
2014-03-08 15:14 - 2014-03-08 15:15 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-03-08 15:14 - 2014-03-08 15:14 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2014-03-08 15:13 - 2014-03-08 15:13 - 22990573 _____ () C:\Users\Max\Downloads\MSIAfterburnerSetup231.zip
2014-03-08 15:12 - 2014-03-08 15:12 - 00613200 _____ (Chip Digital GmbH) C:\Users\Max\Downloads\MSI Afterburner - CHIP-Downloader.exe
2014-03-08 13:58 - 2014-03-08 13:58 - 00000000 ____D () C:\Program Files (x86)\directx
2014-03-08 13:53 - 2014-03-08 13:53 - 00000000 ____D () C:\Program Files (x86)\TDK
2014-03-06 16:33 - 2014-03-06 16:33 - 00000000 ____D () C:\Users\Max\AppData\Roaming\steamvr
2014-03-03 19:20 - 2014-03-03 19:20 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-03-03 19:13 - 2014-03-03 19:13 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uCertify
2014-03-03 19:13 - 2014-03-03 19:13 - 00000000 ____D () C:\Program Files (x86)\uCertify
2014-03-03 19:12 - 2014-03-03 19:12 - 00930952 _____ (CNET Download.com) C:\Users\Max\Downloads\cbsidlm-cbsi183-uCertify__9A0044_ADOBE_ACE_Photoshop_CS2-ORG-10715851.exe
2014-03-03 19:10 - 2014-03-03 19:10 - 00000000 ____D () C:\PS_CS2_Gr_NonRet
2014-03-03 17:50 - 2014-03-03 17:59 - 375232764 _____ (Adobe Systems Inc. ) C:\Users\Max\Downloads\PS_CS2_Gr_NonRet.exe
==================== One Month Modified Files and Folders =======
2014-04-01 07:19 - 2014-03-28 13:57 - 00025270 _____ () C:\Users\Max\Downloads\FRST.txt
2014-04-01 07:19 - 2014-03-28 13:57 - 00000000 ____D () C:\FRST
2014-04-01 07:13 - 2012-01-03 22:59 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Skype
2014-04-01 07:08 - 2012-07-02 16:10 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-01 07:03 - 2014-04-01 07:03 - 00987442 _____ () C:\Users\Max\Downloads\SecurityCheck.exe
2014-04-01 07:02 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-01 07:01 - 2011-09-15 12:59 - 00000000 ____D () C:\ProgramData\truesuite
2014-04-01 06:59 - 2013-05-10 23:47 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-04-01 06:45 - 2012-02-18 19:34 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-01 04:34 - 2014-02-12 21:04 - 01341019 _____ () C:\Windows\WindowsUpdate.log
2014-04-01 04:34 - 2012-11-10 17:11 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-252815299-2609012233-3364361215-1000UA.job
2014-03-31 23:09 - 2012-01-03 20:13 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{51EE8C70-F409-4E79-B6F6-266A5F381A99}
2014-03-31 23:05 - 2014-03-31 23:05 - 00001040 _____ () C:\Users\Max\Documents\cc_20140331_230514.reg
2014-03-31 23:04 - 2012-01-29 02:06 - 00000000 ____D () C:\Users\Max\AppData\Roaming\TS3Client
2014-03-31 23:04 - 2012-01-15 10:16 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-31 22:23 - 2012-03-03 13:01 - 00007589 _____ () C:\Users\Max\AppData\Local\Resmon.ResmonCfg
2014-03-31 22:01 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-31 22:01 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-31 22:00 - 2011-09-15 12:26 - 00766040 _____ () C:\Windows\system32\perfh007.dat
2014-03-31 22:00 - 2011-09-15 12:26 - 00175012 _____ () C:\Windows\system32\perfc007.dat
2014-03-31 22:00 - 2009-07-14 07:13 - 01808890 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-31 21:57 - 2014-03-30 10:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-31 21:57 - 2012-09-01 15:07 - 00000000 ____D () C:\ProgramData\Origin
2014-03-31 21:54 - 2012-02-18 19:34 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-31 21:53 - 2014-03-31 17:34 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-03-31 21:53 - 2011-09-15 12:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-31 21:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-31 20:52 - 2012-01-18 13:28 - 00003174 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMax
2014-03-31 20:52 - 2012-01-18 13:28 - 00000324 _____ () C:\Windows\Tasks\HPCeeScheduleForMax.job
2014-03-31 19:14 - 2014-03-31 19:15 - 01040504 _____ () C:\Users\Max\Desktop\ise record 83.log
2014-03-31 19:14 - 2014-03-31 19:14 - 01040504 _____ () C:\Users\Max\Downloads\ise record 83.log
2014-03-31 17:49 - 2014-03-31 17:48 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-03-31 17:48 - 2014-03-31 17:37 - 00000000 ____D () C:\Users\Max\AppData\Local\Origin
2014-03-31 17:48 - 2012-09-01 15:10 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Origin
2014-03-31 17:34 - 2014-03-31 17:34 - 00000981 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-03-31 17:34 - 2014-03-31 17:33 - 17009704 _____ (Electronic Arts, Inc.) C:\Users\Max\Downloads\OriginThinSetup.exe
2014-03-31 16:34 - 2012-11-10 17:11 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-252815299-2609012233-3364361215-1000Core.job
2014-03-31 16:23 - 2014-03-31 16:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-31 15:37 - 2014-03-31 16:23 - 02347384 _____ (ESET) C:\Users\Max\Desktop\esetsmartinstaller_enu.exe
2014-03-31 15:37 - 2014-03-31 15:37 - 02347384 _____ (ESET) C:\Users\Max\Downloads\esetsmartinstaller_enu.exe
2014-03-30 23:31 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-30 23:30 - 2012-06-30 00:11 - 00000000 ____D () C:\Windows\TopGun On Air
2014-03-30 15:40 - 2012-02-18 19:34 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-30 15:40 - 2012-02-18 19:34 - 00003848 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-30 10:44 - 2014-03-30 10:44 - 00004715 _____ () C:\Users\Max\Desktop\JRT.txt
2014-03-30 10:34 - 2012-01-18 13:25 - 00000000 ____D () C:\Users\Max\AppData\Roaming\DVDVideoSoft
2014-03-30 10:34 - 2012-01-18 13:24 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-03-30 10:13 - 2014-03-30 10:13 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-30 10:13 - 2014-03-30 10:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-03-30 10:13 - 2014-03-27 20:00 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Malwarebytes
2014-03-30 10:13 - 2014-03-27 20:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-30 10:12 - 2014-03-30 10:12 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Max\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-30 10:12 - 2014-03-30 10:12 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Max\Desktop\mbam-setup-2.0.0.1000.exe
2014-03-30 10:03 - 2014-03-28 01:08 - 00000000 ____D () C:\AdwCleaner
2014-03-30 09:54 - 2014-03-30 09:56 - 01038974 _____ (Thisisu) C:\Users\Max\Desktop\JRT.exe
2014-03-30 09:54 - 2014-03-30 09:55 - 01950720 _____ () C:\Users\Max\Desktop\adwcleaner (1).exe
2014-03-30 09:54 - 2014-03-30 09:54 - 01950720 _____ () C:\Users\Max\Downloads\adwcleaner (1).exe
2014-03-30 09:54 - 2014-03-30 09:54 - 01038974 _____ (Thisisu) C:\Users\Max\Downloads\JRT.exe
2014-03-30 00:49 - 2012-05-13 18:20 - 00000000 ____D () C:\Program Files (x86)\Sky-Fighter
2014-03-29 22:52 - 2014-03-29 22:52 - 00014012 _____ () C:\Users\Max\Documents\cc_20140329_215214.reg
2014-03-29 22:52 - 2014-03-29 22:52 - 00004566 _____ () C:\Users\Max\Documents\cc_20140329_215230.reg
2014-03-29 22:10 - 2012-02-09 18:49 - 00000000 ____D () C:\Program Files (x86)\Simple Port Forwarding
2014-03-29 22:03 - 2014-03-29 22:03 - 00000000 ____D () C:\ProgramData\PDFC
2014-03-29 21:59 - 2013-03-15 16:35 - 00000000 ____D () C:\Symbols
2014-03-29 21:56 - 2011-09-15 12:54 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-29 17:44 - 2014-03-29 17:44 - 00000308 _____ () C:\Users\Max\Documents\cc_20140329_164429.reg
2014-03-29 17:39 - 2014-03-29 17:39 - 00015762 _____ () C:\Users\Max\Documents\cc_20140329_163904.reg
2014-03-29 16:46 - 2013-10-26 00:58 - 00000000 ____D () C:\Users\Max\AppData\Local\Apps\2.0
2014-03-29 12:45 - 2014-03-29 12:22 - 00000000 ____D () C:\Qoobox
2014-03-29 12:44 - 2014-03-29 12:44 - 00026228 _____ () C:\ComboFix.txt
2014-03-29 12:44 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-03-29 12:41 - 2014-03-29 12:21 - 00000000 ____D () C:\Windows\erdnt
2014-03-29 12:34 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-29 12:20 - 2014-03-29 12:20 - 05192353 ____R (Swearware) C:\Users\Max\Downloads\ComboFix.exe
2014-03-29 01:59 - 2014-03-29 01:16 - 00911316 _____ () C:\Users\Max\Desktop\T59-16 HUGE amount of Luck.wotreplay
2014-03-29 01:04 - 2014-03-29 01:04 - 14851176 _____ (diclovit ) C:\Users\Max\Downloads\dmp_1.10.6_setup.exe
2014-03-29 00:40 - 2014-03-29 00:40 - 00000771 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-03-29 00:40 - 2012-01-15 18:13 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-03-29 00:31 - 2012-01-23 20:41 - 00000000 ____D () C:\Games
2014-03-29 00:28 - 2014-03-29 00:28 - 00000000 ____D () C:\Users\Max\Desktop\WoT_0.8.11_eu_install
2014-03-29 00:21 - 2014-03-29 00:24 - 2419305860 _____ () C:\Users\Max\Desktop\WoT_0.8.11_eu_install.zip
2014-03-29 00:21 - 2014-03-28 21:22 - 2419305860 _____ () C:\Users\Max\Downloads\WoT_0.8.11_eu_install.zip
2014-03-28 21:25 - 2013-09-15 22:04 - 00000000 ____D () C:\Program Files (x86)\World_of_Tanks
2014-03-28 21:20 - 2014-03-28 21:23 - 72500829 _____ () C:\Users\Max\Desktop\HRMOD20Gun20Sounds20v1.8621.rar
2014-03-28 21:20 - 2014-03-28 21:18 - 72500829 _____ () C:\Users\Max\Downloads\HRMOD20Gun20Sounds20v1.8621.rar
2014-03-28 21:17 - 2012-01-29 02:06 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-03-28 13:58 - 2014-03-28 13:57 - 00058243 _____ () C:\Users\Max\Downloads\Addition.txt
2014-03-28 13:56 - 2014-03-28 12:24 - 00000000 ____D () C:\Users\Max\Desktop\Ebay-Kleinanzeigen
2014-03-28 13:55 - 2014-03-28 13:55 - 02157056 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe
2014-03-28 11:15 - 2012-03-02 18:53 - 00000000 ___RD () C:\Users\Max\Desktop\Games
2014-03-28 04:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-03-28 04:41 - 2012-04-01 19:14 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-03-28 01:19 - 2011-02-11 19:00 - 00000000 ____D () C:\Windows\Panther
2014-03-28 01:08 - 2014-03-28 01:08 - 01950720 _____ () C:\Users\Max\Downloads\adwcleaner.exe
2014-03-28 01:02 - 2014-03-28 01:02 - 00001423 _____ () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-28 00:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-28 00:55 - 2014-03-28 00:53 - 00001270 _____ () C:\Windows\system32\Commander David wollte ein 1vs1 und war als Techniker in ner Flotten Dreadnought Galaxy gegen meinen BoP immer kurz vor'm krepieren - lol - am Ende hatte ich nen Disconnect - schade - Commander David h..lnk
2014-03-28 00:52 - 2014-03-28 00:52 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-28 00:52 - 2014-03-28 00:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-28 00:52 - 2014-03-28 00:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-28 00:52 - 2014-03-28 00:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-28 00:52 - 2014-03-28 00:52 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-28 00:52 - 2014-03-28 00:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-28 00:52 - 2014-03-28 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-28 00:52 - 2014-03-28 00:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-28 00:52 - 2014-03-28 00:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-28 00:48 - 2014-03-28 00:48 - 00613200 _____ (Chip Digital GmbH) C:\Users\Max\Downloads\Internet Explorer 11 64 Bit - CHIP-Downloader.exe
2014-03-28 00:34 - 2014-03-28 00:34 - 00001224 _____ () C:\Users\Max\Documents\cc_20140327_233406.reg
2014-03-28 00:30 - 2014-03-28 00:14 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-03-28 00:30 - 2013-11-23 17:11 - 00000000 ____D () C:\Program Files (x86)\Combat-Rivals
2014-03-28 00:29 - 2014-03-28 00:29 - 00017648 _____ () C:\Users\Max\Documents\cc_20140327_232909.reg
2014-03-28 00:28 - 2014-03-28 00:28 - 00037148 _____ () C:\Users\Max\Documents\cc_20140327_232850.reg
2014-03-28 00:14 - 2014-03-28 00:14 - 02365840 _____ () C:\Users\Max\Downloads\SecurityTaskManager_Setup.exe
2014-03-28 00:14 - 2014-03-28 00:14 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager
2014-03-27 19:56 - 2014-03-27 19:56 - 03098210 _____ () C:\Users\Max\Downloads\tweaking.com_windows_repair_aio.zip
2014-03-26 15:37 - 2012-01-18 13:28 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-26 15:37 - 2012-01-11 21:35 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-26 14:47 - 2014-03-26 14:46 - 27998329 _____ () C:\Users\Max\Downloads\WoT_7.5_Sounds.zip
2014-03-26 12:57 - 2012-01-03 21:52 - 00000000 ____D () C:\Users\Max\AppData\Local\CrashDumps
2014-03-25 22:09 - 2014-03-25 22:09 - 03667522 _____ () C:\Users\Max\Documents\AutoRuns.arn
2014-03-25 22:08 - 2012-06-24 07:46 - 00000000 ___RD () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-25 22:04 - 2014-03-25 22:04 - 00550371 _____ () C:\Users\Max\Downloads\Autoruns.zip
2014-03-25 17:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-24 08:46 - 2013-11-15 14:41 - 00000142 _____ () C:\Users\Max\Downloads\movie1080p.mkv.zip
2014-03-23 19:18 - 2014-02-13 18:43 - 00000000 ____D () C:\Windows\System32\Tasks\Abelssoft
2014-03-23 19:16 - 2014-03-08 15:49 - 00000000 ____D () C:\Users\Max\AppData\Roaming\IrfanView
2014-03-21 17:57 - 2014-03-21 17:55 - 68950680 _____ (SiSoftware ) C:\Users\Max\Downloads\san2021.exe
2014-03-19 19:05 - 2012-01-15 10:33 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-03-18 16:23 - 2014-03-18 16:23 - 00249613 _____ () C:\Users\Max\Downloads\nvidiaInspector.zip
2014-03-18 04:02 - 2013-08-16 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 04:00 - 2012-02-19 09:33 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-14 18:07 - 2014-03-14 18:07 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Awesomium
2014-03-14 11:54 - 2014-03-12 16:08 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online
2014-03-14 11:12 - 2014-03-14 11:12 - 00000000 ____D () C:\Users\Max\Documents\Elder Scrolls Online
2014-03-14 11:12 - 2014-03-14 11:12 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-03-14 08:27 - 2012-01-12 14:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-14 08:27 - 2012-01-03 22:58 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-13 15:07 - 2014-03-13 15:07 - 00000000 ____D () C:\Users\Max\AppData\Local\Skype
2014-03-13 15:07 - 2012-01-03 22:58 - 00000000 ____D () C:\ProgramData\Skype
2014-03-13 04:01 - 2012-01-24 19:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-12 21:08 - 2012-07-02 16:10 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 21:08 - 2012-07-02 16:10 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 21:08 - 2011-09-15 12:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 16:08 - 2014-03-12 16:07 - 55903624 _____ ( ) C:\Users\Max\Downloads\Install_ESO_Beta.exe
2014-03-11 20:58 - 2014-03-11 20:58 - 00821760 _____ (NVIDIA Corporation) C:\Users\Max\Downloads\NVIDIA SSAA.exe
2014-03-11 20:55 - 2011-09-15 12:39 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-10 21:47 - 2014-03-10 21:47 - 14325662 _____ (diclovit ) C:\Users\Max\Downloads\dmp_1.10.4_setup.exe
2014-03-10 17:36 - 2014-03-10 17:36 - 00613200 _____ (Chip Digital GmbH) C:\Users\Max\Downloads\GPU Z - CHIP-Downloader.exe
2014-03-08 15:48 - 2014-03-08 15:48 - 02179728 _____ (Irfan Skiljan) C:\Users\Max\Downloads\iview437g_setup.exe
2014-03-08 15:47 - 2012-01-21 19:09 - 00000000 ____D () C:\Users\Max\AppData\Local\Windows Live
2014-03-08 15:15 - 2014-03-08 15:14 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-03-08 15:14 - 2014-03-08 15:14 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2014-03-08 15:13 - 2014-03-08 15:13 - 22990573 _____ () C:\Users\Max\Downloads\MSIAfterburnerSetup231.zip
2014-03-08 15:12 - 2014-03-08 15:12 - 00613200 _____ (Chip Digital GmbH) C:\Users\Max\Downloads\MSI Afterburner - CHIP-Downloader.exe
2014-03-08 13:58 - 2014-03-08 13:58 - 00000000 ____D () C:\Program Files (x86)\directx
2014-03-08 13:58 - 2011-09-15 12:44 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-08 13:53 - 2014-03-08 13:53 - 00000000 ____D () C:\Program Files (x86)\TDK
2014-03-07 15:42 - 2012-01-03 20:08 - 00000000 ____D () C:\Users\Max
2014-03-07 09:58 - 2013-06-15 17:16 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2
2014-03-06 17:32 - 2013-07-30 23:30 - 00000000 ____D () C:\Users\Max\AppData\Local\Warframe
2014-03-06 16:33 - 2014-03-06 16:33 - 00000000 ____D () C:\Users\Max\AppData\Roaming\steamvr
2014-03-05 09:26 - 2014-03-30 10:13 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-03-30 10:13 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-03-27 20:00 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-04 16:35 - 2014-03-11 20:51 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-04 16:35 - 2014-03-11 20:51 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 00484296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 00409544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 00377688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-04 16:35 - 2014-03-11 20:51 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-04 16:35 - 2013-12-15 17:51 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-04 16:35 - 2013-07-18 21:28 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-04 16:35 - 2013-07-18 20:12 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-04 16:35 - 2013-07-18 20:12 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-04 16:35 - 2013-07-15 13:47 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-04 16:35 - 2013-07-15 13:47 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-03-04 16:35 - 2011-09-15 12:35 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-03-04 16:35 - 2011-09-15 12:35 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-03-04 15:06 - 2011-03-30 10:45 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-04 15:06 - 2011-03-30 10:44 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-04 15:05 - 2013-07-15 13:48 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-03-04 15:05 - 2011-03-30 10:45 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-03-04 15:05 - 2011-03-30 10:45 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-04 15:05 - 2011-03-30 10:45 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-04 15:05 - 2011-03-30 10:45 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-04 13:32 - 2014-03-11 20:55 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-03 23:33 - 2012-06-20 10:37 - 00000000 ____D () C:\Users\Max\AppData\Local\Adobe
2014-03-03 23:33 - 2012-01-04 10:29 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Adobe
2014-03-03 19:20 - 2014-03-03 19:20 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-03-03 19:19 - 2012-06-20 10:36 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-03 19:13 - 2014-03-03 19:13 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uCertify
2014-03-03 19:13 - 2014-03-03 19:13 - 00000000 ____D () C:\Program Files (x86)\uCertify
2014-03-03 19:12 - 2014-03-03 19:12 - 00930952 _____ (CNET Download.com) C:\Users\Max\Downloads\cbsidlm-cbsi183-uCertify__9A0044_ADOBE_ACE_Photoshop_CS2-ORG-10715851.exe
2014-03-03 19:10 - 2014-03-03 19:10 - 00000000 ____D () C:\PS_CS2_Gr_NonRet
2014-03-03 17:59 - 2014-03-03 17:50 - 375232764 _____ (Adobe Systems Inc. ) C:\Users\Max\Downloads\PS_CS2_Gr_NonRet.exe
Files to move or delete:
====================
C:\ProgramData\hsdk5313dv.dat
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-30 04:37
==================== End Of Log ============================
Ob sich etwas verändert hat, werde ich nach der Schule merken. |
|
01.04.2014, 13:27
| #11 |
| /// the machine /// TB-Ausbilder | Windows 7 | Tab/Fensterwechsel, nach 10sek kurzer Freeze Java, Adobe und Firefox updaten. Den Cheater-Scheiss aus dem Download-Ordner löschen. Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop. Schließe nun alle offenen Programme und trenne Dich von dem Internet. Doppelklick auf die TFC.exe und drücke auf Start. Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\ProgramData\hsdk5313dv.dat
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Dann teste mal.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.04.2014, 20:57
| #12 |
| | Windows 7 | Tab/Fensterwechsel, nach 10sek kurzer Freeze Hab alles gemacht. Aber wärend ich das gerade schreibe, hatte ich einen Freeze. Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Max at 2014-04-01 17:41:37 Run:1
Running from C:\Users\Max\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\ProgramData\hsdk5313dv.dat
*****************
C:\ProgramData\hsdk5313dv.dat => Moved successfully.
==== End of Fixlog ====
Trotzdem Danke  Edit (1): Ich habe jetzt 4 Stunden lang getestet und muss leider berichten dass es jetzt gut doppelt so schlimm ist. Freez' kommen öfter vor, und dann auch nicht einer, sondern sehr oft gleich 2 hintereinander. Edit (2): Also, ich beschreibe zur Sicherheit nochmal mein Problem: Das ganze ist vor gut einer Woche das erste mal aufgetreten. Es waren (sind) kleine Freez'es die - wenn überhaupt - keine halbe Sekunde dauern. In der Zeit spinnt der Sound (Hängt) und die Maus reagiert nicht. Es kommt hauptsächlich bei dem Wechseln der Windows-Fenster vor. (Bsp: Ich gehe vom Desktop auf ein Spiel o.ä. welches aktuell läuft, und 5-10sek nach dem Wechsel kommt der Freez). Zwischenzeitlich war es 2 Tage ohne dieses Problem. Jetzt ist es wieder da, und sogar schlimmer. Jetzt sind es 2 Freez'es hintereinander und sie kommen auch öfter vor. Ich befürchte das es die Festplatte ist, da sie sehr oft auf 100% (Dank dem Prozess "System") kommt. Was ich nur hoffen kann, das es kein Hardware Problem ist. Sofern sich damit jemand auskennt, hier der Link zu den aktuellen Werten (22:00, 1.4.14): hxxp://puu.sh/7Sp7c.png (Mit CrystalDisk die S.M.A.R.T.-Werte ausgelesen). So, das ist nur als Update bzw. als weitere Beschreibung gedacht. Hoffe weiter auf Hilfe Geändert von Bardiel (01.04.2014 um 16:42 Uhr) |
|
02.04.2014, 13:48
| #13 |
| /// the machine /// TB-Ausbilder | Windows 7 | Tab/Fensterwechsel, nach 10sek kurzer Freeze Ich denke es ist hardware. ProcessExplorer als Ersatz für den Windows Taskmanager installieren Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden. Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt. Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen). Mit dem geöffneten Process Explorer mal schauen was die CPU macht zum zeitpunkt des Freezes.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
13.04.2014, 23:07
| #14 |
| | Windows 7 | Tab/Fensterwechsel, nach 10sek kurzer Freeze Hallo, habe nochmal eine Art "Update": Ich habe, als es immer krasser wurde nochmal mit allem versucht. Sprich: -> MBAM 2x laufen lassen (Nichts gefunden). -> Dann 2x Defragmentierung (Nichts großartiges). -> Registry-Fehler beheben lassen. (Schon wieder erstaunlich viele). Seitdem funktioniert wieder alles halbwegs normal. Habe aber vor, mir eine neue Festplatte zu holen, und Windows frisch drauf zu spielen, und dann alles, was halbwegs wichtig ist, bzw so groß, das es ein Download einfach blöd wäre, rüber ziehen. Da ich denke, das die Festplatte ihren Dienst mit 15.000 Stunden erfüllt hat, dürfte das wohl auch die effektivste sein. Vorallem wenn man so überlegt was sich in 2 Jahren dauer-Gamings wohl angesammelt und fest gesetzt hat. Trotzdem Danke, der Threat kann -denke ich mal- geschlossen werden |
|
14.04.2014, 15:25
| #15 |
| /// the machine /// TB-Ausbilder | Windows 7 | Tab/Fensterwechsel, nach 10sek kurzer Freeze alles klar
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 7 | Tab/Fensterwechsel, nach 10sek kurzer Freeze |
| .dll, ebanking, festplatte, google, homepage, java/exploit.agent.at, java/exploit.agent.nbc, java/exploit.blacole.an, java/exploit.cve-2012-1723.e, malware, msil/faketool.ev, photoshop, pup.optional.dvdvideosoft.a, pup.optional.iminent.a, pup.optional.installbrain.a, scan, software, spyhunter, spyhunter entfernen, super, temp, win32/adware.speedingupmypc.c, winlogon.exe |
WARNUNG an die MITLESER: 
Linear-Darstellung
