Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 7: Analyse, ob rechner sauber ist (https://www.trojaner-board.de/163176-windows-7-analyse-ob-rechner-sauber.html)

Teknartor 25.01.2015 05:13
Windows 7: Analyse, ob rechner sauber ist
 
Hallo,

ich wollte meinen Laptop mal überprüfen lassen ob er Viren Frei ist.
Er Harkt des öfteren mal.
Habe ADWCleaner laufen gelassen und einiges gefunden und entfernt aber leider den Bericht nicht.

Wollt nun überprüfen ob noch was da ist.


Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 04:46 on 25/01/2015 (Iceflex)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed

Checking for services/drivers...


-=E.O.F=-

Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-01-2015 01
Ran by Iceflex (administrator) on ICEFLEX-LAPTOP on 25-01-2015 04:49:45
Running from C:\Users\Iceflex\Desktop
Loaded Profiles: Iceflex (Available profiles: Iceflex)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
(Visicom Media Inc.) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd) C:\Program Files\Razer\Naga\RazerNagaSysTray.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
(Valve Corporation) D:\Steam\Steam.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-29] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AMD AVT] => C:\Program Files\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [Razer Naga Driver] => C:\Program Files\Razer\Naga\RazerNagaSysTray.exe [953232 2011-11-16] (Razer USA Ltd)
HKLM\...\Run: [PSUAMain] => C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-10-16] (Panda Security, S.L.)
HKU\S-1-5-21-3896894060-1369374164-1376132773-1000\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-01-27] (Microsoft Corporation)
Startup: C:\Users\Iceflex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3896894060-1369374164-1376132773-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files\pandasecuritytb\pandasecurityDx.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll ()
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3896894060-1369374164-1376132773-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Iceflex\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: Default -> https://www.google.de/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8
CHR StartupUrls: Default -> "https://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-16]
CHR Extension: (Google Drive) - C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-02]
CHR Extension: (YouTube) - C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-06]
CHR Extension: (Google-Suche) - C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-06]
CHR Extension: (Google Wallet) - C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-06]
CHR Extension: (Google Mail) - C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-06]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
R2 NanoServiceMain; C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe [142072 2014-10-13] (Panda Security, S.L.)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1903472 2015-01-20] (Electronic Arts)
R2 PandaAgent; C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 panda_url_filtering; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [283448 2014-09-19] (Visicom Media Inc.)
R2 PSUAService; C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-10-16] (Panda Security, S.L.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 Verifies and fixes application compatibility issues; C:\Users\Iceflex\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [45184 2012-03-05] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-06-10] (Disc Soft Ltd)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [88992 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [166816 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110624 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [125216 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [40192 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [96160 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [61984 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [121888 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [288032 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [208800 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [109856 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [244000 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [96928 2014-06-04] (Panda Security, S.L.)
R3 panda_url_filteringd; C:\ProgramData\Panda Security URL Filtering\panda_url_filteringd.sys [40024 2014-02-18] (Visicom Media Inc.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [139536 2014-10-13] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [105232 2014-10-13] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [168208 2014-10-02] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [113936 2014-10-02] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [124688 2014-10-02] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [100112 2014-10-13] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [48736 2014-03-25] (Panda Security, S.L.)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1334856 2013-05-02] (Realtek Semiconductor Corporation                          )
R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [103424 2011-11-15] (Razer USA Ltd)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 04:49 - 2015-01-25 04:50 - 00012406 _____ () C:\Users\Iceflex\Desktop\FRST.txt
2015-01-25 04:49 - 2015-01-25 04:49 - 01120768 _____ (Farbar) C:\Users\Iceflex\Downloads\FRST.exe
2015-01-25 04:49 - 2015-01-25 04:49 - 01120768 _____ (Farbar) C:\Users\Iceflex\Desktop\FRST.exe
2015-01-25 04:49 - 2015-01-25 04:49 - 00000000 ____D () C:\FRST
2015-01-25 04:46 - 2015-01-25 04:47 - 00000546 _____ () C:\Users\Iceflex\Desktop\defogger_disable.log
2015-01-25 04:46 - 2015-01-25 04:46 - 00000154 _____ () C:\Users\Iceflex\defogger_reenable
2015-01-25 04:45 - 2015-01-25 04:45 - 00380416 _____ () C:\Users\Iceflex\Desktop\Gmer-19357.exe
2015-01-25 04:45 - 2015-01-25 04:45 - 00050477 _____ () C:\Users\Iceflex\Desktop\Defogger.exe
2015-01-25 04:41 - 2015-01-24 22:26 - 00000000 ____D () C:\Users\Iceflex\Desktop\StranXDeXv0.01-3DM
2015-01-25 04:32 - 2015-01-25 04:34 - 176594039 _____ () C:\Users\Iceflex\Downloads\StranXDeXv0.01-3DM.rar
2015-01-24 23:57 - 2015-01-25 01:37 - 00000000 ____D () C:\AdwCleaner
2015-01-24 23:45 - 2015-01-24 23:45 - 02194432 _____ () C:\Users\Iceflex\Downloads\adwcleaner_4.109.exe
2015-01-23 00:35 - 2015-01-23 00:35 - 00000000 ____D () C:\Users\Iceflex\Documents\My Games
2015-01-23 00:35 - 2015-01-23 00:35 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-23 00:35 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-01-23 00:35 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-01-23 00:35 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-01-23 00:35 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-01-23 00:35 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-01-23 00:35 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-01-23 00:35 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-01-23 00:35 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-01-23 00:35 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-01-23 00:35 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-01-23 00:35 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-01-23 00:35 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-01-23 00:35 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-01-23 00:35 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-01-23 00:35 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-01-23 00:35 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-01-23 00:35 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-01-23 00:35 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-01-23 00:35 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-01-23 00:35 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-01-23 00:35 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-01-23 00:35 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-01-23 00:35 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-01-23 00:35 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-01-23 00:35 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-01-23 00:35 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-01-23 00:35 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-01-23 00:35 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-01-23 00:35 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-01-23 00:35 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-01-23 00:35 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-01-23 00:35 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-01-23 00:34 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-01-23 00:34 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-01-23 00:34 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-01-23 00:34 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-01-23 00:34 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-01-23 00:34 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-01-23 00:34 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-01-23 00:34 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-01-23 00:34 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-01-23 00:34 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-01-23 00:34 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-01-23 00:34 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-01-23 00:34 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-01-23 00:34 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-01-23 00:34 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-01-23 00:34 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-01-23 00:34 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-01-23 00:34 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-01-23 00:34 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-01-23 00:34 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-01-23 00:34 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-01-23 00:34 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-01-23 00:34 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-01-23 00:34 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-01-23 00:34 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-01-23 00:34 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-01-23 00:34 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-01-23 00:34 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-01-23 00:34 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-01-23 00:34 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-01-23 00:34 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-01-23 00:34 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-01-23 00:34 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-01-23 00:34 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-01-23 00:34 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-01-23 00:34 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-01-23 00:34 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-01-23 00:34 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-01-23 00:34 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-01-23 00:34 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-01-23 00:34 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-01-23 00:34 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-01-23 00:34 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-01-23 00:34 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-01-23 00:34 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-01-23 00:34 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-01-23 00:34 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-01-23 00:34 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-01-23 00:34 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-01-23 00:34 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-01-23 00:34 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-01-23 00:34 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-01-23 00:34 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-01-23 00:34 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-01-23 00:34 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-01-20 22:02 - 2015-01-20 22:02 - 00000000 ____D () C:\Users\Iceflex\Documents\Electronic Arts
2015-01-20 22:00 - 2015-01-20 22:00 - 00001300 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2015-01-20 22:00 - 2015-01-20 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4
2015-01-20 00:22 - 2015-01-20 00:50 - 00000382 ____H () C:\Windows\Tasks\{1B874B03-E710-4B92-985E-433F533E4488}.job
2015-01-20 00:18 - 2015-01-25 01:37 - 00000000 ____D () C:\ProgramData\panda_url_filtering
2015-01-20 00:18 - 2015-01-20 00:18 - 00000000 ____D () C:\ProgramData\Panda Security URL Filtering
2015-01-20 00:17 - 2015-01-20 00:17 - 00000000 ____D () C:\Program Files\pandasecuritytb
2015-01-20 00:17 - 2014-03-25 14:15 - 00048736 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2015-01-20 00:16 - 2015-01-20 00:16 - 00000000 ____D () C:\Users\Iceflex\AppData\Roaming\Panda Security
2015-01-20 00:15 - 2015-01-20 00:18 - 00000000 ____D () C:\Program Files\Panda Security
2015-01-20 00:15 - 2015-01-20 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2015-01-19 22:49 - 2015-01-19 22:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_RzSynapse_01007.Wdf
2015-01-19 22:46 - 2015-01-19 22:49 - 00008128 _____ () C:\Windows\DPINST.LOG
2015-01-19 22:45 - 2015-01-19 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2015-01-19 22:43 - 2015-01-20 00:18 - 00000000 ____D () C:\ProgramData\Panda Security
2015-01-19 16:40 - 2015-01-24 23:33 - 00000000 ____D () C:\Users\Iceflex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prime Games
2015-01-19 16:40 - 2015-01-19 16:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prime Games
2015-01-19 15:37 - 2015-01-19 15:37 - 00000000 ____D () C:\Windows\system32\directx
2015-01-19 03:42 - 2015-01-19 03:42 - 00016464 _____ () C:\Users\Iceflex\Desktop\clickerHeroSave.txt
2015-01-15 20:10 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-15 03:16 - 2015-01-15 03:16 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-15 03:16 - 2015-01-15 03:16 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Adobe
2015-01-15 03:16 - 2015-01-15 03:16 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-15 03:16 - 2015-01-15 03:16 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Adobe
2015-01-15 03:14 - 2015-01-15 03:15 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Compatibility Verifier
2015-01-15 03:14 - 2015-01-15 03:15 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Compatibility Verifier
2015-01-15 02:53 - 2015-01-24 03:16 - 00000112 _____ () C:\ProgramData\ShmOH2h.dat
2015-01-15 02:44 - 2015-01-15 02:44 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-14 23:38 - 2015-01-14 23:38 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-01-14 23:38 - 2015-01-14 23:38 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-01-14 23:38 - 2015-01-14 23:38 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-01-14 23:38 - 2015-01-14 23:38 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-01-14 23:38 - 2015-01-14 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-14 23:38 - 2015-01-14 23:38 - 00000000 ____D () C:\Program Files\Java
2015-01-14 23:38 - 2015-01-14 23:38 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-01-14 20:25 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 20:23 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-14 20:23 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-01-14 20:23 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-01-14 20:23 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-01-14 20:23 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-01-14 20:20 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 20:20 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 20:20 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 20:20 - 2014-12-11 18:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 20:20 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 20:06 - 2015-01-14 20:06 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-08 14:33 - 2014-12-04 05:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-01-08 14:33 - 2014-12-04 05:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-01-08 14:33 - 2014-12-04 05:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-01-08 14:33 - 2014-12-04 05:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-01-08 14:33 - 2014-12-04 05:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-01-08 14:33 - 2014-12-04 05:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-01-08 14:33 - 2014-12-04 05:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-01-08 14:33 - 2014-12-02 00:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-01-08 14:33 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-08 14:33 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-08 14:33 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-08 14:33 - 2014-11-22 03:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-01-08 14:33 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-08 14:33 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-08 14:33 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-01-08 14:33 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-01-08 14:33 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-08 14:33 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-08 14:33 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-08 14:33 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-01-08 14:33 - 2014-11-22 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-01-08 14:33 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-01-08 14:33 - 2014-11-22 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-01-08 14:33 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-01-08 14:33 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-01-08 14:33 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-08 14:33 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-08 14:33 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-01-08 14:33 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-08 14:33 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-08 14:33 - 2014-11-22 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-08 14:33 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-08 14:33 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-01-08 14:33 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-08 14:33 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-08 14:33 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-08 14:33 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-08 14:29 - 2015-01-08 14:32 - 00000000 ____D () C:\Users\Iceflex\Documents\Heroes of the Storm
2015-01-08 14:19 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-08 14:19 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-08 14:19 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-08 14:19 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-08 14:19 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-08 14:06 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-01-08 14:06 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-01-08 14:05 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-01-08 14:05 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-01-08 14:05 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-01-08 14:05 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-08 14:04 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-01-08 14:04 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-01-08 14:04 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-01-08 14:04 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-01-08 13:58 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-01-08 13:58 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-01-08 13:58 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-01-08 13:58 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-01-08 13:58 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-01-08 13:58 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-01-08 13:58 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-01-08 13:48 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-01-08 13:46 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-01-08 13:46 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-01-08 13:46 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-01-08 13:46 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-01-08 13:46 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-01-08 13:46 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-01-08 13:46 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-08 13:46 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-01-08 13:46 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-01-08 13:46 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-01-08 13:46 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 04:48 - 2014-11-03 23:57 - 00000000 ____D () C:\Program Files\Common Files\Steam
2015-01-25 04:48 - 2009-07-14 05:34 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-25 04:48 - 2009-07-14 05:34 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-25 04:46 - 2014-01-06 00:22 - 00000000 ____D () C:\Users\Iceflex
2015-01-25 04:38 - 2014-01-06 01:27 - 00002121 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-25 04:38 - 2014-01-06 01:26 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-25 04:32 - 2014-01-06 00:22 - 01758815 _____ () C:\Windows\WindowsUpdate.log
2015-01-25 04:30 - 2014-01-06 00:24 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-25 04:29 - 2009-07-14 05:39 - 00037245 _____ () C:\Windows\setupact.log
2015-01-25 01:38 - 2014-01-06 01:26 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-25 01:38 - 2014-01-06 01:26 - 00000000 ____D () C:\Users\Iceflex\AppData\Local\Deployment
2015-01-25 01:38 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-25 01:37 - 2014-01-06 01:30 - 00028242 _____ () C:\Windows\PFRO.log
2015-01-25 00:13 - 2014-01-06 01:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-25 00:13 - 2014-01-06 00:23 - 00001156 _____ () C:\Users\Iceflex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-23 00:34 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-22 14:13 - 2014-03-02 19:49 - 00000000 ____D () C:\Program Files\Origin
2015-01-21 19:19 - 2014-03-02 19:50 - 00000000 ____D () C:\ProgramData\Origin
2015-01-20 22:01 - 2014-03-02 19:50 - 00000000 ____D () C:\ProgramData\Electronic Arts
2015-01-20 22:00 - 2009-07-14 05:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-20 18:05 - 2014-11-03 22:33 - 00000000 ____D () C:\Program Files\Origin Games
2015-01-20 18:03 - 2014-03-02 19:50 - 00000000 ____D () C:\Users\Iceflex\AppData\Roaming\Origin
2015-01-20 18:01 - 2014-03-02 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-01-20 04:36 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-01-20 00:50 - 2009-07-14 05:33 - 00300160 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-20 00:16 - 2014-01-06 01:26 - 00059336 _____ () C:\Users\Iceflex\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-20 00:09 - 2014-06-10 08:41 - 00000000 ____D () C:\temp
2015-01-19 22:45 - 2014-11-02 23:35 - 00000000 ____D () C:\Program Files\Razer
2015-01-19 16:38 - 2014-06-10 10:07 - 00000000 ____D () C:\Users\Iceflex\AppData\Roaming\DAEMON Tools Lite
2015-01-19 16:38 - 2014-06-10 10:05 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-01-18 14:07 - 2014-03-20 12:57 - 00000000 ____D () C:\Users\Iceflex\AppData\Local\Battle.net
2015-01-18 02:07 - 2014-01-26 16:52 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment
2015-01-18 02:04 - 2014-03-20 12:58 - 00000000 ____D () C:\Program Files\Hearthstone
2015-01-16 06:28 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2015-01-16 03:08 - 2014-01-19 03:06 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-16 03:02 - 2014-01-19 03:06 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-15 02:44 - 2014-05-18 13:46 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-15 02:44 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-01-15 02:44 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2015-01-14 23:38 - 2014-07-17 21:47 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-08 14:30 - 2014-01-26 18:09 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-01-08 13:23 - 2014-03-20 12:56 - 00000000 ____D () C:\Program Files\Battle.net
2015-01-08 09:55 - 2014-01-18 21:33 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2015-01-15 02:53 - 2015-01-24 03:16 - 0000112 _____ () C:\ProgramData\ShmOH2h.dat

Files to move or delete:
====================
C:\ProgramData\ShmOH2h.dat
C:\Windows\Tasks\{1B874B03-E710-4B92-985E-433F533E4488}.job


Some content of TEMP:
====================
C:\Users\Iceflex\AppData\Local\Temp\avgnt.exe
C:\Users\Iceflex\AppData\Local\Temp\JDSetup130468596235731640.exe
C:\Users\Iceflex\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Iceflex\AppData\Local\Temp\nsn887.tmp.exe
C:\Users\Iceflex\AppData\Local\Temp\p25cli.exe
C:\Users\Iceflex\AppData\Local\Temp\Quarantine.exe
C:\Users\Iceflex\AppData\Local\Temp\sqlite3.dll
C:\Users\Iceflex\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Iceflex\AppData\Local\Temp\~dl56D6.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-25 02:02

==================== End Of Log ============================


Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-01-2015 01
Ran by Iceflex at 2015-01-25 04:50:40
Running from C:\Users\Iceflex\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Panda Free Antivirus (Enabled - Up to date) {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
AS: Panda Free Antivirus (Enabled - Up to date) {8F3797EF-DB90-F073-3C72-40C753554CD1}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Install Manager (HKLM\...\{B448BC74-1CB7-7A57-3313-5E075AFB413E}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dead Island: Epidemic (HKLM\...\Steam App 222900) (Version:  - Stunlock Studios)
Diablo III (HKLM\...\Diablo III) (Version:  - Blizzard Entertainment)
Die Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.26.89 - Electronic Arts)
Die Sims™ 4 (HKLM\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.3.32.1010 - Electronic Arts Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.91 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM\...\Hearthstone) (Version:  - Blizzard Entertainment)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (Version: 3.0.1 - Riot Games ) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
NVIDIA PhysX (HKLM\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Origin (HKLM\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Panda Devices Agent (HKLM\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)
Panda Devices Agent (Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM\...\Panda Universal Agent Endpoint) (Version: 15.00.04.0000 - Panda Security)
Panda Free Antivirus (Version: 7.23.00.0000 - Panda Security) Hidden
Panda Security Toolbar (HKLM\...\pandasecuritytb) (Version: 4.2.1.7 - Panda Security and Visicom Media Inc.)
Panda Security URL Filtering (HKLM\...\Panda Security URL Filtering) (Version: 2.0.2.0 - Panda Security)
Razer Naga (HKLM\...\{ED4108A9-60FD-4F18-AF42-122219977773}) (Version: 3.03.01 - Razer USA Ltd.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Unity Web Player (HKU\S-1-5-21-3896894060-1369374164-1376132773-1000\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
WinRAR 5.01 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Warcraft (HKLM\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3896894060-1369374164-1376132773-1000_Classes\CLSID\{164304c3-953b-4b0c-b12d-d1d0cef6b1e9}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3896894060-1369374164-1376132773-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Iceflex\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)

==================== Restore Points  =========================

23-01-2015 00:32:30 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
23-01-2015 00:33:34 DirectX wurde installiert
24-01-2015 00:59:18 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {6533827E-42BC-4AAE-8E90-40CEB06C41CA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-06] (Google Inc.)
Task: {7076A6C1-ECC3-49DF-A14C-33D1D8C9BD63} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-06] (Google Inc.)
Task: {A28E4391-FE3B-40DB-8C27-D88107B970C3} - System32\Tasks\{1B874B03-E710-4B92-985E-433F533E4488} => C:\Program Files\Panda Security\Panda Security Protection\JobLauncher.exe [2014-10-13] (Panda Security, S.L.)
Task: {F142DAE2-2694-434A-A467-BC1EFCF2E649} - System32\Tasks\{BA8D3420-32BA-4AA4-9485-3F78442A5FF6} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -c -runfromtemp -l0x0007 -removeonly

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\{1B874B03-E710-4B92-985E-433F533E4488}.job => C:\Program Files\Panda Security\Panda Security Protection\JobLauncher.exe

==================== Loaded Modules (whitelisted) =============

2013-04-29 22:24 - 2013-04-29 22:24 - 00065024 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files\Panda Security\Panda Security Protection\SQLite3.dll
2013-04-29 22:24 - 2013-04-29 22:24 - 00095232 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-06-18 14:49 - 2013-06-18 14:49 - 00016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-04-29 22:08 - 2013-04-29 22:08 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-01-17 02:34 - 2015-01-09 01:35 - 01077064 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-17 02:34 - 2015-01-09 01:35 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.99\libegl.dll
2015-01-17 02:34 - 2015-01-09 01:35 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-17 02:34 - 2015-01-09 01:35 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
2014-11-03 23:59 - 2014-12-01 22:31 - 02396672 _____ () D:\Steam\libavcodec-56.dll
2014-11-03 23:59 - 2014-12-01 22:31 - 00442880 _____ () D:\Steam\libavutil-54.dll
2014-11-03 23:59 - 2014-12-01 22:31 - 00479744 _____ () D:\Steam\libavformat-56.dll
2014-11-03 23:59 - 2014-12-01 22:31 - 00332800 _____ () D:\Steam\libavresample-2.dll
2014-11-03 23:59 - 2014-11-11 19:47 - 00774656 _____ () D:\Steam\SDL2.dll
2015-01-23 00:12 - 2014-12-02 01:29 - 05002752 _____ () D:\Steam\v8.dll
2015-01-23 00:12 - 2014-12-02 01:29 - 01612800 _____ () D:\Steam\icui18n.dll
2015-01-23 00:12 - 2014-12-02 01:29 - 01210368 _____ () D:\Steam\icuuc.dll
2014-11-03 23:59 - 2015-01-23 23:34 - 02227904 _____ () D:\Steam\video.dll
2014-11-03 23:59 - 2014-12-01 22:31 - 00485888 _____ () D:\Steam\libswscale-3.dll
2014-11-03 23:59 - 2015-01-23 23:33 - 00696512 _____ () D:\Steam\bin\chromehtml.DLL
2014-11-03 23:59 - 2015-01-16 00:42 - 34641288 _____ () D:\Steam\bin\libcef.dll
2014-11-03 23:59 - 2015-01-16 00:42 - 01709960 _____ () D:\Steam\bin\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3896894060-1369374164-1376132773-500 - Administrator - Disabled)
Gast (S-1-5-21-3896894060-1369374164-1376132773-501 - Limited - Disabled)
Iceflex (S-1-5-21-3896894060-1369374164-1376132773-1000 - Administrator - Enabled) => C:\Users\Iceflex

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/25/2015 02:03:41 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/25/2015 02:02:49 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/25/2015 00:06:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: compatibilitycheck.exe, Version: 0.0.0.0, Zeitstempel: 0x54b5ebf9
Name des fehlerhaften Moduls: compatibilitycheck.exe, Version: 0.0.0.0, Zeitstempel: 0x54b5ebf9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00095842
ID des fehlerhaften Prozesses: 0xb6c
Startzeit der fehlerhaften Anwendung: 0xcompatibilitycheck.exe0
Pfad der fehlerhaften Anwendung: compatibilitycheck.exe1
Pfad des fehlerhaften Moduls: compatibilitycheck.exe2
Berichtskennung: compatibilitycheck.exe3

Error: (01/24/2015 11:41:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x56726c6a
ID des fehlerhaften Prozesses: 0x133c
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (01/24/2015 11:32:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x57f66c6a
ID des fehlerhaften Prozesses: 0x17f8
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (01/23/2015 02:51:18 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/23/2015 02:50:27 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/22/2015 09:05:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/22/2015 09:04:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/20/2015 10:25:35 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (01/25/2015 04:48:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (01/25/2015 04:48:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (01/25/2015 01:38:32 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (01/25/2015 01:38:01 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (01/25/2015 00:25:22 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (01/25/2015 00:24:51 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (01/25/2015 00:22:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Panda Devices Agent" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (01/25/2015 00:22:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Panda Devices Agent erreicht.

Error: (01/25/2015 00:21:24 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WSearch erreicht.

Error: (01/25/2015 00:20:54 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Spooler erreicht.


Microsoft Office Sessions:
=========================
Error: (01/25/2015 02:03:41 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\ati technologies\ATI.ACE\core-static\SLSTaskbar64.exe

Error: (01/25/2015 02:02:49 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Razer\Drivers\RzSynapse\DPInst_amd64.exe

Error: (01/25/2015 00:06:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: compatibilitycheck.exe0.0.0.054b5ebf9compatibilitycheck.exe0.0.0.054b5ebf9c000000500095842b6c01d03829d351c83bC:\Users\Iceflex\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exeC:\Users\Iceflex\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exea3bec7b5-a41d-11e4-824d-88ae1df57596

Error: (01/24/2015 11:41:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d6727a7unknown0.0.0.000000000c000000556726c6a133c01d03826d01cca37C:\Windows\explorer.exeunknown12e99267-a41a-11e4-824d-88ae1df57596

Error: (01/24/2015 11:32:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d6727a7unknown0.0.0.000000000c000000557f66c6a17f801d038259c7b40bdC:\Windows\explorer.exeunknowndc2c6fa7-a418-11e4-824d-88ae1df57596

Error: (01/23/2015 02:51:18 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\ati technologies\ATI.ACE\core-static\SLSTaskbar64.exe

Error: (01/23/2015 02:50:27 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Razer\Drivers\RzSynapse\DPInst_amd64.exe

Error: (01/22/2015 09:05:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\ati technologies\ATI.ACE\core-static\SLSTaskbar64.exe

Error: (01/22/2015 09:04:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Razer\Drivers\RzSynapse\DPInst_amd64.exe

Error: (01/20/2015 10:25:35 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\ati technologies\ATI.ACE\core-static\SLSTaskbar64.exe


==================== Memory info ===========================

Processor: AMD Athlon(tm) II P340 Dual-Core Processor
Percentage of memory in use: 49%
Total physical RAM: 2811.7 MB
Available physical RAM: 1429.73 MB
Total Pagefile: 5621.68 MB
Available Pagefile: 3834.16 MB
Total Virtual: 2047.88 MB
Available Virtual: 1893.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.44 GB) (Free:89.44 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:148.65 GB) (Free:120.03 GB) NTFS
Drive h: (TheSims3CE) (Removable) (Total:1.8 GB) (Free:1 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 40FECE23)
Partition 1: (Not Active) - (Size=1 GB) - (Type=27)
Partition 2: (Active) - (Size=148.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=148.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 1.8 GB) (Disk ID: 6B736964)
No partition Table on disk 2.

==================== End Of Log ============================


Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-01-25 05:06:54
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS545032B9A300 rev.PB3OC64G 298,09GB
Running: Gmer-19357.exe; Driver: C:\Users\Iceflex\AppData\Local\Temp\kwdiikoc.sys


---- Kernel code sections - GMER 2.1 ----

.text          ntkrnlpa.exe!ZwRequestWaitReplyPort + 14A5                                                  82A81A15 1 Byte  [06]
.text          ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                      82ABB372 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text          C:\Windows\system32\DRIVERS\atikmdag.sys                                                    section is writeable [0x9420E000, 0x2BFBF0, 0xE8000020]

---- Devices - GMER 2.1 ----

AttachedDevice  \FileSystem\fastfat \Fat                                                                    fltmgr.sys

---- Registry - GMER 2.1 ----

Reg            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active         
Reg            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active@04EF972F  94

---- EOF - GMER 2.1 ----



Bericht meines Antiviren Programmes (Panda Free Antivir)
Code:
Ereignisse                            Datum/Zeit                Status                                                  Weitere Details
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Element entsperrt                    25.01.2015 04:49                                                                  Speicherort: C:\Users\Iceflex\Downloads\FRST.exe
Element entsperrt                    25.01.2015 04:49                                                                  Speicherort: C:\Users\Iceflex\Desktop\FRST.exe
Virus erkannt W32/Exploit.gen        25.01.2015 04:48          Neutralisiert                                          Speicherort: C:\Users\Iceflex\Downloads\FRST.exe
Virus erkannt W32/Exploit.gen        25.01.2015 04:47          Neutralisiert                                          Speicherort: C:\Users\Iceflex\Desktop\FRST.exe
Synchronisierung                      25.01.2015 00:18          Synchronisiert                                          Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.
Scan                                  24.01.2015 23:36          Beendet                                                Durchsuche: C:\Program Files\A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237E
Scan                                  24.01.2015 23:36          Gestartet                                              Durchsuche: C:\Program Files\A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237E
Synchronisierung                      24.01.2015 01:46          Synchronisiert                                          Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.
Synchronisierung                      22.01.2015 18:38          Synchronisiert                                          Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.
Synchronisierung                      22.01.2015 14:18          Synchronisiert                                          Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.
Synchronisierung                      21.01.2015 19:09          Synchronisiert                                          Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.
Synchronisierung                      20.01.2015 17:54          Synchronisiert                                          Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.
Trojaner erkannt Trj/CI.A            20.01.2015 15:10          Nach dem Neustart des Computers ist die Datei gelöscht  Speicherort: C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
Synchronisierung                      20.01.2015 11:27          Synchronisiert                                          Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.
Scan                                  20.01.2015 08:11          Beendet                                                Kompletter Scan (Gesamten Arbeitsplatz)
Trojaner erkannt Trj/CI.A            20.01.2015 05:35          Gelöscht                                                Speicherort: C:\Users\Iceflex\AppData\Local\Temp\F6D3EXXXXX_Q\82A640F0B97E4194BF26733F05613445\wpm\wpm.exe
Cookie erkannt Cookie/Mediaplex      20.01.2015 04:46          Gelöscht                                                Speicherort: C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Cookies[.mediaplex.com/]
Cookie erkannt Unbekannter Name      20.01.2015 04:46          Gelöscht                                                Speicherort: C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Cookies[.doubleclick.net/]
Scan                                  20.01.2015 04:29          Gestartet                                              Kompletter Scan (Gesamten Arbeitsplatz)
Trojaner erkannt Trj/CI.A            20.01.2015 02:29          Gelöscht                                                Speicherort: C:\Windows\Temp\A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237En.exe
Trojaner erkannt Trj/Chgt.C          20.01.2015 02:29          Gelöscht                                                Speicherort: C:\Windows\Temp\A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237Eie.exe
Trojaner erkannt Trj/CI.A            20.01.2015 02:04          Gelöscht                                                Speicherort: C:\Users\Iceflex\Desktop\Plague.Inc.Evolved.v0.7.3.Cracked-3DM\Plague.Inc.Evolved.v0.7.3.Cracked-3DM\3DMGAME-Plague.Inc.Evolved.v0.7.3.Cracked-3DM\PlagueInc\steam_api.dll
Trojaner erkannt Trj/Genetic.gen      20.01.2015 01:52          Gelöscht                                                Speicherort: C:\Users\Iceflex\AppData\Local\Temp\32334701\32334701.zipDir\tmp\SupTab_Setup302.exe
Trojaner erkannt Trj/CI.A            20.01.2015 01:48          Gelöscht                                                Speicherort: C:\ProgramData\WPM\update\update.exe
Trojaner erkannt Trj/Genetic.gen      20.01.2015 01:48          Gelöscht                                                Speicherort: C:\Program Files\SupTab\DpInterface32.dll
Trojaner erkannt Trj/CI.A            20.01.2015 01:42          Gelöscht                                                Speicherort: C:\Program Files\A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237E\eexvlcbkbu.exe
Trojaner erkannt Trj/Chgt.C          20.01.2015 01:21          Gelöscht                                                Speicherort: C:\Program Files\A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237E\gohymlmtrh.dll
Scan                                  20.01.2015 01:19          Gestartet                                              Kompletter Scan (Gesamten Arbeitsplatz)
Scan                                  20.01.2015 01:18          Beendet                                                Durchsuche: Kritische Bereiche
Cookie erkannt Cookie/Serving-sys    20.01.2015 01:17          Gelöscht                                                Speicherort: C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Cookies[bs.serving-sys.com/]
Cookie erkannt Cookie/Zedo            20.01.2015 01:17          Gelöscht                                                Speicherort: C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Cookies[.zedo.com/]
Cookie erkannt Cookie/Tribalfusion    20.01.2015 01:17          Gelöscht                                                Speicherort: C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Cookies[.tribalfusion.com/]
Cookie erkannt Cookie/Smartadserver  20.01.2015 01:17          Gelöscht                                                Speicherort: C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Cookies[.smartadserver.com/]
Cookie erkannt Cookie/Serving-sys    20.01.2015 01:17          Gelöscht                                                Speicherort: C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Cookies[.serving-sys.com/]
Cookie erkannt Cookie/QuestionMarket  20.01.2015 01:17          Gelöscht                                                Speicherort: C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Cookies[.questionmarket.com/]
Cookie erkannt Cookie/Mediaplex      20.01.2015 01:17          Gelöscht                                                Speicherort: C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Cookies[.mediaplex.com/]
Cookie erkannt Cookie/FastClick      20.01.2015 01:17          Gelöscht                                                Speicherort: C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Cookies[.fastclick.net/]
Cookie erkannt Unbekannter Name      20.01.2015 01:17          Gelöscht                                                Speicherort: C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Cookies[.doubleclick.net/]
Cookie erkannt Cookie/Casalemedia    20.01.2015 01:17          Gelöscht                                                Speicherort: C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Cookies[.casalemedia.com/]
Cookie erkannt Cookie/BurstNet        20.01.2015 01:17          Gelöscht                                                Speicherort: C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Cookies[.burstnet.com/]
Cookie erkannt Cookie/Serving-sys    20.01.2015 01:17          Gelöscht                                                Speicherort: C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Cookies[.bs.serving-sys.com/]
Cookie erkannt Cookie/Advertising    20.01.2015 01:17          Gelöscht                                                Speicherort: C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Cookies[.advertising.com/]
Cookie erkannt Cookie/Adtech          20.01.2015 01:17          Gelöscht                                                Speicherort: C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Cookies[.adtech.de/]
Synchronisierung                      20.01.2015 01:11          Synchronisiert                                          Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.
Scan                                  20.01.2015 00:54          Gestartet                                              Durchsuche: Kritische Bereiche
Computer geimpft                      20.01.2015 00:50          Geimpft
Scan                                  20.01.2015 00:43          Abgebrochen                                            Durchsuche: Kritische Bereiche
Trojaner erkannt Trj/Genetic.gen      20.01.2015 00:27          Nach dem Neustart des Computers ist die Datei gelöscht  Speicherort: c:\windows\temp\db23.exe
Trojaner erkannt Trj/OCJ.F            20.01.2015 00:26          Nach dem Neustart des Computers ist die Datei gelöscht  Speicherort: C:\Program Files\004\rqpbhevlkc32.exe
Trojaner erkannt Trj/Genetic.gen      20.01.2015 00:25          Nach dem Neustart des Computers ist die Datei gelöscht  Speicherort: C:\ProgramData\IePluginServices\PluginService.exe
Scan                                  20.01.2015 00:23          Gestartet                                              Durchsuche: Kritische Bereiche
Computer geimpft                      20.01.2015 00:17          Geimpft

schrauber 25.01.2015 07:20
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Teknartor 25.01.2015 07:56
Code:
ComboFix 15-01-22.02 - Iceflex 25.01.2015  7:45.1.2 - x86
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.2812.2020 [GMT 1:00]
ausgeführt von:: c:\users\Iceflex\Desktop\ComboFix.exe
AV: Panda Free Antivirus *Disabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
FW: Panda Firewall *Disabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
SP: Panda Free Antivirus *Disabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-12-25 bis 2015-01-25  ))))))))))))))))))))))))))))))
.
.
2015-01-25 06:53 . 2015-01-25 06:53        --------        d-----w-        c:\users\Default\AppData\Local\temp
2015-01-25 03:49 . 2015-01-25 03:51        --------        d-----w-        C:\FRST
2015-01-25 02:43 . 2015-01-25 02:43        62576        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{F318F5CD-3884-48E1-BE63-2D179E513F3C}\offreg.dll
2015-01-24 22:57 . 2015-01-25 00:37        --------        d-----w-        C:\AdwCleaner
2015-01-23 23:59 . 2014-12-15 03:13        9054624        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{F318F5CD-3884-48E1-BE63-2D179E513F3C}\mpengine.dll
2015-01-22 23:34 . 2008-10-27 09:04        23376        ----a-w-        c:\windows\system32\X3DAudio1_5.dll
2015-01-20 21:00 . 2015-01-20 21:00        --------        d--h--w-        c:\program files\Common Files\EAInstaller
2015-01-19 23:18 . 2015-01-25 00:37        --------        d-----w-        c:\programdata\panda_url_filtering
2015-01-19 23:18 . 2015-01-19 23:18        --------        d-----w-        c:\programdata\Panda Security URL Filtering
2015-01-19 23:17 . 2014-03-25 13:15        48736        ----a-w-        c:\windows\system32\drivers\PSKMAD.sys
2015-01-19 23:17 . 2015-01-19 23:17        --------        d-----w-        c:\program files\pandasecuritytb
2015-01-19 23:16 . 2015-01-19 23:16        --------        d-----w-        c:\users\Iceflex\AppData\Roaming\Panda Security
2015-01-19 23:15 . 2015-01-19 23:18        --------        d-----w-        c:\program files\Panda Security
2015-01-19 21:43 . 2015-01-19 23:18        --------        d-----w-        c:\programdata\Panda Security
2015-01-15 19:10 . 2014-12-13 03:33        115712        ----a-w-        c:\windows\system32\ieUnatt.exe
2015-01-15 02:14 . 2015-01-15 02:15        --------        d-----w-        c:\users\Default\AppData\Roaming\Compatibility Verifier
2015-01-15 02:14 . 2015-01-15 02:14        --------        d-----w-        c:\users\Default\AppData\Local\Programs
2015-01-15 01:44 . 2015-01-15 01:44        --------        d-----w-        c:\windows\system32\appraiser
2015-01-14 22:38 . 2015-01-14 22:38        --------        d-----w-        c:\program files\Common Files\Java
2015-01-14 22:38 . 2015-01-14 22:38        96680        ----a-w-        c:\windows\system32\WindowsAccessBridge.dll
2015-01-14 22:38 . 2015-01-14 22:38        --------        d-----w-        c:\program files\Java
2015-01-14 19:25 . 2014-12-19 01:34        116224        ----a-w-        c:\windows\system32\drivers\mrxdav.sys
2015-01-14 19:23 . 2014-10-18 01:33        3209728        ----a-w-        c:\windows\system32\mf.dll
2015-01-14 19:23 . 2014-07-07 01:40        103424        ----a-w-        c:\windows\system32\mfps.dll
2015-01-14 19:23 . 2014-07-07 01:39        50176        ----a-w-        c:\windows\system32\rrinstaller.exe
2015-01-14 19:23 . 2014-07-07 01:39        23040        ----a-w-        c:\windows\system32\mfpmp.exe
2015-01-14 19:23 . 2014-07-07 01:37        2048        ----a-w-        c:\windows\system32\mferror.dll
2015-01-14 19:20 . 2014-12-12 05:11        3971512        ----a-w-        c:\windows\system32\ntkrnlpa.exe
2015-01-14 19:20 . 2014-12-12 05:11        3916728        ----a-w-        c:\windows\system32\ntoskrnl.exe
2015-01-14 19:20 . 2014-12-11 17:47        46592        ----a-w-        c:\windows\system32\TSWbPrxy.exe
2015-01-14 19:20 . 2014-12-19 02:43        164864        ----a-w-        c:\windows\system32\profsvc.dll
2015-01-14 19:20 . 2014-12-06 03:50        242688        ----a-w-        c:\windows\system32\nlasvc.dll
2015-01-14 19:06 . 2015-01-14 19:06        --------        d-----w-        c:\programdata\Package Cache
2015-01-08 13:19 . 2014-10-03 01:44        442880        ----a-w-        c:\windows\system32\AUDIOKSE.dll
2015-01-08 13:19 . 2014-10-03 01:44        275968        ----a-w-        c:\windows\system32\EncDump.dll
2015-01-08 13:19 . 2014-10-03 01:44        475136        ----a-w-        c:\windows\system32\audiosrv.dll
2015-01-08 13:19 . 2014-10-03 01:44        374784        ----a-w-        c:\windows\system32\AudioEng.dll
2015-01-08 13:19 . 2014-10-03 01:44        195584        ----a-w-        c:\windows\system32\AudioSes.dll
2015-01-08 13:06 . 2014-11-08 02:45        2048        ----a-w-        c:\windows\system32\tzres.dll
2015-01-08 13:06 . 2014-10-18 01:33        571904        ----a-w-        c:\windows\system32\oleaut32.dll
2015-01-08 13:05 . 2014-11-11 01:32        74752        ----a-w-        c:\windows\system32\drivers\tdx.sys
2015-01-08 13:05 . 2014-11-11 02:44        1230336        ----a-w-        c:\windows\system32\WindowsCodecs.dll
2015-01-08 13:05 . 2014-11-11 02:44        550912        ----a-w-        c:\windows\system32\kerberos.dll
2015-01-08 13:05 . 2014-11-11 02:44        186880        ----a-w-        c:\windows\system32\pku2u.dll
2015-01-08 13:04 . 2014-08-12 01:36        701440        ----a-w-        c:\windows\system32\IMJP10K.DLL
2015-01-08 13:04 . 2014-10-14 01:50        2363904        ----a-w-        c:\windows\system32\msi.dll
2015-01-08 13:04 . 2014-08-21 06:26        1237504        ----a-w-        c:\windows\system32\msxml3.dll
2015-01-08 13:04 . 2014-08-21 06:23        2048        ----a-w-        c:\windows\system32\msxml3r.dll
2015-01-08 12:58 . 2014-10-10 00:45        2379264        ----a-w-        c:\windows\system32\win32k.sys
2015-01-08 12:58 . 2014-09-19 09:23        248832        ----a-w-        c:\windows\system32\schannel.dll
2015-01-08 12:58 . 2014-09-19 09:23        221184        ----a-w-        c:\windows\system32\ncrypt.dll
2015-01-08 12:58 . 2014-09-19 09:23        259584        ----a-w-        c:\windows\system32\msv1_0.dll
2015-01-08 12:58 . 2014-09-19 09:23        172032        ----a-w-        c:\windows\system32\wdigest.dll
2015-01-08 12:58 . 2014-09-19 09:23        65536        ----a-w-        c:\windows\system32\TSpkg.dll
2015-01-08 12:58 . 2014-09-19 09:23        17408        ----a-w-        c:\windows\system32\credssp.dll
2015-01-08 12:48 . 2014-10-25 01:32        67584        ----a-w-        c:\windows\system32\packager.dll
2015-01-08 12:46 . 2014-10-30 01:45        155136        ----a-w-        c:\windows\system32\charmap.exe
2015-01-08 12:46 . 2014-10-14 01:56        136632        ----a-w-        c:\windows\system32\drivers\ksecpkg.sys
2015-01-08 12:46 . 2014-10-14 01:50        523776        ----a-w-        c:\windows\system32\termsrv.dll
2015-01-08 12:46 . 2014-10-14 01:50        1059840        ----a-w-        c:\windows\system32\lsasrv.dll
2015-01-08 12:46 . 2014-10-14 01:47        146432        ----a-w-        c:\windows\system32\msaudite.dll
2015-01-08 12:46 . 2014-10-14 01:46        681984        ----a-w-        c:\windows\system32\adtschema.dll
2015-01-08 12:46 . 2014-10-03 01:45        248832        ----a-w-        c:\windows\system32\WSManMigrationPlugin.dll
2015-01-08 12:46 . 2014-10-03 01:45        214016        ----a-w-        c:\windows\system32\WsmWmiPl.dll
2015-01-08 12:46 . 2014-10-03 01:45        145920        ----a-w-        c:\windows\system32\WsmAuto.dll
2015-01-08 12:46 . 2014-10-03 01:45        1177088        ----a-w-        c:\windows\system32\WsmSvc.dll
2015-01-08 12:46 . 2014-10-03 01:44        198656        ----a-w-        c:\windows\system32\WSManHTTPConfig.exe
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-08 08:55 . 2014-01-18 20:33        249488        ------w-        c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
2014-10-17 13:01        114952        ----a-w-        c:\program files\pandasecuritytb\pandasecurityDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files\pandasecuritytb\pandasecurityDx.dll" [2014-10-17 114952]
.
[HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-04-29 642304]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-09-26 271744]
"Razer Naga Driver"="c:\program files\Razer\Naga\RazerNagaSysTray.exe" [2011-11-16 953232]
"PSUAMain"="c:\program files\Panda Security\Panda Security Protection\PSUAMain.exe" [2014-10-16 37624]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2014-01-27 280576]
.
c:\users\Iceflex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2014-3-19 0]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService]
@="Service"
.
R2 panda_url_filtering;panda_url_filtering Service;c:\programdata\Panda Security URL Filtering\Panda_URL_Filteringb.exe [2014-09-19 283448]
R2 Verifies and fixes application compatibility issues;Compatibility Verify;c:\users\Iceflex\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-11-22 102912]
R3 netr73;RT73-Drahtlostreiber für Vista von Conceptronic;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
R3 Origin Client Service;Origin Client Service;c:\program files\Origin\OriginClientService.exe [2015-01-20 1903472]
R3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys [2011-11-15 103424]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-10 243128]
S1 NNSALPC;NNSALPC;c:\windows\system32\DRIVERS\NNSAlpc.sys [2014-06-04 88992]
S1 NNSHTTP;NNSHTTP;c:\windows\system32\DRIVERS\NNSHttp.sys [2014-06-18 166816]
S1 NNSHTTPS;NNSHTTPS;c:\windows\system32\DRIVERS\NNSHttps.sys [2014-06-04 110624]
S1 NNSIDS;NNSIDS;c:\windows\system32\DRIVERS\NNSIds.sys [2014-06-04 125216]
S1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;c:\windows\system32\DRIVERS\NNSNAHSL.sys [2014-01-16 40192]
S1 NNSPICC;NNSPICC;c:\windows\system32\DRIVERS\NNSPicc.sys [2014-06-04 96160]
S1 NNSPIHSW;NNSPIHSW;c:\windows\system32\DRIVERS\NNSPihsw.sys [2014-06-04 61984]
S1 NNSPOP3;NNSPOP3;c:\windows\system32\DRIVERS\NNSPop3.sys [2014-06-04 121888]
S1 NNSPROT;NNSPROT;c:\windows\system32\DRIVERS\NNSProt.sys [2014-06-04 288032]
S1 NNSPRV;NNSPRV;c:\windows\system32\DRIVERS\NNSPrv.sys [2014-06-04 208800]
S1 NNSSMTP;NNSSMTP;c:\windows\system32\DRIVERS\NNSSmtp.sys [2014-06-04 109856]
S1 NNSSTRM;NNSSTRM;c:\windows\system32\DRIVERS\NNSStrm.sys [2014-06-04 244000]
S1 NNSTLSC;NNSTLSC;c:\windows\system32\DRIVERS\NNSTlsc.sys [2014-06-04 96928]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [2014-10-02 168208]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-04-30 217088]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-04-29 291840]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-03-05 45184]
S2 NanoServiceMain;Panda Protection Service;c:\program files\Panda Security\Panda Security Protection\PSANHost.exe [2014-10-13 142072]
S2 PandaAgent;Panda Devices Agent;c:\program files\Panda Security\Panda Devices Agent\AgentSvc.exe [2014-10-09 66808]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [2014-10-13 139536]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [2014-10-13 105232]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [2014-10-02 113936]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [2014-10-02 124688]
S2 PSINReg;PSINReg;c:\windows\system32\DRIVERS\PSINReg.sys [2014-10-13 100112]
S2 PSUAService;Panda Product Service;c:\program files\Panda Security\Panda Security Protection\PSUAService.exe [2014-10-16 38136]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 panda_url_filteringd;panda_url_filteringd driver;c:\programdata\Panda Security URL Filtering\panda_url_filteringd.sys [2014-02-18 40024]
S3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys [2014-03-25 48736]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]
S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;c:\windows\system32\DRIVERS\rtwlane.sys [2013-05-02 1334856]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - KWDIIKOC
*NewlyCreated* - PANDA_URL_FILTERINGD
*Deregistered* - kwdiikoc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-25 03:35        1086280        ----a-w-        c:\program files\Google\Chrome\Application\40.0.2214.91\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-01-06 00:26]
.
2015-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-01-06 00:26]
.
2015-01-19 c:\windows\Tasks\{1B874B03-E710-4B92-985E-433F533E4488}.job
- c:\program files\Panda Security\Panda Security Protection\JobLauncher.exe [2014-10-13 20:02]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
TCP: DhcpNameServer = 192.168.178.1
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-01-25  07:54:37
ComboFix-quarantined-files.txt  2015-01-25 06:54
.
Vor Suchlauf: 9 Verzeichnis(se), 95.505.461.248 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 95.773.614.080 Bytes frei
.
- - End Of File - - 8DE36FF85B0057E430E0AB05680E4A46
A36C5E4F47E84449FF07ED3517B43A31

schrauber 25.01.2015 09:06
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Teknartor 25.01.2015 16:00
Ok alles erledigt

Malwarebytes Anti-Malware
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 25.01.2015
Suchlauf-Zeit: 14:48:49
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.01.25.06
Rootkit Datenbank: v2015.01.14.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Iceflex

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 310820
Verstrichene Zeit: 13 Min, 10 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 3
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [c2d8b4471c6d65d112f64bab26dc20e0],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [b0eaba418405fe38476614e37a88d62a],
PUP.Optional.CompatibilityVerifier.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Verifies and fixes application compatibility issues, In Quarantäne, [0199d12ab9d03402a1252c4fb350e917],

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 5
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier, In Quarantäne, [bfdb55a67712de588e36007beb18a45c],
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\locales, In Quarantäne, [bfdb55a67712de588e36007beb18a45c],
PUP.Optional.AdPeak.A, C:\temp, In Quarantäne, [9604ac4f5d2cdd59d4e7d7cbc43f847c],
PUP.Optional.Spigot.A, C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj, In Quarantäne, [bfdb916a7d0c4beb7a1a9fb455ae58a8],
PUP.Optional.Spigot.A, C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp, In Quarantäne, [b5e573887d0c68ce64313320cb389769],

Dateien: 31
PUP.Optional.CouponDownloader.A, C:\temp\t_ff.exe, In Quarantäne, [e3b7c437e9a012241f81271cf010a25e],
PUP.Optional.CouponDownloader.A, C:\temp\t_ie.exe, In Quarantäne, [d4c6dc1fe6a335015a46053ef907659b],
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\cef.pak, In Quarantäne, [bfdb55a67712de588e36007beb18a45c],
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\cef_100_percent.pak, In Quarantäne, [bfdb55a67712de588e36007beb18a45c],
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\cef_200_percent.pak, In Quarantäne, [bfdb55a67712de588e36007beb18a45c],
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe, In Quarantäne, [bfdb55a67712de588e36007beb18a45c],
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe, In Quarantäne, [bfdb55a67712de588e36007beb18a45c],
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\d3dcompiler_46.dll, In Quarantäne, [bfdb55a67712de588e36007beb18a45c],
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\debug.log, In Quarantäne, [bfdb55a67712de588e36007beb18a45c],
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\ffmpegsumo.dll, In Quarantäne, [bfdb55a67712de588e36007beb18a45c],
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\icudtl.dat, In Quarantäne, [bfdb55a67712de588e36007beb18a45c],
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\libEGL.dll, In Quarantäne, [bfdb55a67712de588e36007beb18a45c],
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\libGLESv2.dll, In Quarantäne, [bfdb55a67712de588e36007beb18a45c],
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\NPSWF32_15_0_0_189.dll, In Quarantäne, [bfdb55a67712de588e36007beb18a45c],
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\vcredist_x86.exe, In Quarantäne, [bfdb55a67712de588e36007beb18a45c],
PUP.Optional.SecurityProtection.A, C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx, In Quarantäne, [4951ac4fc2c738fe1d33b5ca53b015eb],
PUP.Optional.AdPeak.A, C:\temp\lsp2.log, In Quarantäne, [9604ac4f5d2cdd59d4e7d7cbc43f847c],
PUP.Optional.AdPeak.A, C:\temp\InstallFilter32.msi, In Quarantäne, [9604ac4f5d2cdd59d4e7d7cbc43f847c],
PUP.Optional.AdPeak.A, C:\temp\t.txt, In Quarantäne, [9604ac4f5d2cdd59d4e7d7cbc43f847c],
PUP.Optional.Spigot.A, C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\000005.ldb, In Quarantäne, [bfdb916a7d0c4beb7a1a9fb455ae58a8],
PUP.Optional.Spigot.A, C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\000006.log, In Quarantäne, [bfdb916a7d0c4beb7a1a9fb455ae58a8],
PUP.Optional.Spigot.A, C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\CURRENT, In Quarantäne, [bfdb916a7d0c4beb7a1a9fb455ae58a8],
PUP.Optional.Spigot.A, C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\LOCK, In Quarantäne, [bfdb916a7d0c4beb7a1a9fb455ae58a8],
PUP.Optional.Spigot.A, C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\LOG, In Quarantäne, [bfdb916a7d0c4beb7a1a9fb455ae58a8],
PUP.Optional.Spigot.A, C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\MANIFEST-000004, In Quarantäne, [bfdb916a7d0c4beb7a1a9fb455ae58a8],
PUP.Optional.Spigot.A, C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\000005.ldb, In Quarantäne, [b5e573887d0c68ce64313320cb389769],
PUP.Optional.Spigot.A, C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\000006.log, In Quarantäne, [b5e573887d0c68ce64313320cb389769],
PUP.Optional.Spigot.A, C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\CURRENT, In Quarantäne, [b5e573887d0c68ce64313320cb389769],
PUP.Optional.Spigot.A, C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\LOCK, In Quarantäne, [b5e573887d0c68ce64313320cb389769],
PUP.Optional.Spigot.A, C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\LOG, In Quarantäne, [b5e573887d0c68ce64313320cb389769],
PUP.Optional.Spigot.A, C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\MANIFEST-000004, In Quarantäne, [b5e573887d0c68ce64313320cb389769],

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

ADW Cleaner Aktueller Bericht
Code:
# AdwCleaner v4.109 - Bericht erstellt am 25/01/2015 um 15:11:41
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-25.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzername : Iceflex - ICEFLEX-LAPTOP
# Gestartet von : C:\Users\Iceflex\Desktop\AdwCleaner_4.109 (1).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v


-\\ Google Chrome v40.0.2214.91


*************************

AdwCleaner[R0].txt - [5020 octets] - [24/01/2015 23:58:29]
AdwCleaner[R1].txt - [933 octets] - [25/01/2015 01:31:05]
AdwCleaner[R2].txt - [1053 octets] - [25/01/2015 15:09:45]
AdwCleaner[S0].txt - [4858 octets] - [25/01/2015 00:12:14]
AdwCleaner[S1].txt - [993 octets] - [25/01/2015 01:37:09]
AdwCleaner[S2].txt - [976 octets] - [25/01/2015 15:11:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1035 octets] ##########

ADWCleaner Bericht von dem ersten Durchlauf vor einigen tagen
Code:
# AdwCleaner v4.109 - Bericht erstellt am 25/01/2015 um 00:12:14
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-24.4 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzername : Iceflex - ICEFLEX-LAPTOP
# Gestartet von : C:\Users\Iceflex\Downloads\adwcleaner_4.109.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : CouponDownloaderService
Dienst Gelöscht : netfilter
[#] Dienst Gelöscht : rqpbhevlkc32

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\IePluginServices
Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\Users\Iceflex\AppData\Local\Slick Savings
Ordner Gelöscht : C:\Users\Iceflex\AppData\LocalLow\Search Settings
Ordner Gelöscht : C:\Users\Iceflex\AppData\Roaming\Slick Savings
Ordner Gelöscht : C:\Users\Iceflex\AppData\Roaming\sweet-page
[!] Ordner Gelöscht : C:\Users\Iceflex\AppData\Roaming\Compatibility Verifier
Datei Gelöscht : C:\Windows\system32\drivers\netfilter.sys
Datei Gelöscht : C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Iceflex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Iceflex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Iceflex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Iceflex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Iceflex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKLM\SOFTWARE\delta-homesSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\LevelQualityWatcher
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\SupTab
Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\supWPM
Schlüssel Gelöscht : HKLM\SOFTWARE\sweet-pageSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\Wpm

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v


-\\ Google Chrome v39.0.2171.99


*************************

AdwCleaner[R0].txt - [5020 octets] - [24/01/2015 23:58:29]
AdwCleaner[S0].txt - [4718 octets] - [25/01/2015 00:12:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4778 octets] ##########

Junkware Removal Tool
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x86
Ran by Iceflex on 25.01.2015 at 15:17:46,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c817d3d8-b9da-521d-971d-2c0a747ea697}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{c817d3d8-b9da-521d-971d-2c0a747ea697}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.01.2015 at 15:21:56,65
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

und das Aktuelle FRST Log


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-01-2015 01
Ran by Iceflex (administrator) on ICEFLEX-LAPTOP on 25-01-2015 15:23:14
Running from C:\Users\Iceflex\Desktop
Loaded Profiles: Iceflex (Available profiles: Iceflex)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
(Visicom Media Inc.) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd) C:\Program Files\Razer\Naga\RazerNagaSysTray.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\dfsvc.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-29] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AMD AVT] => C:\Program Files\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [Razer Naga Driver] => C:\Program Files\Razer\Naga\RazerNagaSysTray.exe [953232 2011-11-16] (Razer USA Ltd)
HKLM\...\Run: [PSUAMain] => C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-10-16] (Panda Security, S.L.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-01-27] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3896894060-1369374164-1376132773-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3896894060-1369374164-1376132773-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files\pandasecuritytb\pandasecurityDx.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll ()
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3896894060-1369374164-1376132773-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Iceflex\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: Default -> https://www.google.de/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8
CHR StartupUrls: Default -> "https://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-16]
CHR Extension: (Google Drive) - C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-02]
CHR Extension: (YouTube) - C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-06]
CHR Extension: (Google-Suche) - C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-06]
CHR Extension: (Google Wallet) - C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-06]
CHR Extension: (Google Mail) - C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-06]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NanoServiceMain; C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe [142072 2014-10-13] (Panda Security, S.L.)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1903472 2015-01-20] (Electronic Arts)
R2 PandaAgent; C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 panda_url_filtering; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [283448 2014-09-19] (Visicom Media Inc.)
R2 PSUAService; C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-10-16] (Panda Security, S.L.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [45184 2012-03-05] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-06-10] (Disc Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-01-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [88992 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [166816 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110624 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [125216 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [40192 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [96160 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [61984 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [121888 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [288032 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [208800 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [109856 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [244000 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [96928 2014-06-04] (Panda Security, S.L.)
R3 panda_url_filteringd; C:\ProgramData\Panda Security URL Filtering\panda_url_filteringd.sys [40024 2014-02-18] (Visicom Media Inc.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [139536 2014-10-13] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [105232 2014-10-13] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [168208 2014-10-02] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [113936 2014-10-02] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [124688 2014-10-02] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [100112 2014-10-13] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [48736 2014-03-25] (Panda Security, S.L.)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1334856 2013-05-02] (Realtek Semiconductor Corporation                          )
R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [103424 2011-11-15] (Razer USA Ltd)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Iceflex\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 15:21 - 2015-01-25 15:21 - 00001000 _____ () C:\Users\Iceflex\Desktop\JRT.txt
2015-01-25 15:17 - 2015-01-25 15:17 - 00000000 ____D () C:\Windows\ERUNT
2015-01-25 15:15 - 2015-01-25 15:15 - 01707939 _____ (Thisisu) C:\Users\Iceflex\Desktop\JRT.exe
2015-01-25 15:15 - 2015-01-25 15:11 - 00001115 _____ () C:\Users\Iceflex\Desktop\AdwCleaner[S2].txt
2015-01-25 15:15 - 2015-01-25 00:15 - 00004858 _____ () C:\Users\Iceflex\Desktop\AdwCleaner[S0].txt
2015-01-25 15:08 - 2015-01-25 15:08 - 00007800 _____ () C:\Users\Iceflex\Desktop\mbam.txt
2015-01-25 14:47 - 2015-01-25 15:13 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-25 14:46 - 2015-01-25 14:46 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-25 14:46 - 2015-01-25 14:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-25 14:46 - 2015-01-25 14:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-25 14:46 - 2015-01-25 14:46 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-25 14:46 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-25 14:46 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-25 14:46 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-25 14:44 - 2015-01-25 14:45 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Iceflex\Desktop\mbam-setup-2.0.4.1028.exe
2015-01-25 07:54 - 2015-01-25 07:54 - 00014173 _____ () C:\ComboFix.txt
2015-01-25 07:43 - 2015-01-25 07:54 - 00000000 ____D () C:\Qoobox
2015-01-25 07:43 - 2015-01-25 07:53 - 00000000 ____D () C:\Windows\erdnt
2015-01-25 07:43 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-25 07:43 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-25 07:43 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-25 07:43 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-25 07:43 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-25 07:43 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-25 07:43 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-25 07:43 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-25 07:37 - 2015-01-25 07:38 - 05609462 ____R (Swearware) C:\Users\Iceflex\Desktop\ComboFix.exe
2015-01-25 06:42 - 2015-01-25 06:42 - 00003396 _____ () C:\Users\Iceflex\Downloads\UL_The.Forest.Public.Alpha.v0.12.Cracked-3DM-n8ox0in1u7ptk.dlc
2015-01-25 06:22 - 2015-01-25 06:22 - 00004528 _____ () C:\Users\Iceflex\Downloads\UL_Grey_Goo_MULTi2_-_x.X.RIDDICK.X.x-k18roinqxcm0w.dlc
2015-01-25 05:21 - 2015-01-21 17:23 - 00000000 ____D () C:\Users\Iceflex\Desktop\Mad Games Tycoon
2015-01-25 05:20 - 2015-01-25 05:21 - 69965746 _____ () C:\Users\Iceflex\Downloads\Mad Games Tycoon.rar
2015-01-25 05:12 - 2015-01-25 05:12 - 00021292 _____ () C:\Users\Iceflex\Desktop\Panda Antivir.txt
2015-01-25 05:06 - 2015-01-25 05:06 - 00001336 _____ () C:\Users\Iceflex\Desktop\Gmer.txt
2015-01-25 04:50 - 2015-01-25 04:51 - 00023581 _____ () C:\Users\Iceflex\Desktop\Addition.txt
2015-01-25 04:49 - 2015-01-25 15:23 - 00012560 _____ () C:\Users\Iceflex\Desktop\FRST.txt
2015-01-25 04:49 - 2015-01-25 15:23 - 00000000 ____D () C:\FRST
2015-01-25 04:49 - 2015-01-25 04:49 - 01120768 _____ (Farbar) C:\Users\Iceflex\Desktop\FRST.exe
2015-01-25 04:46 - 2015-01-25 04:47 - 00000546 _____ () C:\Users\Iceflex\Desktop\defogger_disable.log
2015-01-25 04:46 - 2015-01-25 04:46 - 00000154 _____ () C:\Users\Iceflex\defogger_reenable
2015-01-25 04:45 - 2015-01-25 04:45 - 00380416 _____ () C:\Users\Iceflex\Desktop\Gmer-19357.exe
2015-01-25 04:45 - 2015-01-25 04:45 - 00050477 _____ () C:\Users\Iceflex\Desktop\Defogger.exe
2015-01-25 04:32 - 2015-01-25 04:34 - 176594039 _____ () C:\Users\Iceflex\Downloads\StranXDeXv0.01-3DM.rar
2015-01-24 23:57 - 2015-01-25 15:11 - 00000000 ____D () C:\AdwCleaner
2015-01-24 23:45 - 2015-01-24 23:45 - 02194432 _____ () C:\Users\Iceflex\Desktop\adwcleaner_4.109.exe
2015-01-23 00:35 - 2015-01-23 00:35 - 00000000 ____D () C:\Users\Iceflex\Documents\My Games
2015-01-23 00:35 - 2015-01-23 00:35 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-23 00:35 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-01-23 00:35 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-01-23 00:35 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-01-23 00:35 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-01-23 00:35 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-01-23 00:35 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-01-23 00:35 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-01-23 00:35 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-01-23 00:35 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-01-23 00:35 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-01-23 00:35 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-01-23 00:35 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-01-23 00:35 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-01-23 00:35 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-01-23 00:35 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-01-23 00:35 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-01-23 00:35 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-01-23 00:35 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-01-23 00:35 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-01-23 00:35 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-01-23 00:35 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-01-23 00:35 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-01-23 00:35 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-01-23 00:35 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-01-23 00:35 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-01-23 00:35 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-01-23 00:35 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-01-23 00:35 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-01-23 00:35 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-01-23 00:35 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-01-23 00:35 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-01-23 00:35 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-01-23 00:34 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-01-23 00:34 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-01-23 00:34 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-01-23 00:34 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-01-23 00:34 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-01-23 00:34 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-01-23 00:34 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-01-23 00:34 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-01-23 00:34 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-01-23 00:34 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-01-23 00:34 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-01-23 00:34 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-01-23 00:34 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-01-23 00:34 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-01-23 00:34 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-01-23 00:34 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-01-23 00:34 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-01-23 00:34 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-01-23 00:34 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-01-23 00:34 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-01-23 00:34 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-01-23 00:34 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-01-23 00:34 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-01-23 00:34 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-01-23 00:34 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-01-23 00:34 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-01-23 00:34 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-01-23 00:34 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-01-23 00:34 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-01-23 00:34 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-01-23 00:34 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-01-23 00:34 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-01-23 00:34 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-01-23 00:34 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-01-23 00:34 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-01-23 00:34 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-01-23 00:34 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-01-23 00:34 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-01-23 00:34 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-01-23 00:34 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-01-23 00:34 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-01-23 00:34 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-01-23 00:34 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-01-23 00:34 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-01-23 00:34 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-01-23 00:34 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-01-23 00:34 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-01-23 00:34 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-01-23 00:34 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-01-23 00:34 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-01-23 00:34 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-01-23 00:34 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-01-23 00:34 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-01-23 00:34 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-01-23 00:34 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-01-20 22:02 - 2015-01-20 22:02 - 00000000 ____D () C:\Users\Iceflex\Documents\Electronic Arts
2015-01-20 22:00 - 2015-01-20 22:00 - 00001300 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2015-01-20 22:00 - 2015-01-20 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4
2015-01-20 00:22 - 2015-01-20 00:50 - 00000382 ____H () C:\Windows\Tasks\{1B874B03-E710-4B92-985E-433F533E4488}.job
2015-01-20 00:18 - 2015-01-25 15:11 - 00000000 ____D () C:\ProgramData\panda_url_filtering
2015-01-20 00:18 - 2015-01-20 00:18 - 00000000 ____D () C:\ProgramData\Panda Security URL Filtering
2015-01-20 00:17 - 2015-01-20 00:17 - 00000000 ____D () C:\Program Files\pandasecuritytb
2015-01-20 00:17 - 2014-03-25 14:15 - 00048736 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2015-01-20 00:16 - 2015-01-20 00:16 - 00000000 ____D () C:\Users\Iceflex\AppData\Roaming\Panda Security
2015-01-20 00:15 - 2015-01-20 00:18 - 00000000 ____D () C:\Program Files\Panda Security
2015-01-20 00:15 - 2015-01-20 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2015-01-19 22:49 - 2015-01-19 22:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_RzSynapse_01007.Wdf
2015-01-19 22:46 - 2015-01-19 22:49 - 00008128 _____ () C:\Windows\DPINST.LOG
2015-01-19 22:45 - 2015-01-19 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2015-01-19 22:43 - 2015-01-20 00:18 - 00000000 ____D () C:\ProgramData\Panda Security
2015-01-19 16:40 - 2015-01-24 23:33 - 00000000 ____D () C:\Users\Iceflex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prime Games
2015-01-19 16:40 - 2015-01-19 16:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prime Games
2015-01-19 15:37 - 2015-01-19 15:37 - 00000000 ____D () C:\Windows\system32\directx
2015-01-19 03:42 - 2015-01-19 03:42 - 00016464 _____ () C:\Users\Iceflex\Desktop\clickerHeroSave.txt
2015-01-15 20:10 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-15 03:16 - 2015-01-15 03:16 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-15 03:16 - 2015-01-15 03:16 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Adobe
2015-01-15 03:16 - 2015-01-15 03:16 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-15 03:16 - 2015-01-15 03:16 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Adobe
2015-01-15 02:53 - 2015-01-24 03:16 - 00000112 _____ () C:\ProgramData\ShmOH2h.dat
2015-01-15 02:44 - 2015-01-15 02:44 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-14 23:38 - 2015-01-14 23:38 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-01-14 23:38 - 2015-01-14 23:38 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-01-14 23:38 - 2015-01-14 23:38 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-01-14 23:38 - 2015-01-14 23:38 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-01-14 23:38 - 2015-01-14 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-14 23:38 - 2015-01-14 23:38 - 00000000 ____D () C:\Program Files\Java
2015-01-14 23:38 - 2015-01-14 23:38 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-01-14 20:25 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 20:23 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-14 20:23 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-01-14 20:23 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-01-14 20:23 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-01-14 20:23 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-01-14 20:20 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 20:20 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 20:20 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 20:20 - 2014-12-11 18:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 20:20 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 20:06 - 2015-01-14 20:06 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-08 14:33 - 2014-12-04 05:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-01-08 14:33 - 2014-12-04 05:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-01-08 14:33 - 2014-12-04 05:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-01-08 14:33 - 2014-12-04 05:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-01-08 14:33 - 2014-12-04 05:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-01-08 14:33 - 2014-12-04 05:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-01-08 14:33 - 2014-12-04 05:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-01-08 14:33 - 2014-12-02 00:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-01-08 14:33 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-08 14:33 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-08 14:33 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-08 14:33 - 2014-11-22 03:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-01-08 14:33 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-08 14:33 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-08 14:33 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-01-08 14:33 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-01-08 14:33 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-08 14:33 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-08 14:33 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-08 14:33 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-01-08 14:33 - 2014-11-22 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-01-08 14:33 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-01-08 14:33 - 2014-11-22 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-01-08 14:33 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-01-08 14:33 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-01-08 14:33 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-08 14:33 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-08 14:33 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-01-08 14:33 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-08 14:33 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-08 14:33 - 2014-11-22 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-08 14:33 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-08 14:33 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-01-08 14:33 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-08 14:33 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-08 14:33 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-08 14:33 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-08 14:29 - 2015-01-08 14:32 - 00000000 ____D () C:\Users\Iceflex\Documents\Heroes of the Storm
2015-01-08 14:19 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-08 14:19 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-08 14:19 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-08 14:19 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-08 14:19 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-08 14:06 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-01-08 14:06 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-01-08 14:05 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-01-08 14:05 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-01-08 14:05 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-01-08 14:05 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-08 14:04 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-01-08 14:04 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-01-08 14:04 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-01-08 14:04 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-01-08 13:58 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-01-08 13:58 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-01-08 13:58 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-01-08 13:58 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-01-08 13:58 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-01-08 13:58 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-01-08 13:58 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-01-08 13:48 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-01-08 13:46 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-01-08 13:46 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-01-08 13:46 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-01-08 13:46 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-01-08 13:46 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-01-08 13:46 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-01-08 13:46 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-08 13:46 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-01-08 13:46 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-01-08 13:46 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-01-08 13:46 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 15:20 - 2009-07-14 05:34 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-25 15:20 - 2009-07-14 05:34 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-25 15:13 - 2014-01-06 01:26 - 00000000 ____D () C:\Users\Iceflex\AppData\Local\Deployment
2015-01-25 15:12 - 2014-01-06 01:30 - 00040736 _____ () C:\Windows\PFRO.log
2015-01-25 15:12 - 2014-01-06 01:26 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-25 15:12 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-25 15:12 - 2009-07-14 05:39 - 00037357 _____ () C:\Windows\setupact.log
2015-01-25 15:11 - 2014-01-06 00:22 - 01798343 _____ () C:\Windows\WindowsUpdate.log
2015-01-25 15:05 - 2014-01-06 01:26 - 00000000 ____D () C:\Users\Iceflex\AppData\Local\Apps\2.0
2015-01-25 14:32 - 2014-01-06 01:26 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-25 07:54 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Default
2015-01-25 07:54 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2015-01-25 07:53 - 2009-07-14 03:04 - 00000215 _____ () C:\Windows\system.ini
2015-01-25 04:48 - 2014-11-03 23:57 - 00000000 ____D () C:\Program Files\Common Files\Steam
2015-01-25 04:46 - 2014-01-06 00:22 - 00000000 ____D () C:\Users\Iceflex
2015-01-25 04:38 - 2014-01-06 01:27 - 00002121 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-25 04:30 - 2014-01-06 00:24 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-25 00:13 - 2014-01-06 01:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-25 00:13 - 2014-01-06 00:23 - 00001156 _____ () C:\Users\Iceflex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-23 00:34 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-22 14:13 - 2014-03-02 19:49 - 00000000 ____D () C:\Program Files\Origin
2015-01-21 19:19 - 2014-03-02 19:50 - 00000000 ____D () C:\ProgramData\Origin
2015-01-20 22:01 - 2014-03-02 19:50 - 00000000 ____D () C:\ProgramData\Electronic Arts
2015-01-20 22:00 - 2009-07-14 05:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-20 18:05 - 2014-11-03 22:33 - 00000000 ____D () C:\Program Files\Origin Games
2015-01-20 18:03 - 2014-03-02 19:50 - 00000000 ____D () C:\Users\Iceflex\AppData\Roaming\Origin
2015-01-20 18:01 - 2014-03-02 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-01-20 04:36 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-01-20 00:50 - 2009-07-14 05:33 - 00300160 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-20 00:16 - 2014-01-06 01:26 - 00059336 _____ () C:\Users\Iceflex\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-19 22:45 - 2014-11-02 23:35 - 00000000 ____D () C:\Program Files\Razer
2015-01-19 16:38 - 2014-06-10 10:07 - 00000000 ____D () C:\Users\Iceflex\AppData\Roaming\DAEMON Tools Lite
2015-01-19 16:38 - 2014-06-10 10:05 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-01-18 14:07 - 2014-03-20 12:57 - 00000000 ____D () C:\Users\Iceflex\AppData\Local\Battle.net
2015-01-18 02:07 - 2014-01-26 16:52 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment
2015-01-18 02:04 - 2014-03-20 12:58 - 00000000 ____D () C:\Program Files\Hearthstone
2015-01-16 06:28 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2015-01-16 03:08 - 2014-01-19 03:06 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-16 03:02 - 2014-01-19 03:06 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-15 02:44 - 2014-05-18 13:46 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-15 02:44 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-01-15 02:44 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2015-01-14 23:38 - 2014-07-17 21:47 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-08 14:30 - 2014-01-26 18:09 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-01-08 13:23 - 2014-03-20 12:56 - 00000000 ____D () C:\Program Files\Battle.net
2015-01-08 09:55 - 2014-01-18 21:33 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2015-01-15 02:53 - 2015-01-24 03:16 - 0000112 _____ () C:\ProgramData\ShmOH2h.dat

Files to move or delete:
====================
C:\ProgramData\ShmOH2h.dat
C:\Windows\Tasks\{1B874B03-E710-4B92-985E-433F533E4488}.job


Some content of TEMP:
====================
C:\Users\Iceflex\AppData\Local\Temp\Quarantine.exe
C:\Users\Iceflex\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-25 02:02

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Hatte grade einen Bluescreen und beim starten stand das da

Code:
Problemsignatur:
  Problemereignisname:        BlueScreen
  Betriebsystemversion:        6.1.7601.2.1.0.768.3
  Gebietsschema-ID:        1031

Zusatzinformationen zum Problem:
  BCCode:        50
  BCP1:        8593B030
  BCP2:        00000000
  BCP3:        82A74F58
  BCP4:        00000000
  OS Version:        6_1_7601
  Service Pack:        1_0
  Product:        768_1

Dateien, die bei der Beschreibung des Problems hilfreich sind:
  C:\Windows\Minidump\012515-19234-01.dmp
  C:\Users\Iceflex\AppData\Local\Temp\WER-110433-0.sysdata.xml

Lesen Sie unsere Datenschutzbestimmungen online:
  hxxp://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0407

Wenn die Onlinedatenschutzbestimmungen nicht verfügbar sind, lesen Sie unsere Datenschutzbestimmungen offline:
  C:\Windows\system32\de-DE\erofflps.txt
Nun weiß ich woher der Bluescreen kommt.
Wollte Heroes of the Storm von Blizzard Aktualisieren und dabei kommt es dazu.
Das ist erst seit der Bereinigung so.

schrauber 25.01.2015 18:50
Und was soll die Bereinigung bitte mit deinem Spiel zu tun haben? :)



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte.

Teknartor 25.01.2015 22:28
Keine ahnung :D ist halt erst seit dem. Aber das ist nun egal hab es Deinstalliert.

hier die Logs


Eset

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=f24679e0cc6d8540b7b0836e2b3b2482
# engine=22139
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-25 09:15:08
# local_time=2015-01-25 10:15:08 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Panda Cloud Antivirus'
# compatibility_mode=1552 16777213 75 93 457260 208416482 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 21702 173851699 0 0
# scanned=119407
# found=14
# cleaned=0
# scan_time=2688
sh=977B60DEF45F24048D040ECDCAA65BB332C6B449 ft=1 fh=164dad5fc31d40af vn="Variante von Win32/AdSuproot Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Iceflex\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe.vir"
sh=2C8981A59216CCB644BE5FBC92DBB7F8F0188F99 ft=1 fh=6aad921543298e71 vn="Variante von Win32/AdSuproot.A Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Iceflex\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe.vir"
sh=D95DA6EB1B41CE144BC78AA7EF8FDBA782692156 ft=1 fh=038f0e9c2aa6fcd9 vn="Variante von Win32/AdSuproot Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Iceflex\AppData\Roaming\Compatibility Verifier\d3dcompiler_46.dll.vir"
sh=6FAC18F40A0B9D8591E636CB3B40208DE00A527D ft=1 fh=f4fb7f62c46286d7 vn="Variante von Win32/AdSuproot Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Iceflex\AppData\Roaming\Compatibility Verifier\ffmpegsumo.dll.vir"
sh=2E6E4C2FDF55F1E6CB989861ABC276BF28DE1F0C ft=1 fh=ab455342bbbbf6b6 vn="Variante von Win32/AdSuproot Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Iceflex\AppData\Roaming\Compatibility Verifier\libEGL.dll.vir"
sh=A759EFBF880BDF0268F7ACA91E5C7CFA184EC6BA ft=1 fh=8b9d0fa7f7d4506b vn="Variante von Win32/AdSuproot Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Iceflex\AppData\Roaming\Compatibility Verifier\libGLESv2.dll.vir"
sh=560236056E7C0D6603562B7296CBA8EDA6B081D5 ft=1 fh=27394455615c306e vn="Variante von Win32/AdSuproot Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Iceflex\AppData\Roaming\Compatibility Verifier\NPSWF32_15_0_0_189.dll.vir"
sh=4F683AAB8E424D178D939877B20502BBA6CCED04 ft=0 fh=0000000000000000 vn="JS/Adware.Spigot.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Iceflex\AppData\Roaming\Slick Savings\coupons_2.9.xpi.vir"
sh=15219C0F274C5C9956981C91ABEC5D4E3A1F6442 ft=1 fh=3fec66b3c1704bce vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\Panda Security\Panda Security Protection\Tools\PandaSecurityTb.exe"
sh=41DE1AFF8AC7BF30EA7F952825E02FA6EC6A306D ft=1 fh=cfbb424d50a0cab5 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\pandasecuritytb\dtUser.exe"
sh=30E5E6B0B58E73CADC4D59EE657E07E5AE9F5813 ft=1 fh=f84afab4951a6e89 vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\pandasecuritytb\pandasecurityDx.dll"
sh=81374ADC5FD8E52504FA3E9A88C38EAA56058384 ft=1 fh=2c5c7dc7e05fe486 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\pandasecuritytb\pandasecuritytb.dll"
sh=E7BE248270ADB6CFE09811005F34DE547FE0CE91 ft=1 fh=c46ab8787c7013e7 vn="Variante von Win32/ELEX.BH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Iceflex\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1XC39ACX\zipper1[1].exe"
sh=DF34017E08EAE5D311A0CC21DFF3B08156A5AFD9 ft=1 fh=b3f652237b339d9d vn="Variante von Win32/InstallCore.VW evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Iceflex\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q84DXBSZ\JDownloaderSetup_CH[1].exe"

SercurityCheck

Code:
Results of screen317's Security Check version 0.99.93 
 Windows 7 Service Pack 1 x86 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Panda Free Antivirus 
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 71 
 Google Chrome (39.0.2171.99)
 Google Chrome (40.0.2214.91)
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

und das frische FRST Log


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-01-2015 01
Ran by Iceflex (administrator) on ICEFLEX-LAPTOP on 25-01-2015 22:23:59
Running from C:\Users\Iceflex\Desktop
Loaded Profiles: Iceflex (Available profiles: Iceflex)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
(Visicom Media Inc.) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Razer USA Ltd) C:\Program Files\Razer\Naga\RazerNagaSysTray.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Users\Iceflex\Desktop\SecurityCheck.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-29] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AMD AVT] => C:\Program Files\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [Razer Naga Driver] => C:\Program Files\Razer\Naga\RazerNagaSysTray.exe [953232 2011-11-16] (Razer USA Ltd)
HKLM\...\Run: [PSUAMain] => C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-10-16] (Panda Security, S.L.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-01-27] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3896894060-1369374164-1376132773-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3896894060-1369374164-1376132773-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files\pandasecuritytb\pandasecurityDx.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll ()
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3896894060-1369374164-1376132773-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Iceflex\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: Default -> https://www.google.de/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8
CHR StartupUrls: Default -> "https://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-16]
CHR Extension: (Google Drive) - C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-02]
CHR Extension: (YouTube) - C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-06]
CHR Extension: (Google-Suche) - C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-06]
CHR Extension: (Google Wallet) - C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-06]
CHR Extension: (Google Mail) - C:\Users\Iceflex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-06]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NanoServiceMain; C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe [142072 2014-10-13] (Panda Security, S.L.)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1903472 2015-01-20] (Electronic Arts)
R2 PandaAgent; C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 panda_url_filtering; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [283448 2014-09-19] (Visicom Media Inc.)
R2 PSUAService; C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-10-16] (Panda Security, S.L.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [45184 2012-03-05] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-06-10] (Disc Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-01-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [88992 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [166816 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110624 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [125216 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [40192 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [96160 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [61984 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [121888 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [288032 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [208800 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [109856 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [244000 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [96928 2014-06-04] (Panda Security, S.L.)
R3 panda_url_filteringd; C:\ProgramData\Panda Security URL Filtering\panda_url_filteringd.sys [40024 2014-02-18] (Visicom Media Inc.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [139536 2014-10-13] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [105232 2014-10-13] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [168208 2014-10-02] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [113936 2014-10-02] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [124688 2014-10-02] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [100112 2014-10-13] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [48736 2014-03-25] (Panda Security, S.L.)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1334856 2013-05-02] (Realtek Semiconductor Corporation                          )
R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [103424 2011-11-15] (Razer USA Ltd)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Iceflex\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 22:23 - 2015-01-25 22:24 - 00012262 _____ () C:\Users\Iceflex\Desktop\FRST.txt
2015-01-25 22:23 - 2015-01-25 22:23 - 00000849 _____ () C:\Users\Iceflex\Desktop\checkup.txt
2015-01-25 22:20 - 2015-01-25 22:20 - 00852504 _____ () C:\Users\Iceflex\Desktop\SecurityCheck.exe
2015-01-25 20:50 - 2015-01-25 20:50 - 02347384 _____ (ESET) C:\Users\Iceflex\Desktop\esetsmartinstaller_deu.exe
2015-01-25 16:27 - 2015-01-25 16:27 - 00000000 ____D () C:\Users\Iceflex\Documents\Petroglyph
2015-01-25 15:55 - 2015-01-25 15:56 - 00143576 _____ () C:\Windows\Minidump\012515-17066-01.dmp
2015-01-25 15:39 - 2015-01-25 15:39 - 00000753 _____ () C:\Users\Iceflex\Documents\bluescreen.txt
2015-01-25 15:36 - 2015-01-25 15:55 - 283180725 _____ () C:\Windows\MEMORY.DMP
2015-01-25 15:36 - 2015-01-25 15:55 - 00000000 ____D () C:\Windows\Minidump
2015-01-25 15:36 - 2015-01-25 15:36 - 00143576 _____ () C:\Windows\Minidump\012515-19234-01.dmp
2015-01-25 15:24 - 2015-01-25 22:18 - 00000000 ____D () C:\Users\Iceflex\Desktop\Neuer Ordner
2015-01-25 15:17 - 2015-01-25 15:17 - 00000000 ____D () C:\Windows\ERUNT
2015-01-25 14:47 - 2015-01-25 22:19 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-25 14:46 - 2015-01-25 14:46 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-25 14:46 - 2015-01-25 14:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-25 14:46 - 2015-01-25 14:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-25 14:46 - 2015-01-25 14:46 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-25 14:46 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-25 14:46 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-25 14:46 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-25 07:54 - 2015-01-25 07:54 - 00014173 _____ () C:\ComboFix.txt
2015-01-25 07:43 - 2015-01-25 07:54 - 00000000 ____D () C:\Qoobox
2015-01-25 07:43 - 2015-01-25 07:53 - 00000000 ____D () C:\Windows\erdnt
2015-01-25 07:43 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-25 07:43 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-25 07:43 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-25 07:43 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-25 07:43 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-25 07:43 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-25 07:43 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-25 07:43 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-25 07:37 - 2015-01-25 07:38 - 05609462 ____R (Swearware) C:\Users\Iceflex\Desktop\ComboFix.exe
2015-01-25 06:42 - 2015-01-25 06:42 - 00003396 _____ () C:\Users\Iceflex\Downloads\UL_The.Forest.Public.Alpha.v0.12.Cracked-3DM-n8ox0in1u7ptk.dlc
2015-01-25 06:22 - 2015-01-25 06:22 - 00004528 _____ () C:\Users\Iceflex\Downloads\UL_Grey_Goo_MULTi2_-_x.X.RIDDICK.X.x-k18roinqxcm0w.dlc
2015-01-25 05:21 - 2015-01-21 17:23 - 00000000 ____D () C:\Users\Iceflex\Desktop\Mad Games Tycoon
2015-01-25 05:20 - 2015-01-25 05:21 - 69965746 _____ () C:\Users\Iceflex\Downloads\Mad Games Tycoon.rar
2015-01-25 04:49 - 2015-01-25 22:24 - 00000000 ____D () C:\FRST
2015-01-25 04:49 - 2015-01-25 04:49 - 01120768 _____ (Farbar) C:\Users\Iceflex\Desktop\FRST.exe
2015-01-25 04:46 - 2015-01-25 04:46 - 00000154 _____ () C:\Users\Iceflex\defogger_reenable
2015-01-25 04:32 - 2015-01-25 04:34 - 176594039 _____ () C:\Users\Iceflex\Downloads\StranXDeXv0.01-3DM.rar
2015-01-24 23:57 - 2015-01-25 15:11 - 00000000 ____D () C:\AdwCleaner
2015-01-23 00:35 - 2015-01-23 00:35 - 00000000 ____D () C:\Users\Iceflex\Documents\My Games
2015-01-23 00:35 - 2015-01-23 00:35 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-23 00:35 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-01-23 00:35 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-01-23 00:35 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-01-23 00:35 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-01-23 00:35 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-01-23 00:35 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-01-23 00:35 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-01-23 00:35 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-01-23 00:35 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-01-23 00:35 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-01-23 00:35 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-01-23 00:35 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-01-23 00:35 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-01-23 00:35 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-01-23 00:35 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-01-23 00:35 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-01-23 00:35 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-01-23 00:35 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-01-23 00:35 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-01-23 00:35 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-01-23 00:35 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-01-23 00:35 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-01-23 00:35 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-01-23 00:35 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-01-23 00:35 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-01-23 00:35 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-01-23 00:35 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-01-23 00:35 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-01-23 00:35 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-01-23 00:35 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-01-23 00:35 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-01-23 00:35 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-01-23 00:34 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-01-23 00:34 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-01-23 00:34 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-01-23 00:34 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-01-23 00:34 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-01-23 00:34 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-01-23 00:34 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-01-23 00:34 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-01-23 00:34 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-01-23 00:34 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-01-23 00:34 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-01-23 00:34 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-01-23 00:34 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-01-23 00:34 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-01-23 00:34 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-01-23 00:34 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-01-23 00:34 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-01-23 00:34 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-01-23 00:34 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-01-23 00:34 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-01-23 00:34 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-01-23 00:34 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-01-23 00:34 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-01-23 00:34 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-01-23 00:34 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-01-23 00:34 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-01-23 00:34 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-01-23 00:34 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-01-23 00:34 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-01-23 00:34 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-01-23 00:34 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-01-23 00:34 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-01-23 00:34 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-01-23 00:34 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-01-23 00:34 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-01-23 00:34 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-01-23 00:34 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-01-23 00:34 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-01-23 00:34 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-01-23 00:34 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-01-23 00:34 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-01-23 00:34 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-01-23 00:34 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-01-23 00:34 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-01-23 00:34 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-01-23 00:34 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-01-23 00:34 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-01-23 00:34 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-01-23 00:34 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-01-23 00:34 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-01-23 00:34 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-01-23 00:34 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-01-23 00:34 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-01-23 00:34 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-01-23 00:34 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-01-20 22:02 - 2015-01-20 22:02 - 00000000 ____D () C:\Users\Iceflex\Documents\Electronic Arts
2015-01-20 22:00 - 2015-01-20 22:00 - 00001300 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2015-01-20 22:00 - 2015-01-20 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4
2015-01-20 00:22 - 2015-01-20 00:50 - 00000382 ____H () C:\Windows\Tasks\{1B874B03-E710-4B92-985E-433F533E4488}.job
2015-01-20 00:18 - 2015-01-25 17:20 - 00000000 ____D () C:\ProgramData\panda_url_filtering
2015-01-20 00:18 - 2015-01-20 00:18 - 00000000 ____D () C:\ProgramData\Panda Security URL Filtering
2015-01-20 00:17 - 2015-01-20 00:17 - 00000000 ____D () C:\Program Files\pandasecuritytb
2015-01-20 00:17 - 2014-03-25 14:15 - 00048736 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2015-01-20 00:16 - 2015-01-20 00:16 - 00000000 ____D () C:\Users\Iceflex\AppData\Roaming\Panda Security
2015-01-20 00:15 - 2015-01-20 00:18 - 00000000 ____D () C:\Program Files\Panda Security
2015-01-20 00:15 - 2015-01-20 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2015-01-19 22:49 - 2015-01-19 22:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_RzSynapse_01007.Wdf
2015-01-19 22:46 - 2015-01-19 22:49 - 00008128 _____ () C:\Windows\DPINST.LOG
2015-01-19 22:45 - 2015-01-19 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2015-01-19 22:43 - 2015-01-20 00:18 - 00000000 ____D () C:\ProgramData\Panda Security
2015-01-19 16:40 - 2015-01-24 23:33 - 00000000 ____D () C:\Users\Iceflex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prime Games
2015-01-19 16:40 - 2015-01-19 16:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prime Games
2015-01-19 15:37 - 2015-01-25 16:26 - 00000000 ____D () C:\Windows\system32\directx
2015-01-19 03:42 - 2015-01-19 03:42 - 00016464 _____ () C:\Users\Iceflex\Desktop\clickerHeroSave.txt
2015-01-15 20:10 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-15 03:16 - 2015-01-15 03:16 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-15 03:16 - 2015-01-15 03:16 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Adobe
2015-01-15 03:16 - 2015-01-15 03:16 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-15 03:16 - 2015-01-15 03:16 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Adobe
2015-01-15 02:53 - 2015-01-24 03:16 - 00000112 _____ () C:\ProgramData\ShmOH2h.dat
2015-01-15 02:44 - 2015-01-15 02:44 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-14 23:38 - 2015-01-14 23:38 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-01-14 23:38 - 2015-01-14 23:38 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-01-14 23:38 - 2015-01-14 23:38 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-01-14 23:38 - 2015-01-14 23:38 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-01-14 23:38 - 2015-01-14 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-14 23:38 - 2015-01-14 23:38 - 00000000 ____D () C:\Program Files\Java
2015-01-14 23:38 - 2015-01-14 23:38 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-01-14 20:25 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 20:23 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-14 20:23 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-01-14 20:23 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-01-14 20:23 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-01-14 20:23 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-01-14 20:20 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 20:20 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 20:20 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 20:20 - 2014-12-11 18:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 20:20 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 20:06 - 2015-01-14 20:06 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-08 14:33 - 2014-12-04 05:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-01-08 14:33 - 2014-12-04 05:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-01-08 14:33 - 2014-12-04 05:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-01-08 14:33 - 2014-12-04 05:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-01-08 14:33 - 2014-12-04 05:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-01-08 14:33 - 2014-12-04 05:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-01-08 14:33 - 2014-12-04 05:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-01-08 14:33 - 2014-12-02 00:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-01-08 14:33 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-08 14:33 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-08 14:33 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-08 14:33 - 2014-11-22 03:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-01-08 14:33 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-08 14:33 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-08 14:33 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-01-08 14:33 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-01-08 14:33 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-08 14:33 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-08 14:33 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-08 14:33 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-01-08 14:33 - 2014-11-22 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-01-08 14:33 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-01-08 14:33 - 2014-11-22 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-01-08 14:33 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-01-08 14:33 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-01-08 14:33 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-08 14:33 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-08 14:33 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-01-08 14:33 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-08 14:33 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-08 14:33 - 2014-11-22 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-08 14:33 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-08 14:33 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-01-08 14:33 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-08 14:33 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-08 14:33 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-08 14:33 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-08 14:29 - 2015-01-08 14:32 - 00000000 ____D () C:\Users\Iceflex\Documents\Heroes of the Storm
2015-01-08 14:19 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-08 14:19 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-08 14:19 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-08 14:19 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-08 14:19 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-08 14:06 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-01-08 14:06 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-01-08 14:05 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-01-08 14:05 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-01-08 14:05 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-01-08 14:05 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-08 14:04 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-01-08 14:04 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-01-08 14:04 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-01-08 14:04 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-01-08 13:58 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-01-08 13:58 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-01-08 13:58 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-01-08 13:58 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-01-08 13:58 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-01-08 13:58 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-01-08 13:58 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-01-08 13:48 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-01-08 13:46 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-01-08 13:46 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-01-08 13:46 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-01-08 13:46 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-01-08 13:46 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-01-08 13:46 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-01-08 13:46 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-08 13:46 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-01-08 13:46 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-01-08 13:46 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-01-08 13:46 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 22:10 - 2014-01-06 00:22 - 01838183 _____ () C:\Windows\WindowsUpdate.log
2015-01-25 21:32 - 2014-01-06 01:26 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-25 20:57 - 2009-07-14 05:34 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-25 20:57 - 2009-07-14 05:34 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-25 20:48 - 2014-01-06 01:26 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-25 20:48 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-25 20:47 - 2009-07-14 05:39 - 00037525 _____ () C:\Windows\setupact.log
2015-01-25 17:10 - 2014-03-20 12:57 - 00000000 ____D () C:\Users\Iceflex\AppData\Local\Battle.net
2015-01-25 16:40 - 2014-01-26 16:52 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment
2015-01-25 15:52 - 2014-11-03 23:57 - 00000000 ____D () C:\Program Files\Common Files\Steam
2015-01-25 15:13 - 2014-01-06 01:26 - 00000000 ____D () C:\Users\Iceflex\AppData\Local\Deployment
2015-01-25 15:12 - 2014-01-06 01:30 - 00040736 _____ () C:\Windows\PFRO.log
2015-01-25 15:05 - 2014-01-06 01:26 - 00000000 ____D () C:\Users\Iceflex\AppData\Local\Apps\2.0
2015-01-25 07:54 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Default
2015-01-25 07:54 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2015-01-25 07:53 - 2009-07-14 03:04 - 00000215 _____ () C:\Windows\system.ini
2015-01-25 04:46 - 2014-01-06 00:22 - 00000000 ____D () C:\Users\Iceflex
2015-01-25 04:38 - 2014-01-06 01:27 - 00002121 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-25 04:30 - 2014-01-06 00:24 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-25 00:13 - 2014-01-06 01:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-25 00:13 - 2014-01-06 00:23 - 00001156 _____ () C:\Users\Iceflex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-23 00:34 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-22 14:13 - 2014-03-02 19:49 - 00000000 ____D () C:\Program Files\Origin
2015-01-21 19:19 - 2014-03-02 19:50 - 00000000 ____D () C:\ProgramData\Origin
2015-01-20 22:01 - 2014-03-02 19:50 - 00000000 ____D () C:\ProgramData\Electronic Arts
2015-01-20 22:00 - 2009-07-14 05:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-20 18:05 - 2014-11-03 22:33 - 00000000 ____D () C:\Program Files\Origin Games
2015-01-20 18:03 - 2014-03-02 19:50 - 00000000 ____D () C:\Users\Iceflex\AppData\Roaming\Origin
2015-01-20 18:01 - 2014-03-02 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-01-20 04:36 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-01-20 00:50 - 2009-07-14 05:33 - 00300160 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-20 00:16 - 2014-01-06 01:26 - 00059336 _____ () C:\Users\Iceflex\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-19 22:45 - 2014-11-02 23:35 - 00000000 ____D () C:\Program Files\Razer
2015-01-19 16:38 - 2014-06-10 10:07 - 00000000 ____D () C:\Users\Iceflex\AppData\Roaming\DAEMON Tools Lite
2015-01-19 16:38 - 2014-06-10 10:05 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-01-18 02:04 - 2014-03-20 12:58 - 00000000 ____D () C:\Program Files\Hearthstone
2015-01-16 06:28 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2015-01-16 03:08 - 2014-01-19 03:06 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-16 03:02 - 2014-01-19 03:06 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-15 02:44 - 2014-05-18 13:46 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-15 02:44 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-01-15 02:44 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2015-01-14 23:38 - 2014-07-17 21:47 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-08 14:30 - 2014-01-26 18:09 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-01-08 13:23 - 2014-03-20 12:56 - 00000000 ____D () C:\Program Files\Battle.net
2015-01-08 09:55 - 2014-01-18 21:33 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2015-01-15 02:53 - 2015-01-24 03:16 - 0000112 _____ () C:\ProgramData\ShmOH2h.dat

Files to move or delete:
====================
C:\ProgramData\ShmOH2h.dat
C:\Windows\Tasks\{1B874B03-E710-4B92-985E-433F533E4488}.job


Some content of TEMP:
====================
C:\Users\Iceflex\AppData\Local\Temp\Quarantine.exe
C:\Users\Iceflex\AppData\Local\Temp\sqlite3.dll
C:\Users\Iceflex\AppData\Local\Temp\Uninstall.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-25 02:02

==================== End Of Log ============================
--- --- ---



Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-01-2015 01
Ran by Iceflex at 2015-01-25 22:24:56
Running from C:\Users\Iceflex\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Panda Free Antivirus (Enabled - Up to date) {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
AS: Panda Free Antivirus (Enabled - Up to date) {8F3797EF-DB90-F073-3C72-40C753554CD1}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Install Manager (HKLM\...\{B448BC74-1CB7-7A57-3313-5E075AFB413E}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dead Island: Epidemic (HKLM\...\Steam App 222900) (Version:  - Stunlock Studios)
Diablo III (HKLM\...\Diablo III) (Version:  - Blizzard Entertainment)
Die Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.26.89 - Electronic Arts)
Die Sims™ 4 (HKLM\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.3.32.1010 - Electronic Arts Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.91 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM\...\Hearthstone) (Version:  - Blizzard Entertainment)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
NVIDIA PhysX (HKLM\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Origin (HKLM\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Panda Devices Agent (HKLM\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)
Panda Devices Agent (Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM\...\Panda Universal Agent Endpoint) (Version: 15.00.04.0000 - Panda Security)
Panda Free Antivirus (Version: 7.23.00.0000 - Panda Security) Hidden
Panda Security Toolbar (HKLM\...\pandasecuritytb) (Version: 4.2.1.7 - Panda Security and Visicom Media Inc.)
Panda Security URL Filtering (HKLM\...\Panda Security URL Filtering) (Version: 2.0.2.0 - Panda Security)
Razer Naga (HKLM\...\{ED4108A9-60FD-4F18-AF42-122219977773}) (Version: 3.03.01 - Razer USA Ltd.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Unity Web Player (HKU\S-1-5-21-3896894060-1369374164-1376132773-1000\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
WinRAR 5.01 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3896894060-1369374164-1376132773-1000_Classes\CLSID\{164304c3-953b-4b0c-b12d-d1d0cef6b1e9}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3896894060-1369374164-1376132773-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Iceflex\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)

==================== Restore Points  =========================

23-01-2015 00:32:30 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
23-01-2015 00:33:34 DirectX wurde installiert
24-01-2015 00:59:18 Windows Update
25-01-2015 07:44:00 ComboFix created restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {6533827E-42BC-4AAE-8E90-40CEB06C41CA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-06] (Google Inc.)
Task: {7076A6C1-ECC3-49DF-A14C-33D1D8C9BD63} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-06] (Google Inc.)
Task: {A28E4391-FE3B-40DB-8C27-D88107B970C3} - System32\Tasks\{1B874B03-E710-4B92-985E-433F533E4488} => C:\Program Files\Panda Security\Panda Security Protection\JobLauncher.exe [2014-10-13] (Panda Security, S.L.)
Task: {F142DAE2-2694-434A-A467-BC1EFCF2E649} - System32\Tasks\{BA8D3420-32BA-4AA4-9485-3F78442A5FF6} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -c -runfromtemp -l0x0007 -removeonly

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\{1B874B03-E710-4B92-985E-433F533E4488}.job => C:\Program Files\Panda Security\Panda Security Protection\JobLauncher.exe

==================== Loaded Modules (whitelisted) =============

2013-04-29 22:24 - 2013-04-29 22:24 - 00065024 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files\Panda Security\Panda Security Protection\SQLite3.dll
2013-04-29 22:24 - 2013-04-29 22:24 - 00095232 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-06-18 14:49 - 2013-06-18 14:49 - 00016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-04-29 22:08 - 2013-04-29 22:08 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-01-25 22:20 - 2015-01-25 22:20 - 00852504 _____ () C:\Users\Iceflex\Desktop\SecurityCheck.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3896894060-1369374164-1376132773-500 - Administrator - Disabled)
Gast (S-1-5-21-3896894060-1369374164-1376132773-501 - Limited - Disabled)
Iceflex (S-1-5-21-3896894060-1369374164-1376132773-1000 - Administrator - Enabled) => C:\Users\Iceflex

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/25/2015 04:38:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6b4f6c6a
ID des fehlerhaften Prozesses: 0x14cc
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3


System errors:
=============
Error: (01/25/2015 08:48:52 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (01/25/2015 08:48:01 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (01/25/2015 03:56:45 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (01/25/2015 03:56:03 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (01/25/2015 03:56:02 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000050 (0xb0ab9030, 0x00000000, 0x82a6ff40, 0x00000000)C:\Windows\MEMORY.DMP012515-17066-01

Error: (01/25/2015 03:55:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎25.‎01.‎2015 um 15:54:33 unerwartet heruntergefahren.

Error: (01/25/2015 03:38:03 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (01/25/2015 03:36:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (01/25/2015 03:36:46 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000050 (0x8593b030, 0x00000000, 0x82a74f58, 0x00000000)C:\Windows\MEMORY.DMP012515-19234-01

Error: (01/25/2015 03:36:43 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎25.‎01.‎2015 um 15:35:18 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================
Error: (01/25/2015 04:38:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d6727a7unknown0.0.0.000000000c00000056b4f6c6a14cc01d038b4fc72dad3C:\Windows\explorer.exeunknown3df8df64-a4a8-11e4-a498-88ae1df57596


==================== Memory info ===========================

Processor: AMD Athlon(tm) II P340 Dual-Core Processor
Percentage of memory in use: 43%
Total physical RAM: 2811.7 MB
Available physical RAM: 1597.68 MB
Total Pagefile: 5621.68 MB
Available Pagefile: 4238.05 MB
Total Virtual: 2047.88 MB
Available Virtual: 1921.09 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.44 GB) (Free:111.93 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:148.65 GB) (Free:111.89 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 40FECE23)
Partition 1: (Not Active) - (Size=1 GB) - (Type=27)
Partition 2: (Active) - (Size=148.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=148.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 26.01.2015 11:35
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\ProgramData\ShmOH2h.dat
C:\Windows\Tasks\{1B874B03-E710-4B92-985E-433F533E4488}.job
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Teknartor 26.01.2015 16:57
Habe vergessen das fixlog zu posten... Jetzt ist es weg...

Kann soll ich das nochmal machen?

Aber sonst ist alles okay und vielen Herzlichen dank für die Hilfe.

schrauber 26.01.2015 18:30
nee passt.

Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:35 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131