Guten Tag,

ich habe mir wohl paar Sachen eingefangen.

1. Öffnen sich die websearch.Mocaflix Seiten beim Starten meines Browsers
2. In der AddOn Liste wird ein sogenanntes AddOn Namens; LyricsPal angezeigt. Nicht möglich zu löschen und von Malwarebytes als infiziert markiert worden.
3. Insgesamt ist mein Browser (Google Chrome) ziemlich langsam geworden.

defogger

Code: Alles auswählenAufklappen

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:51 on 19/07/2013 (Krystel)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         

OTL

Code: Alles auswählenAufklappen

ATTFilter

OTL logfile created on: 19.07.2013 18:52:50 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Krystel\Desktop\board
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,49 Gb Available Physical Memory | 62,22% Memory free
8,20 Gb Paging File | 5,97 Gb Available in Paging File | 72,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 327,54 Gb Total Space | 154,63 Gb Free Space | 47,21% Space Free | Partition Type: NTFS
Drive E: | 592,25 Gb Total Space | 496,37 Gb Free Space | 83,81% Space Free | Partition Type: NTFS
 
Computer Name: KRYSTEL-PC | User Name: Krystel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.07.19 18:52:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Krystel\Desktop\board\OTL.exe
PRC - [2013.07.14 20:45:40 | 000,567,880 | ---- | M] () -- C:\Program Files (x86)\puush\puush.exe
PRC - [2013.06.27 12:35:15 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.06.27 12:35:00 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.06.27 12:35:00 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.06.21 23:48:26 | 001,104,384 | ---- | M] (Spotify Ltd) -- C:\Users\Krystel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013.06.05 01:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Krystel\AppData\Local\Akamai\netsession_win.exe
PRC - [2013.05.16 16:44:05 | 001,012,000 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013.05.16 16:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.07.14 20:45:40 | 000,567,880 | ---- | M] () -- C:\Program Files (x86)\puush\puush.exe
MOD - [2013.07.12 20:49:44 | 000,396,240 | ---- | M] () -- C:\Users\Krystel\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
MOD - [2013.07.12 20:49:42 | 004,052,944 | ---- | M] () -- C:\Users\Krystel\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll
MOD - [2013.07.12 20:48:52 | 000,601,552 | ---- | M] () -- C:\Users\Krystel\AppData\Local\Google\Chrome\Application\28.0.1500.72\libglesv2.dll
MOD - [2013.07.12 20:48:51 | 000,123,344 | ---- | M] () -- C:\Users\Krystel\AppData\Local\Google\Chrome\Application\28.0.1500.72\libegl.dll
MOD - [2013.07.12 20:48:49 | 001,597,392 | ---- | M] () -- C:\Users\Krystel\AppData\Local\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll
MOD - [2013.07.12 14:19:41 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\59375bfcbdf9a51a963b71c10f6204d4\System.Runtime.Remoting.ni.dll
MOD - [2013.07.12 14:19:34 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\798504f7455735fbc9abe8d6ebe73f03\System.Configuration.ni.dll
MOD - [2013.07.12 14:04:07 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\4a249ccdc8817127b91bc36d1aa52b5e\System.Xml.ni.dll
MOD - [2013.07.12 14:03:53 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f58a8a55eda29b5a43af20c4568f7f91\System.Windows.Forms.ni.dll
MOD - [2013.07.12 14:03:45 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6ac6cab47b69e44769c726610e7f29bc\System.Drawing.ni.dll
MOD - [2013.07.12 14:02:47 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\e3cc2cbffd5fb21da64e93d9b6c27c7c\System.ni.dll
MOD - [2013.07.12 14:02:29 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
MOD - [2009.03.29 22:40:04 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013.07.15 13:11:29 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.07.06 20:34:55 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.06.27 12:35:15 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.06.27 12:35:00 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.06.07 00:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.05.16 16:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.14 02:00:00 | 004,722,728 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012.04.26 12:14:06 | 002,438,696 | ---- | M] (mobile concepts GmbH) [On_Demand | Stopped] -- C:\Programme\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc)
SRV - [2009.03.29 22:42:16 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006.12.14 18:00:00 | 000,544,768 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)
SRV - [2005.03.09 21:50:18 | 000,018,944 | ---- | M] (hxxp://libusb-win32.sourceforge.net) [Auto | Stopped] -- C:\Windows\SysWOW64\libusbd-nt.exe -- (libusbd)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.03.27 23:38:13 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.03.27 23:38:13 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.03.27 23:38:13 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.07.31 10:45:10 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2012.05.12 13:31:00 | 000,121,416 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2012.02.29 15:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.15 21:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tap0901.sys -- (tap0901)
DRV:64bit: - [2011.12.07 20:42:28 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\xusb21.sys -- (xusb21)
DRV:64bit: - [2010.06.14 10:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010.04.27 04:25:16 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ss_bmdm.sys -- (ss_bmdm)
DRV:64bit: - [2010.04.27 04:25:16 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ss_bbus.sys -- (ss_bbus)
DRV:64bit: - [2010.04.27 04:25:16 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ss_bmdfl.sys -- (ss_bmdfl)
DRV:64bit: - [2008.02.22 19:54:00 | 000,019,496 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GearAspiWDM)
DRV - [2013.02.05 10:54:40 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010.06.14 10:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2006.07.24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2005.03.09 21:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=db2f991b-106f-477d-a712-c771073b6e79&searchtype=ds&q={searchTerms}&installDate=10/07/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=db2f991b-106f-477d-a712-c771073b6e79&searchtype=ds&q={searchTerms}&installDate=10/07/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=db2f991b-106f-477d-a712-c771073b6e79&searchtype=hp&installDate=10/07/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=db2f991b-106f-477d-a712-c771073b6e79&searchtype=ds&q={searchTerms}&installDate=10/07/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=db2f991b-106f-477d-a712-c771073b6e79&searchtype=ds&q={searchTerms}&installDate=10/07/2013
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7Bdf4e4df5-5cb7-46b0-9aef-6c784c3249f8%7D:1.2.0
FF - prefs.js..extensions.enabledAddons: firefox%40mega.co.nz:1.0.3
FF - prefs.js..extensions.enabledAddons: %7Bdb2f991b-106f-477d-a712-c771073b6e79%7D:1.1
FF - prefs.js..extensions.enabledAddons: %7B9309FA47-1B48-4768-AFA4-9E0556F5DC81%7D:1.122
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..keyword.URL: "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=db2f991b-106f-477d-a712-c771073b6e79&searchtype=ds&installDate=10/07/2013&q="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Krystel\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Krystel\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.07.06 20:34:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{9309FA47-1B48-4768-AFA4-9E0556F5DC81}: C:\Program Files (x86)\LyricsPal\122.xpi [2013.07.15 13:07:57 | 000,007,431 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.07.06 20:34:48 | 000,000,000 | ---D | M]
 
[2013.02.03 17:43:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Krystel\AppData\Roaming\mozilla\Extensions
[2013.07.12 16:45:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Krystel\AppData\Roaming\mozilla\Firefox\Profiles\8zu5s3ea.default\extensions
[2013.07.12 16:45:38 | 000,000,000 | ---D | M] ("Snap.Do ") -- C:\Users\Krystel\AppData\Roaming\mozilla\Firefox\Profiles\8zu5s3ea.default\extensions\{db2f991b-106f-477d-a712-c771073b6e79}
[2013.07.07 05:59:36 | 000,000,000 | ---D | M] (FoxyDeal) -- C:\Users\Krystel\AppData\Roaming\mozilla\Firefox\Profiles\8zu5s3ea.default\extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D}
[2013.07.06 19:44:44 | 002,168,615 | ---- | M] () (No name found) -- C:\Users\Krystel\AppData\Roaming\mozilla\firefox\profiles\8zu5s3ea.default\extensions\firebug@software.joehewitt.com.xpi
[2013.07.09 13:38:29 | 000,004,366 | ---- | M] () (No name found) -- C:\Users\Krystel\AppData\Roaming\mozilla\firefox\profiles\8zu5s3ea.default\extensions\firefox@mega.co.nz.xpi
[2013.06.07 13:32:21 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Krystel\AppData\Roaming\mozilla\firefox\profiles\8zu5s3ea.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.06.30 00:27:34 | 000,026,136 | ---- | M] () (No name found) -- C:\Users\Krystel\AppData\Roaming\mozilla\firefox\profiles\8zu5s3ea.default\extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi
[2013.07.06 20:34:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\Extensions
[2013.07.06 20:34:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.07.06 20:34:56 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.07.15 13:07:57 | 000,007,431 | ---- | M] () (No name found) -- C:\PROGRAM FILES (X86)\LYRICSPAL\122.XPI
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: 
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Krystel\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Krystel\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Krystel\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Krystel\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: YouTube = C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: AdBlock = C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0\
CHR - Extension: ProxMate - Improve your Internet! = C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm\2.3.8_0\
 
O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Krystel\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [puush] C:\Program Files (x86)\puush\puush.exe ()
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Krystel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aeriagames.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: aeriagames.com ([]https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ED0AD528-8918-45F6-A371-C5AAF664B1A4}: DhcpNameServer = 192.168.178.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Krystel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Krystel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.07.07 05:13:41 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8d8777ce-87f9-11e2-83fb-00242150365f}\Shell - "" = AutoRun
O33 - MountPoints2\{8d8777ce-87f9-11e2-83fb-00242150365f}\Shell\AutoRun\command - "" = L:\Install.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.07.19 18:50:56 | 000,000,000 | ---D | C] -- C:\Users\Krystel\Desktop\board
[2013.07.15 20:57:29 | 000,000,000 | ---D | C] -- C:\Users\Krystel\AppData\Local\NVIDIA
[2013.07.15 13:07:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LyricsPal
[2013.07.14 05:57:11 | 000,000,000 | ---D | C] -- C:\Users\Krystel\AppData\Local\master131
[2013.07.14 05:40:25 | 000,000,000 | ---D | C] -- C:\Users\Krystel\AppData\Local\TrinityEntertainmentNetwo
[2013.07.11 21:20:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.07.10 17:26:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.2
[2013.07.10 17:26:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6.2
[2013.07.07 05:59:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FoxyDeal
[2013.07.07 05:47:13 | 004,722,728 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2013.07.07 05:47:05 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys
[2013.07.07 05:46:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2013.07.07 05:43:44 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.07.07 05:41:28 | 000,000,000 | ---D | C] -- C:\Users\Krystel\AppData\Roaming\PiccShare
[2013.07.07 05:41:28 | 000,000,000 | ---D | C] -- C:\Users\Krystel\AppData\Roaming\Common
[2013.07.07 05:41:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flyff
[2013.07.07 05:36:03 | 000,000,000 | ---D | C] -- C:\Program Files\gPotato.eu
[2013.07.07 05:32:11 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2013.07.07 05:32:11 | 000,000,000 | ---D | C] -- C:\Users\Krystel\AppData\Local\Temp
[2013.07.07 05:13:10 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.07.07 05:12:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013.07.07 00:14:00 | 000,000,000 | ---D | C] -- C:\Users\Krystel\Desktop\alex
[2013.07.06 20:34:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.07.03 23:26:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3
[2013.07.03 23:26:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoIt3
[2013.07.01 18:05:13 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013.07.01 15:27:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3
[2013.07.01 15:27:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6.3
[2013.06.26 22:53:03 | 000,000,000 | ---D | C] -- C:\Users\Krystel\AppData\Roaming\vlc
[2013.06.26 22:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.06.26 22:51:35 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013.06.26 22:17:18 | 000,000,000 | ---D | C] -- C:\Users\Krystel\AppData\Roaming\Sony Creative Software Inc
[2013.06.23 23:06:05 | 000,000,000 | ---D | C] -- C:\Users\Krystel\AppData\Roaming\DivX
[2013.06.23 23:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2013.06.23 22:59:18 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2013.06.23 22:53:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[2013.06.23 22:53:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ffdshow
[2013.06.23 22:36:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2013.06.23 22:36:41 | 000,000,000 | ---D | C] -- C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2013.06.23 22:36:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Haali
[2013.06.23 22:33:28 | 000,000,000 | ---D | C] -- C:\Users\Krystel\Desktop\idk
[2013.06.23 22:33:05 | 000,000,000 | ---D | C] -- C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
[2013.06.23 22:33:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
[2013.06.23 22:33:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.07.19 18:57:11 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.19 18:51:31 | 000,000,000 | ---- | M] () -- C:\Users\Krystel\defogger_reenable
[2013.07.19 18:46:44 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.19 18:46:44 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.19 18:16:00 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3029538542-3273361527-2256941593-1000UA.job
[2013.07.19 14:47:30 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\Lyrics-Pal Update.job
[2013.07.19 14:46:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.19 14:46:38 | 4294,172,672 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.19 14:45:55 | 000,001,501 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013.07.17 14:16:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3029538542-3273361527-2256941593-1000Core.job
[2013.07.17 01:46:50 | 000,056,320 | ---- | M] () -- C:\Users\Krystel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.07.14 15:28:35 | 000,000,776 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.07.13 19:22:30 | 000,002,058 | ---- | M] () -- C:\Users\Krystel\Desktop\Google Chrome.lnk
[2013.07.12 14:00:23 | 000,282,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.11 21:43:16 | 002,640,946 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.07.11 21:43:16 | 001,252,300 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.11 21:43:16 | 000,778,750 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.07.11 21:43:16 | 000,695,934 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.11 21:43:15 | 000,006,972 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.10 17:26:22 | 000,000,930 | ---- | M] () -- C:\Users\Krystel\Desktop\Cheat Engine.lnk
[2013.07.07 05:41:21 | 000,001,513 | ---- | M] () -- C:\Users\Public\Desktop\Flyff.lnk
[2013.07.07 05:19:09 | 001,273,625 | ---- | M] () -- C:\Users\Krystel\Desktop\zoek.exe
[2013.07.07 05:13:41 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013.07.03 23:47:22 | 000,000,377 | ---- | M] () -- C:\Users\Krystel\SciTE.session
[2013.06.21 14:06:36 | 000,061,216 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013.06.21 14:06:36 | 000,053,024 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013.06.21 14:06:36 | 000,021,578 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.07.19 18:51:31 | 000,000,000 | ---- | C] () -- C:\Users\Krystel\defogger_reenable
[2013.07.14 15:28:35 | 000,000,776 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.07.10 17:44:28 | 000,002,294 | ---- | C] () -- C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
[2013.07.10 17:26:22 | 000,000,930 | ---- | C] () -- C:\Users\Krystel\Desktop\Cheat Engine.lnk
[2013.07.07 05:59:24 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\Lyrics-Pal Update.job
[2013.07.07 05:47:05 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd
[2013.07.07 05:41:21 | 000,001,513 | ---- | C] () -- C:\Users\Public\Desktop\Flyff.lnk
[2013.07.07 05:19:07 | 001,273,625 | ---- | C] () -- C:\Users\Krystel\Desktop\zoek.exe
[2013.07.07 05:13:41 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013.07.03 23:32:25 | 000,000,377 | ---- | C] () -- C:\Users\Krystel\SciTE.session
[2013.07.01 18:18:23 | 000,021,578 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2013.06.23 22:53:30 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.06.04 16:05:06 | 000,917,504 | ---- | C] () -- C:\Windows\SysWow64\dtsdecoderdll.dll
[2013.06.04 16:05:06 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2013.06.02 10:59:13 | 000,000,680 | ---- | C] () -- C:\Users\Krystel\AppData\Local\d3d9caps.dat
[2013.03.03 19:00:27 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\qzpz.dll
[2013.03.03 04:12:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013.03.03 04:12:01 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2013.03.03 04:10:37 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2013.02.24 16:54:09 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2013.02.23 12:09:32 | 000,007,823 | ---- | C] () -- C:\Users\Krystel\ESt2012_Moncayo_Nuhn_Jose_Manuel.elfo
[2013.02.20 09:49:26 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
[2013.02.20 09:49:26 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[2013.02.20 09:19:30 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2013.02.20 09:07:58 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2013.02.13 14:15:02 | 000,000,854 | ---- | C] () -- C:\Users\Krystel\AppData\Local\recently-used.xbel
[2013.02.04 00:24:13 | 001,634,798 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.02.03 18:27:50 | 000,056,320 | ---- | C] () -- C:\Users\Krystel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.18 11:06:06 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.12.18 11:06:06 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.12.18 11:06:06 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.12.18 11:06:06 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
 
========== ZeroAccess Check ==========
 
[2006.11.02 17:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.08 19:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.04.11 01:11:16 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 00:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008.01.21 04:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.05.18 19:36:59 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\Aeria Games & Entertainment
[2013.05.18 19:59:27 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\Awesomium
[2013.07.19 16:14:55 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\BoL
[2013.07.07 05:41:28 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\Common
[2013.02.23 11:38:30 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\elsterformular
[2013.04.08 21:21:40 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\EPSON
[2013.02.24 15:19:13 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\fltk.org
[2013.05.06 02:28:14 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\GarenaPlus
[2013.02.14 07:38:13 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\ICQ-Profile
[2013.02.14 07:33:47 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\ICQM
[2013.02.03 21:18:02 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\LolClient
[2013.02.24 16:31:52 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\MotioninJoy
[2013.07.07 05:41:28 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\PiccShare
[2013.03.03 15:45:39 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\Publish Providers
[2013.06.15 21:27:11 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\puush
[2013.03.03 15:53:32 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\Red Giant Link
[2013.02.24 18:33:32 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\Samsung
[2013.05.23 19:12:04 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\Screaming Bee
[2013.06.22 23:38:15 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\Sony
[2013.06.26 22:17:18 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\Sony Creative Software Inc
[2013.07.11 23:45:14 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\Spotify
[2013.06.12 16:20:31 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\TeamViewer
[2013.07.18 17:29:05 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\TS3Client
[2013.02.23 12:43:57 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\VBA-M
[2013.02.23 13:41:12 | 000,000,000 | ---D | M] -- C:\Users\Krystel\AppData\Roaming\WinISO Computing
 
========== Purity Check ==========
 
 

< End of report >
         

Extras

Code: Alles auswählenAufklappen

ATTFilter

OTL Extras logfile created on: 19.07.2013 18:52:50 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Krystel\Desktop\board
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,49 Gb Available Physical Memory | 62,22% Memory free
8,20 Gb Paging File | 5,97 Gb Available in Paging File | 72,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 327,54 Gb Total Space | 154,63 Gb Free Space | 47,21% Space Free | Partition Type: NTFS
Drive E: | 592,25 Gb Total Space | 496,37 Gb Free Space | 83,81% Space Free | Partition Type: NTFS
 
Computer Name: KRYSTEL-PC | User Name: Krystel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML.WH4Z4YUIFPG32HKJS2UOICFTJY] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01  [binary data]
"VistaSp2" = 01 01 19 11 B9 17 CE 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3029538542-3273361527-2256941593-1000]
"EnableNotifications" = 1
"EnableNotificationsRef" = 2
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01636551-7CC5-4EE5-8543-62D68242C9B7}" = lport=137 | protocol=17 | dir=in | app=system | 
"{06AD667A-BBC1-4220-BEA1-21325B2CF1FB}" = lport=445 | protocol=6 | dir=in | app=system | 
"{10A68F17-165D-448E-AB9F-0676DD87608A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{27B6AB97-EA85-443E-B0E5-9742E5C559D1}" = rport=137 | protocol=17 | dir=out | app=system | 
"{339278FE-36BF-4C56-B893-85E68ACEAA4B}" = lport=138 | protocol=17 | dir=in | app=system | 
"{4A125863-6C26-45EC-BD59-FE75468FDFD5}" = rport=445 | protocol=6 | dir=out | app=system | 
"{A492887F-31C2-4AFE-8693-C8A006D81A9D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{BD140B85-88E7-4321-AFB7-5D2AD954CAB3}" = rport=139 | protocol=6 | dir=out | app=system | 
"{BFCC4477-9A11-43D3-8300-D867CC8F741E}" = rport=138 | protocol=17 | dir=out | app=system | 
"{D39BBEF5-905D-4D36-B0E1-67224E4E9E0C}" = lport=139 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08F13F5F-5B46-47A7-B508-4369EBA38806}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | 
"{13F5FB11-577B-48C0-BEBD-F4E76216FF48}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe | 
"{283D7D60-C0CF-44FC-B002-26C53760464F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{2FA48411-C177-48BA-A1AA-499DAD52E5FC}" = protocol=17 | dir=in | app=c:\users\krystel\appdata\roaming\icqm\icq.exe | 
"{3420D4AF-E962-41AD-8244-1959B030C1EE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe | 
"{39E4E0F0-41D1-48A7-A82C-FD6BBA2BD29C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | 
"{3CF79118-4239-429D-8EE4-A5262C9CC717}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{4A2F25C0-26F6-4DCE-8E60-5344E0026949}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{759D7E9E-82EA-43BF-B53B-AD468309ABE2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{7A52D970-0279-4EA3-8FA3-C386FAA8DC41}" = protocol=6 | dir=in | app=c:\users\krystel\appdata\roaming\icqm\icq.exe | 
"{88DB35B8-FE8E-47B2-B051-BA42548843FF}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{9A173262-FB38-45F5-923B-86D628F0650F}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{BD2EB19D-0869-40EB-98CD-DDBD2C374DB5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{BE2AE9EF-185A-44B0-8CDA-891CFC307AA2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{D8061530-FCD9-4263-AF17-11F120F4B609}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe | 
"{DA258A29-C300-46D7-9103-E218832FC662}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe | 
"{F16B2782-0E39-44A6-B90E-46E4B233A298}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe | 
"{FD26B9B3-0AC0-46B1-B64C-4FFA4182A679}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe | 
"TCP Query User{0031EC39-E16A-42EC-B79E-45A0EF0529FE}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe | 
"TCP Query User{2CF4E4E2-F0F8-45A7-AE15-25FF12672B93}C:\program files\sony\vegas pro 12.0\vegas120.exe" = protocol=6 | dir=in | app=c:\program files\sony\vegas pro 12.0\vegas120.exe | 
"TCP Query User{56B4A59C-9871-430B-BED3-E867FA345865}C:\users\krystel\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\krystel\appdata\local\akamai\netsession_win.exe | 
"TCP Query User{6FDFC0F6-19AA-480C-94C7-9EF184804384}C:\users\krystel\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\krystel\appdata\local\akamai\netsession_win.exe | 
"TCP Query User{9D6945AB-E8D5-4B44-967A-1AAB4C50DC8F}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe | 
"TCP Query User{F34C0192-2DCA-4FD3-9B6A-88DB939B0A4F}C:\users\krystel\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\krystel\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{FF70EFCD-31F9-4EEA-B6C9-8A6525F0447C}C:\users\krystel\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\krystel\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{1A10EA5A-FA70-4646-A6E1-B9FF1F880AB8}C:\users\krystel\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\krystel\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{2D23FD89-9D75-4E71-96AC-122900221501}C:\users\krystel\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\krystel\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{32E43DF8-7692-4A7B-9B18-AEED8EFC7111}C:\program files\sony\vegas pro 12.0\vegas120.exe" = protocol=17 | dir=in | app=c:\program files\sony\vegas pro 12.0\vegas120.exe | 
"UDP Query User{3324D9C1-8BF3-42BC-862C-A4F73F65A0C6}C:\users\krystel\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\krystel\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{6EC3397E-2A83-4372-89C6-1B226F93AA46}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe | 
"UDP Query User{98F70B9F-91CD-4AF6-BC01-B47A5876399F}C:\users\krystel\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\krystel\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{E382F0CD-92A3-4CCA-A719-F26D30C93A6F}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.5.0002
"{3C09DE13-867C-4289-9F95-4510BB3A5F57}" = Magic Bullet Suite 64-bit
"{7A0D09B0-6575-11E2-89D5-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit)
"{7E708ADE-6575-11E2-8713-F04DA23A5C58}" = MSVCRT Redists
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 4.11.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"CCleaner" = CCleaner
"CyberGhost VPN_is1" = CyberGhost VPN
"EPSON SX110 Series" = EPSON SX110 Series Printer Uninstall
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 2.0.7
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{080FE95E-5A89-4A54-BAAA-D769971B7C2D}" = Corel Home Office 5.0.36
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{7613592F-B20C-4E1B-B2DD-67F0784D4373}" = Energy Settings
"{7E210E1C-52A1-40E3-817B-D504E9F64DFA}_is1" = Flyff
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{C3592426-531E-4110-911D-BFECE2CE284B}" = puush
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{FCFE3F81-C977-4D31-877B-2778BB2A02DE}" = Preset Manager 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"AutoItv3" = AutoIt v3.3.8.1
"Avira AntiVir Desktop" = Avira Free Antivirus
"AviSynth" = AviSynth 2.5
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"Cheat Engine 6.3_is1" = Cheat Engine 6.3
"Crossfire Europe" = Crossfire Europe
"ElsterFormular" = ElsterFormular
"EPSON Scanner" = EPSON Scan
"ffdshow_is1" = ffdshow v1.3.4513 [2013-05-25]
"Fraps" = Fraps (remove only)
"HaaliMkx" = Haali Media Splitter
"InstallShield_{3C09DE13-867C-4289-9F95-4510BB3A5F57}" = Magic Bullet Suite 64-bit
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1
"LOLReplay" = LOLReplay
"LoLTW" = Garena *^¶¯Áp·ù¡]¥xÆW¡^
"MacroGamer" = MacroGamer 2.7.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 240" = Counter-Strike: Source
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{939d5956-f9bb-438a-9df7-a457f5a95992}" = Snap.Do Engine
"Akamai" = Akamai NetSession Interface
"Google Chrome" = Google Chrome
"ICQ" = ICQ 8.0 (build 5999, für aktuellen Benutzer)
"MyFreeCodec" = MyFreeCodec
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 16.07.2013 06:47:30 | Computer Name = Krystel-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 16.07.2013 14:07:36 | Computer Name = Krystel-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 16.07.2013 16:52:45 | Computer Name = Krystel-PC | Source = Application Error | ID = 1000
Error - 16.07.2013 19:42:25 | Computer Name = Krystel-PC | Source = Application 
Hang | ID = 1002
 
Description = Programm Neuz.exe, Version 3.8.22.1 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 808
Anfangszeit: 01ce827e142ddd35
Zeitpunkt der Beendigung: 82
Error - 17.07.2013 07:51:28 | Computer Name = Krystel-PC | Source = WinMgmt | ID
 = 10
 
Description = 
Error - 17.07.2013 13:32:09 | Computer Name = Krystel-PC | Source = WinMgmt | ID
 = 10
 
Description = 
Error - 18.07.2013 09:28:49 | Computer Name = Krystel-PC | Source = WinMgmt | ID
 = 10
 
Description = 
Error - 18.07.2013 12:49:59 | Computer Name = Krystel-PC | Source = Application 
Error | ID = 1000
 
Description = Fehlerhafte Anwendung rads_user_kernel.exe, Version 0.0.0.0, Zeitstempel 0x4e65c1ac, fehlerhaftes Modul rads_user_kernel.exe, Version 0.0.0.0, Zeitstempel 0x4e65c1ac, Ausnahmecode 0xc0000005, Fehleroffset 0x000b8554,
Prozess-ID 0xd1c, Anwendungsstartzeit 01ce83d6d2ad98d7.
Error - 18.07.2013 12:50:04 | Computer Name = Krystel-PC | Source = Application 
Error | ID = 1000
 
Description = Fehlerhafte Anwendung rads_user_kernel.exe, Version 0.0.0.0, Zeitstempel 0x4e65c1ac, fehlerhaftes Modul rads_user_kernel.exe, Version 0.0.0.0, Zeitstempel 0x4e65c1ac, Ausnahmecode 0xc0000005, Fehleroffset 0x000b8554,
Prozess-ID 0x1464, Anwendungsstartzeit 01ce83d6da05bfe4.
Error - 19.07.2013 08:40:16 | Computer Name = Krystel-PC | Source = WinMgmt | ID
 = 10
 
Description = 
Error - 19.07.2013 08:48:26 | Computer Name = Krystel-PC | Source = WinMgmt | ID
 = 10
 
Description = 
 
Error encountered while reading event logs.
 
< End of report >
         

MBAM

Code: Alles auswählenAufklappen

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.07.19.01

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Krystel :: KRYSTEL-PC [Administrator]

19.07.2013 04:35:34
mbam-log-2013-07-19 (04-35-34).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 689144
Laufzeit: 2 Stunde(n), 4 Minute(n), 40 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCR\QMDispatch.QMFunction (Trojan.BHO) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 4
C:\Program Files (x86)\LyricsPal\Lyrics.exe (PUP.LyricsAd) -> Keine Aktion durchgeführt.
C:\Users\Krystel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DSCH54ZI\LyricsPal_1060-8101_v122[1] (PUP.LyricsAd) -> Keine Aktion durchgeführt.
C:\Users\Krystel\AppData\Local\Temp\lyricsPaltmp.exe (PUP.LyricsAd) -> Keine Aktion durchgeführt.
C:\Users\Krystel\Downloads\Toms.rar (HackTool.Agent.H) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         

ADW#1

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v2.305 - Datei am 15/07/2013 um 22:27:45 erstellt
# Aktualisiert am 11/07/2013 von Xplode
# Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Benutzer : Krystel - KRYSTEL-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Krystel\Downloads\AdwCleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\foxydeal.sqlite
Gelöscht mit Neustart : C:\Program Files (x86)\FoxyDeal
Gelöscht mit Neustart : C:\Program Files (x86)\LyricsPal

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C8FBE488-BAF5-4019-A7F7-C888045987D3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C8FBE488-BAF5-4019-A7F7-C888045987D3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\lrcspal@lyricspal.co

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16496

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\prefs.js

C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\user.js ... Gelöscht !

Gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
Gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
Gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Gelöscht : user_pref("extensions.helperbar.Visibility", false);

-\\ Google Chrome v28.0.1500.72

Datei : C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.2681] : urls_to_restore_on_startup = [ "hxxp://websearch.mocaflix.com/", "" ]

*************************

AdwCleaner[R1].txt - [2531 octets] - [02/07/2013 13:38:05]
AdwCleaner[R2].txt - [6753 octets] - [13/07/2013 14:06:29]
AdwCleaner[R3].txt - [2249 octets] - [15/07/2013 22:26:20]
AdwCleaner[S1].txt - [2455 octets] - [02/07/2013 13:38:43]
AdwCleaner[S2].txt - [6790 octets] - [13/07/2013 14:06:56]
AdwCleaner[S3].txt - [2295 octets] - [15/07/2013 22:27:45]

########## EOF - C:\AdwCleaner[S3].txt - [2355 octets] ##########
         

ADW#2

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v2.305 - Datei am 19/07/2013 um 14:45:05 erstellt
# Aktualisiert am 11/07/2013 von Xplode
# Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Benutzer : Krystel - KRYSTEL-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Krystel\Downloads\AdwCleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\foxydeal.sqlite
Gelöscht mit Neustart : C:\Program Files (x86)\FoxyDeal
Gelöscht mit Neustart : C:\Program Files (x86)\LyricsPal

***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16496

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\prefs.js

Gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
Gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
Gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Gelöscht : user_pref("extensions.helperbar.Visibility", false);

-\\ Google Chrome v28.0.1500.72

Datei : C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.2863] : urls_to_restore_on_startup = [ "hxxp://websearch.mocaflix.com/", "" ]

*************************

AdwCleaner[R1].txt - [2531 octets] - [02/07/2013 13:38:05]
AdwCleaner[R2].txt - [6753 octets] - [13/07/2013 14:06:29]
AdwCleaner[R3].txt - [2249 octets] - [15/07/2013 22:26:20]
AdwCleaner[R4].txt - [1915 octets] - [19/07/2013 14:44:34]
AdwCleaner[S1].txt - [2455 octets] - [02/07/2013 13:38:43]
AdwCleaner[S2].txt - [6790 octets] - [13/07/2013 14:06:56]
AdwCleaner[S3].txt - [2424 octets] - [15/07/2013 22:27:45]
AdwCleaner[S4].txt - [1860 octets] - [19/07/2013 14:45:05]

########## EOF - C:\AdwCleaner[S4].txt - [1920 octets] ##########
         

GMER schließt sich mitten drin immer.

!Eine Frage nebenbei hätte ich noch. Passt vielleicht nicht genau hier her, aber vilt. weiß ja jemand bescheid.

Ich benutze einen Grundig WXGA ca 20Zoll 16:9 Bildschirm als Monitor für meinen PC.
Hatte immer die Auflösung 1600x1200 drin, nur dies ist seit den letzten Wochen nicht mehr möglich.

Ich kann zwar die Auflösung einstellen, das Bild verzerrt sich aber zu weit nach rechts, so das ein Stück des Bildes fehlt.
Verschiedene Treiber, Einstellungen (Über den PC und den TV) probiert. Funktioniert alles nicht.

An was könnte das liegen?

mfg

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

FRST


FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-07-2013
Ran by Krystel (administrator) on 19-07-2013 19:55:59
Running from C:\Users\Krystel\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Krystel\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Program Files (x86)\puush\puush.exe
(Spotify Ltd) C:\Users\Krystel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Akamai Technologies, Inc.) C:\Users\Krystel\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(Google Inc.) C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKCU\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [2438656 2009-04-11] (Microsoft Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Krystel\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [152064 2008-07-03] (Microsoft Corporation)
HKCU\...\Run: [puush] - C:\Program Files (x86)\puush\puush.exe [567880 2013-07-14] ()
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Krystel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-06-21] (Spotify Ltd)
HKCU\...\Run: [Google Update] - C:\Users\Krystel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-03] (Google Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe [x]
MountPoints2: {8d8777ce-87f9-11e2-83fb-00242150365f} - L:\Install.exe
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [NPSStartup] -  [x]
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-11] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
ShortcutTarget: LOLRecorder.lnk -> C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=db2f991b-106f-477d-a712-c771073b6e79&searchtype=hp&installDate=10/07/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=db2f991b-106f-477d-a712-c771073b6e79&searchtype=ds&q={searchTerms}&installDate=10/07/2013
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default
FF NewTab: hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=db2f991b-106f-477d-a712-c771073b6e79&searchtype=nt&installDate=10/07/2013&q=
FF Homepage: about:home
FF Keyword.URL: hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=db2f991b-106f-477d-a712-c771073b6e79&searchtype=ds&installDate=10/07/2013&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Krystel\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Krystel\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\{db2f991b-106f-477d-a712-c771073b6e79}
FF Extension: FoxyDeal - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D}
FF Extension: firebug - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: firefox - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\firefox@mega.co.nz.xpi
FF Extension: No Name - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKCU\...\Firefox\Extensions: [{9309FA47-1B48-4768-AFA4-9E0556F5DC81}] C:\Program Files (x86)\LyricsPal\122.xpi
FF Extension: No Name - C:\Program Files (x86)\LyricsPal\122.xpi

Chrome: 
=======
CHR RestoreOnStartup: "hxxp://websearch.mocaflix.com/", ""
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Krystel\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Krystel\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Krystel\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Users\Krystel\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (YouTube) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (AdBlock) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0
CHR Extension: (ProxMate - Improve your Internet!) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm\2.3.8_0

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
S2 libusbd; C:\Windows\SysWow64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4722728 2013-03-14] (INCA Internet Co., Ltd.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-27] (Avira Operations GmbH & Co. KG)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 libusb0; C:\Windows\SysWow64\drivers\libusb0.sys [33792 2005-03-09] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 libusb0; system32\drivers\libusb0.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S1 StarOpen; No ImagePath
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]
U3 fxtiafoc; \??\C:\Users\Krystel\AppData\Local\Temp\fxtiafoc.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-19 19:55 - 2013-07-19 19:55 - 01778207 _____ (Farbar) C:\Users\Krystel\Desktop\FRST64.exe
2013-07-19 19:55 - 2013-07-19 19:55 - 00000000 ____D C:\FRST
2013-07-19 19:38 - 2013-07-19 19:38 - 00000072 _____ C:\Users\Krystel\Desktop\Wichtig Motor lackieren Anleitung.txt
2013-07-19 18:51 - 2013-07-19 18:51 - 00000000 _____ C:\Users\Krystel\defogger_reenable
2013-07-19 18:50 - 2013-07-19 19:55 - 00000000 ____D C:\Users\Krystel\Desktop\board
2013-07-19 17:35 - 2013-07-19 17:35 - 00001797 _____ C:\Users\Krystel\Desktop\old.txt
2013-07-19 14:45 - 2013-07-19 14:45 - 00001989 _____ C:\AdwCleaner[S4].txt
2013-07-19 14:44 - 2013-07-19 14:44 - 00001915 _____ C:\AdwCleaner[R4].txt
2013-07-15 22:27 - 2013-07-15 22:28 - 00002424 _____ C:\AdwCleaner[S3].txt
2013-07-15 22:26 - 2013-07-15 22:26 - 00002249 _____ C:\AdwCleaner[R3].txt
2013-07-15 20:57 - 2013-07-15 20:57 - 00000000 ____D C:\Users\Krystel\AppData\Local\NVIDIA
2013-07-15 13:07 - 2013-07-15 13:07 - 00000000 ____D C:\Program Files (x86)\LyricsPal
2013-07-15 13:06 - 2013-07-15 22:29 - 00000848 _____ C:\Windows\PFRO.log
2013-07-14 15:28 - 2013-07-14 15:28 - 00000776 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-07-14 15:27 - 2013-07-14 15:27 - 04396440 _____ (Piriform Ltd) C:\Users\Krystel\Downloads\ccsetup403.exe
2013-07-14 05:57 - 2013-07-14 05:57 - 00000000 ____D C:\Users\Krystel\AppData\Local\master131
2013-07-14 05:55 - 2013-07-14 05:55 - 00417036 _____ C:\Users\Krystel\Downloads\hook.rar
2013-07-14 05:40 - 2013-07-14 05:40 - 00000000 ____D C:\Users\Krystel\AppData\Local\TrinityEntertainmentNetwo
2013-07-14 05:39 - 2013-07-14 05:39 - 00572128 _____ C:\Users\Krystel\Downloads\BlackDragonInjector.rar
2013-07-14 05:20 - 2013-07-14 05:20 - 00374495 _____ C:\Users\Krystel\Downloads\FlyFF Infiltration Hack.zip
2013-07-14 04:59 - 2013-07-14 04:59 - 02231481 _____ C:\Users\Krystel\Downloads\Twixtor for Vegas Pro 12.zip
2013-07-14 00:27 - 2013-07-14 00:31 - 00109904 _____ C:\Users\Krystel\Downloads\Afi-Prelude(Lyrics).mp3.sfk
2013-07-13 14:06 - 2013-07-13 14:07 - 00006790 _____ C:\AdwCleaner[S2].txt
2013-07-13 14:06 - 2013-07-13 14:06 - 00662345 _____ C:\Users\Krystel\Downloads\AdwCleaner.exe
2013-07-13 14:06 - 2013-07-13 14:06 - 00006753 _____ C:\AdwCleaner[R2].txt
2013-07-13 01:35 - 2013-07-13 01:35 - 00617312 _____ (www.download-sponsor.de) C:\Users\Krystel\Downloads\296.10__desktop_win7_winvista_64bit_universal_whql.exe
2013-07-12 13:43 - 2013-05-29 08:15 - 17829376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-12 13:43 - 2013-05-29 07:50 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-12 13:43 - 2013-05-29 07:43 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-12 13:43 - 2013-05-29 07:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-12 13:43 - 2013-05-29 07:35 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-12 13:43 - 2013-05-29 07:34 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-12 13:43 - 2013-05-29 07:33 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-12 13:43 - 2013-05-29 07:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-12 13:43 - 2013-05-29 07:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-12 13:43 - 2013-05-29 07:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-12 13:43 - 2013-05-29 07:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-12 13:43 - 2013-05-29 07:27 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-12 13:43 - 2013-05-29 07:27 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-12 13:43 - 2013-05-29 07:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-12 13:43 - 2013-05-29 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-12 13:43 - 2013-05-29 07:18 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-12 13:43 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-12 13:43 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-12 13:43 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-12 13:43 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-12 13:43 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-12 13:43 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-12 13:43 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-12 13:43 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-12 13:43 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-12 13:43 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-12 13:43 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-12 13:43 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-12 13:43 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-12 13:43 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-12 13:43 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-12 13:43 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-11 21:20 - 2013-07-11 21:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-11 21:16 - 2013-06-21 14:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-07-11 21:16 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02597856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-07-11 21:03 - 2013-07-11 21:10 - 229594432 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\320.49-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-07-11 18:12 - 2013-06-01 06:19 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 18:12 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 18:11 - 2013-06-04 04:03 - 02775040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 18:11 - 2013-05-08 06:18 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 18:11 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 18:11 - 2013-04-17 14:32 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-11 18:11 - 2013-04-17 14:32 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-11 18:11 - 2013-04-17 14:32 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-11 18:11 - 2013-04-17 14:32 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-11 18:11 - 2013-04-17 13:29 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-11 18:11 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-11 18:11 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-11 18:11 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-11 18:11 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-11 18:11 - 2013-04-17 13:27 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-11 18:11 - 2013-04-17 13:02 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-11 18:11 - 2013-04-17 12:58 - 01556480 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 18:11 - 2013-04-17 12:58 - 01149440 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-11 18:11 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-11 18:11 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-11 18:11 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-11 18:11 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 18:06 - 2013-07-07 05:43 - 00038505 _____ C:\zoek-results07.07.2013-0543.log
2013-07-10 17:44 - 2013-07-10 17:44 - 00002294 _____ C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-07-10 17:26 - 2013-07-10 17:26 - 00000930 _____ C:\Users\Krystel\Desktop\Cheat Engine.lnk
2013-07-10 17:26 - 2013-07-10 17:26 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.2
2013-07-10 17:25 - 2013-07-10 17:25 - 07280088 _____ (Dark Byte                                                   ) C:\Users\Krystel\Downloads\CheatEngine62 (1).exe
2013-07-09 22:53 - 2013-07-09 23:00 - 00279464 _____ C:\Users\Krystel\Downloads\Margaret - Thank You Very Much.mp3.sfk
2013-07-09 18:42 - 2013-07-09 18:43 - 993908742 _____ C:\Users\Krystel\Downloads\Royal Revenge.rar
2013-07-09 16:57 - 2013-07-09 16:57 - 46185304 _____ C:\Users\Krystel\Downloads\Sexurlaub-EP_Klaus-Bukkake_MC-Baum_MekkroMye_www.meinrap.de-2.zip
2013-07-07 05:59 - 2013-07-19 19:05 - 00000378 _____ C:\Windows\Tasks\Lyrics-Pal Update.job
2013-07-07 05:59 - 2013-07-07 05:59 - 00003030 _____ C:\Windows\System32\Tasks\Lyrics-Pal Update
2013-07-07 05:59 - 2013-07-07 05:59 - 00000000 ____D C:\Program Files (x86)\FoxyDeal
2013-07-07 05:58 - 2013-07-07 05:58 - 00158168 _____ () C:\Users\Krystel\Downloads\CheatEngine62.exe
2013-07-07 05:47 - 2013-03-14 02:00 - 04722728 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des
2013-07-07 05:47 - 2005-01-02 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys
2013-07-07 05:47 - 2003-07-18 23:17 - 00005174 _____ C:\Windows\SysWOW64\nppt9x.vxd
2013-07-07 05:46 - 2013-07-07 05:46 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2013-07-07 05:41 - 2013-07-07 05:41 - 00001513 _____ C:\Users\Public\Desktop\Flyff.lnk
2013-07-07 05:41 - 2013-07-07 05:41 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\PiccShare
2013-07-07 05:41 - 2013-07-07 05:41 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Common
2013-07-07 05:36 - 2013-07-07 05:36 - 00000000 ____D C:\Program Files\gPotato.eu
2013-07-07 05:20 - 2013-07-07 05:19 - 00000396 _____ C:\zoek-results07.07.2013-0519.log
2013-07-07 05:19 - 2013-07-11 18:06 - 00002284 _____ C:\zoek-results.log
2013-07-07 05:19 - 2013-07-07 05:19 - 01273625 _____ C:\Users\Krystel\Desktop\zoek.exe
2013-07-07 05:14 - 2013-07-07 05:14 - 00695128 _____ C:\Users\Krystel\Downloads\Flyff_DE.exe
2013-07-07 05:13 - 2013-07-07 05:13 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-07 05:13 - 2013-07-07 05:13 - 00000000 _____ C:\autoexec.bat
2013-07-07 05:12 - 2013-07-07 05:18 - 00000000 ____D C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-07 05:10 - 2013-07-07 05:10 - 00726464 _____ (Enigma Software Group USA, LLC.) C:\Users\Krystel\Downloads\SpyHunter-Installer.exe
2013-07-07 00:14 - 2013-07-17 01:48 - 00000000 ____D C:\Users\Krystel\Desktop\alex
2013-07-06 20:34 - 2013-07-06 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-06 17:56 - 2013-07-06 17:56 - 00210432 _____ C:\Users\Krystel\Downloads\F-Tool (1).exe
2013-07-06 17:55 - 2013-07-06 18:14 - 57125395 _____ C:\Users\Krystel\Downloads\persteasy_-_roughnecks_aufgepasst_ep.zip
2013-07-04 18:33 - 2013-07-04 18:33 - 01390098 _____ C:\Users\Krystel\Downloads\FTool Extended.zip
2013-07-04 18:32 - 2013-07-04 18:32 - 00593659 _____ C:\Users\Krystel\Downloads\Renewal-MSX (2).rar
2013-07-04 18:30 - 2013-07-04 18:30 - 00574243 _____ C:\Users\Krystel\Downloads\Renewal-MSX (1).rar
2013-07-04 18:29 - 2013-07-04 18:29 - 00574243 _____ C:\Users\Krystel\Downloads\Renewal-MSX.rar
2013-07-04 16:26 - 2013-07-04 16:26 - 01424839 _____ C:\Users\Krystel\Downloads\FTool Extended.rar
2013-07-04 16:20 - 2013-07-04 16:21 - 00210432 _____ C:\Users\Krystel\Downloads\F-Tool.exe
2013-07-04 00:10 - 2013-07-04 00:10 - 00017586 _____ C:\Users\Krystel\Downloads\Flyff-Bot 2.0.rar
2013-07-03 23:48 - 2013-07-03 23:48 - 00993561 _____ C:\Users\Krystel\Downloads\FlyFF Bot By Incaner.rar
2013-07-03 23:32 - 2013-07-03 23:47 - 00000377 _____ C:\Users\Krystel\SciTE.session
2013-07-03 23:26 - 2013-07-03 23:26 - 07377952 _____ (AutoIt Team) C:\Users\Krystel\Downloads\autoit-v3-setup.exe
2013-07-03 23:26 - 2013-07-03 23:26 - 00000000 ____D C:\Program Files (x86)\AutoIt3
2013-07-03 23:14 - 2013-07-03 23:14 - 00707662 _____ C:\Users\Krystel\Downloads\FlyffBotXenox3.rar
2013-07-02 23:26 - 2013-07-02 23:26 - 00413462 _____ C:\Users\Krystel\Downloads\PublicFlyffBot.rar
2013-07-02 13:38 - 2013-07-02 13:39 - 00002455 _____ C:\AdwCleaner[S1].txt
2013-07-02 13:38 - 2013-07-02 13:38 - 00002531 _____ C:\AdwCleaner[R1].txt
2013-07-01 18:18 - 2013-06-21 14:06 - 00021578 _____ C:\Windows\system32\nvinfo.pb
2013-07-01 18:18 - 2013-02-10 05:25 - 01807136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6420294.dll
2013-07-01 18:18 - 2013-02-10 05:25 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6420162.dll
2013-07-01 18:13 - 2013-07-01 18:15 - 178075832 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\314.07-desktop-win8-win7-winvista-64bit-english-whql.exe
2013-07-01 18:05 - 2013-07-01 18:05 - 00000000 ____D C:\NVIDIA
2013-07-01 18:02 - 2013-07-01 18:04 - 179164720 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\320.49-desktop-win8-win7-winvista-32bit-international-whql.exe
2013-07-01 15:27 - 2013-07-07 05:59 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-07-01 15:27 - 2013-07-01 15:27 - 08062384 _____ (Cheat Engine                                                ) C:\Users\Krystel\Downloads\CheatEngine63.exe
2013-06-29 23:56 - 2013-06-29 23:56 - 08204850 _____ C:\Users\Krystel\Downloads\TwoWorlds.rar
2013-06-29 21:56 - 2013-06-29 21:57 - 00238856 _____ C:\Users\Krystel\Downloads\Thousand Foot Krutch - Phenomenon - 01 Phenomenon.mp3.sfk
2013-06-29 20:48 - 2013-06-29 20:53 - 01100656 _____ C:\Users\Krystel\Downloads\Epic Music Mix 4 (With Vocals).mp3.sfk
2013-06-29 20:19 - 2013-06-29 20:21 - 00083296 _____ C:\Users\Krystel\Downloads\pulsestylez DUBSTEP MASSACRE #1 CSS Frag Clip.mp4.sfk
2013-06-29 20:17 - 2013-06-29 20:18 - 21569004 _____ C:\Users\Krystel\Downloads\pulsestylez DUBSTEP MASSACRE #1 CSS Frag Clip.mp4
2013-06-29 20:12 - 2013-06-29 20:12 - 00903080 _____ (Oracle Corporation) C:\Users\Krystel\Downloads\chromeinstall-7u25.exe
2013-06-26 22:53 - 2013-07-14 01:36 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\vlc
2013-06-26 22:51 - 2013-06-26 22:51 - 00000000 ____D C:\Program Files\VideoLAN
2013-06-26 22:50 - 2013-06-26 22:50 - 23229256 _____ C:\Users\Krystel\Downloads\vlc-2.0.7-win64.exe
2013-06-26 22:17 - 2013-06-26 22:17 - 00284648 _____ C:\Users\Krystel\Downloads\Joywave - Tongues (feat Kopps) (RAC Remix).mp3.sfk
2013-06-26 22:17 - 2013-06-26 22:17 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Sony Creative Software Inc
2013-06-26 21:57 - 2013-06-26 22:15 - 00341776 _____ C:\Users\Krystel\Downloads\Chori Chori Video.mp3.sfk
2013-06-25 15:06 - 2013-06-25 15:15 - 681092659 _____ C:\Users\Krystel\Downloads\project-flyff.rar
2013-06-24 14:37 - 2013-06-24 14:53 - 972769591 _____ C:\Users\Krystel\Downloads\LightningGraveV3.7z
2013-06-23 23:06 - 2013-06-23 23:06 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\DivX
2013-06-23 23:01 - 2013-07-14 15:34 - 00000000 ____D C:\Program Files\DivX
2013-06-23 22:59 - 2013-07-14 15:34 - 00000000 ____D C:\ProgramData\DivX
2013-06-23 22:59 - 2013-06-23 22:59 - 00957248 _____ (DivX, LLC) C:\Users\Krystel\Downloads\DivXInstaller.exe
2013-06-23 22:53 - 2013-06-23 22:53 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-06-23 22:53 - 2013-05-27 15:07 - 00112640 _____ C:\Windows\SysWOW64\ff_vfw.dll
2013-06-23 22:52 - 2013-06-23 22:52 - 04730223 _____ (ffdshow                                                     ) C:\Users\Krystel\Downloads\ffdshow_rev4513_20130525_clsid (1).exe
2013-06-23 22:36 - 2013-06-23 22:36 - 01361419 _____ C:\Users\Krystel\Downloads\MatroskaSplitter.exe
2013-06-23 22:36 - 2013-06-23 22:36 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-06-23 22:36 - 2013-06-23 22:36 - 00000000 ____D C:\Program Files (x86)\Haali
2013-06-23 22:35 - 2013-06-23 22:35 - 04730223 _____ (ffdshow                                                     ) C:\Users\Krystel\Downloads\ffdshow_rev4513_20130525_clsid.exe
2013-06-23 22:33 - 2013-06-23 22:34 - 00000000 ____D C:\Users\Krystel\Desktop\idk
2013-06-23 22:33 - 2013-06-23 22:33 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2013-06-23 22:33 - 2013-06-23 22:33 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-06-23 22:32 - 2013-06-23 22:33 - 41754896 _____ C:\Users\Krystel\Downloads\RipBot264v1.17.4 (1).7z
2013-06-23 22:25 - 2013-06-23 22:28 - 221698044 _____ C:\Users\Krystel\Downloads\Cani.rar
2013-06-23 15:59 - 2013-06-23 15:59 - 00163288 _____ () C:\Users\Krystel\Downloads\BeautifulESvonSchriftartenFontsde_downloader_by_SchriftartenFontsde.exe
2013-06-23 15:59 - 2013-06-23 15:59 - 00043113 _____ C:\Users\Krystel\Downloads\beautiful_es.zip
2013-06-23 15:20 - 2013-06-23 15:20 - 00243280 _____ C:\Users\Krystel\Downloads\AchtVier - Du und wer noch  (16BARSTV PREMIERE).mp3.sfk
2013-06-22 22:51 - 2013-06-22 22:51 - 01924052 _____ C:\Users\Krystel\Downloads\aaleems 1.5k CC Pack!!! (1).rar
2013-06-22 22:47 - 2013-06-22 22:47 - 01924052 _____ C:\Users\Krystel\Downloads\aaleems 1.5k CC Pack!!!.rar
2013-06-20 21:54 - 2013-06-20 21:55 - 00367480 _____ C:\Users\Krystel\Downloads\KIZ-Spast [Lyrics].mp3.sfk

==================== One Month Modified Files and Folders =======

2013-07-19 19:55 - 2013-07-19 19:55 - 01778207 _____ (Farbar) C:\Users\Krystel\Desktop\FRST64.exe
2013-07-19 19:55 - 2013-07-19 19:55 - 00000000 ____D C:\FRST
2013-07-19 19:55 - 2013-07-19 18:50 - 00000000 ____D C:\Users\Krystel\Desktop\board
2013-07-19 19:38 - 2013-07-19 19:38 - 00000072 _____ C:\Users\Krystel\Desktop\Wichtig Motor lackieren Anleitung.txt
2013-07-19 19:16 - 2013-02-03 17:44 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3029538542-3273361527-2256941593-1000UA.job
2013-07-19 19:09 - 2013-02-03 17:27 - 01966380 _____ C:\Windows\WindowsUpdate.log
2013-07-19 19:05 - 2013-07-07 05:59 - 00000378 _____ C:\Windows\Tasks\Lyrics-Pal Update.job
2013-07-19 19:05 - 2006-11-02 17:07 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-07-19 19:04 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-19 19:04 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-19 19:04 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-19 19:03 - 2006-11-02 17:42 - 00032534 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-19 18:57 - 2013-03-13 10:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-19 18:51 - 2013-07-19 18:51 - 00000000 _____ C:\Users\Krystel\defogger_reenable
2013-07-19 18:51 - 2013-02-03 17:32 - 00000000 ____D C:\Users\Krystel
2013-07-19 17:35 - 2013-07-19 17:35 - 00001797 _____ C:\Users\Krystel\Desktop\old.txt
2013-07-19 16:14 - 2013-05-13 16:24 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\BoL
2013-07-19 14:45 - 2013-07-19 14:45 - 00001989 _____ C:\AdwCleaner[S4].txt
2013-07-19 14:45 - 2013-06-05 09:12 - 00001501 _____ C:\Windows\DeleteOnReboot.bat
2013-07-19 14:44 - 2013-07-19 14:44 - 00001915 _____ C:\AdwCleaner[R4].txt
2013-07-19 05:29 - 2013-05-07 19:18 - 00003706 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0F134943-7C99-49C6-907B-5B3836641A3D}
2013-07-18 17:29 - 2013-02-04 14:38 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\TS3Client
2013-07-17 14:16 - 2013-02-03 17:43 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3029538542-3273361527-2256941593-1000Core.job
2013-07-17 01:48 - 2013-07-07 00:14 - 00000000 ____D C:\Users\Krystel\Desktop\alex
2013-07-17 01:47 - 2013-03-03 18:46 - 00000000 ____D C:\Users\Krystel\Desktop\qmacro
2013-07-17 01:46 - 2013-02-03 18:27 - 00056320 _____ C:\Users\Krystel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-15 22:29 - 2013-07-15 13:06 - 00000848 _____ C:\Windows\PFRO.log
2013-07-15 22:28 - 2013-07-15 22:27 - 00002424 _____ C:\AdwCleaner[S3].txt
2013-07-15 22:26 - 2013-07-15 22:26 - 00002249 _____ C:\AdwCleaner[R3].txt
2013-07-15 20:57 - 2013-07-15 20:57 - 00000000 ____D C:\Users\Krystel\AppData\Local\NVIDIA
2013-07-15 20:57 - 2013-02-03 18:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-07-15 13:11 - 2013-03-13 10:31 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-15 13:11 - 2013-03-13 10:31 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-15 13:11 - 2013-03-13 10:31 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-15 13:11 - 2013-02-14 06:55 - 00000000 ____D C:\Users\Krystel\AppData\Local\Adobe
2013-07-15 13:07 - 2013-07-15 13:07 - 00000000 ____D C:\Program Files (x86)\LyricsPal
2013-07-14 20:45 - 2013-06-15 21:26 - 00000000 ____D C:\Program Files (x86)\puush
2013-07-14 15:36 - 2013-02-14 07:02 - 00000000 ____D C:\Program Files (x86)\Steam
2013-07-14 15:36 - 2013-02-04 10:17 - 00000000 ____D C:\Windows\Minidump
2013-07-14 15:34 - 2013-06-23 23:01 - 00000000 ____D C:\Program Files\DivX
2013-07-14 15:34 - 2013-06-23 22:59 - 00000000 ____D C:\ProgramData\DivX
2013-07-14 15:31 - 2013-06-11 16:50 - 00000000 ____D C:\Program Files (x86)\«öÁäºëÆF
2013-07-14 15:31 - 2013-02-20 09:07 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-07-14 15:31 - 2013-02-03 19:25 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-14 15:30 - 2013-02-24 17:15 - 00000000 ____D C:\Program Files (x86)\UltraISO
2013-07-14 15:30 - 2013-02-03 17:31 - 00000000 ____D C:\Program Files (x86)\Fujitsu Siemens Computers
2013-07-14 15:28 - 2013-07-14 15:28 - 00000776 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-07-14 15:28 - 2013-06-05 21:40 - 00000000 ____D C:\Program Files\CCleaner
2013-07-14 15:27 - 2013-07-14 15:27 - 04396440 _____ (Piriform Ltd) C:\Users\Krystel\Downloads\ccsetup403.exe
2013-07-14 05:57 - 2013-07-14 05:57 - 00000000 ____D C:\Users\Krystel\AppData\Local\master131
2013-07-14 05:55 - 2013-07-14 05:55 - 00417036 _____ C:\Users\Krystel\Downloads\hook.rar
2013-07-14 05:40 - 2013-07-14 05:40 - 00000000 ____D C:\Users\Krystel\AppData\Local\TrinityEntertainmentNetwo
2013-07-14 05:39 - 2013-07-14 05:39 - 00572128 _____ C:\Users\Krystel\Downloads\BlackDragonInjector.rar
2013-07-14 05:37 - 2013-06-10 21:13 - 00000000 ____D C:\Users\Krystel\Desktop\FlyFF
2013-07-14 05:20 - 2013-07-14 05:20 - 00374495 _____ C:\Users\Krystel\Downloads\FlyFF Infiltration Hack.zip
2013-07-14 05:20 - 2013-02-03 17:49 - 00000000 ____D C:\Users\Krystel\Desktop\Trash
2013-07-14 04:59 - 2013-07-14 04:59 - 02231481 _____ C:\Users\Krystel\Downloads\Twixtor for Vegas Pro 12.zip
2013-07-14 01:36 - 2013-06-26 22:53 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\vlc
2013-07-14 00:31 - 2013-07-14 00:27 - 00109904 _____ C:\Users\Krystel\Downloads\Afi-Prelude(Lyrics).mp3.sfk
2013-07-13 19:22 - 2013-02-03 17:50 - 00002058 _____ C:\Users\Krystel\Desktop\Google Chrome.lnk
2013-07-13 14:11 - 2013-02-03 17:44 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3029538542-3273361527-2256941593-1000UA
2013-07-13 14:11 - 2013-02-03 17:43 - 00003710 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3029538542-3273361527-2256941593-1000Core
2013-07-13 14:07 - 2013-07-13 14:06 - 00006790 _____ C:\AdwCleaner[S2].txt
2013-07-13 14:06 - 2013-07-13 14:06 - 00662345 _____ C:\Users\Krystel\Downloads\AdwCleaner.exe
2013-07-13 14:06 - 2013-07-13 14:06 - 00006753 _____ C:\AdwCleaner[R2].txt
2013-07-13 01:35 - 2013-07-13 01:35 - 00617312 _____ (www.download-sponsor.de) C:\Users\Krystel\Downloads\296.10__desktop_win7_winvista_64bit_universal_whql.exe
2013-07-12 14:00 - 2006-11-02 17:21 - 00282952 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 13:58 - 2006-11-02 17:07 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-07-12 13:58 - 2006-11-02 17:07 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-12 13:54 - 2006-11-02 14:35 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-07-11 23:45 - 2013-02-11 00:45 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Spotify
2013-07-11 23:43 - 2013-02-11 00:45 - 00000000 ____D C:\Users\Krystel\AppData\Local\Spotify
2013-07-11 21:43 - 2008-01-21 13:10 - 00006972 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-11 21:43 - 2008-01-21 13:09 - 02640946 _____ C:\Windows\system32\perfh007.dat
2013-07-11 21:43 - 2008-01-21 13:09 - 00778750 _____ C:\Windows\system32\perfc007.dat
2013-07-11 21:21 - 2013-02-03 18:27 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-11 21:20 - 2013-07-11 21:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-11 21:20 - 2009-01-26 12:49 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-11 21:10 - 2013-07-11 21:03 - 229594432 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\320.49-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-07-11 18:06 - 2013-07-07 05:19 - 00002284 _____ C:\zoek-results.log
2013-07-10 17:44 - 2013-07-10 17:44 - 00002294 _____ C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-07-10 17:26 - 2013-07-10 17:26 - 00000930 _____ C:\Users\Krystel\Desktop\Cheat Engine.lnk
2013-07-10 17:26 - 2013-07-10 17:26 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.2
2013-07-10 17:25 - 2013-07-10 17:25 - 07280088 _____ (Dark Byte                                                   ) C:\Users\Krystel\Downloads\CheatEngine62 (1).exe
2013-07-09 23:00 - 2013-07-09 22:53 - 00279464 _____ C:\Users\Krystel\Downloads\Margaret - Thank You Very Much.mp3.sfk
2013-07-09 18:43 - 2013-07-09 18:42 - 993908742 _____ C:\Users\Krystel\Downloads\Royal Revenge.rar
2013-07-09 16:57 - 2013-07-09 16:57 - 46185304 _____ C:\Users\Krystel\Downloads\Sexurlaub-EP_Klaus-Bukkake_MC-Baum_MekkroMye_www.meinrap.de-2.zip
2013-07-07 23:26 - 2013-02-03 17:33 - 00000000 ____D C:\Users\Krystel\AppData\Local\VirtualStore
2013-07-07 05:59 - 2013-07-07 05:59 - 00003030 _____ C:\Windows\System32\Tasks\Lyrics-Pal Update
2013-07-07 05:59 - 2013-07-07 05:59 - 00000000 ____D C:\Program Files (x86)\FoxyDeal
2013-07-07 05:59 - 2013-07-01 15:27 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-07-07 05:58 - 2013-07-07 05:58 - 00158168 _____ () C:\Users\Krystel\Downloads\CheatEngine62.exe
2013-07-07 05:46 - 2013-07-07 05:46 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2013-07-07 05:43 - 2013-07-11 18:06 - 00038505 _____ C:\zoek-results07.07.2013-0543.log
2013-07-07 05:43 - 2013-02-03 17:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-07 05:41 - 2013-07-07 05:41 - 00001513 _____ C:\Users\Public\Desktop\Flyff.lnk
2013-07-07 05:41 - 2013-07-07 05:41 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\PiccShare
2013-07-07 05:41 - 2013-07-07 05:41 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Common
2013-07-07 05:36 - 2013-07-07 05:36 - 00000000 ____D C:\Program Files\gPotato.eu
2013-07-07 05:19 - 2013-07-07 05:20 - 00000396 _____ C:\zoek-results07.07.2013-0519.log
2013-07-07 05:19 - 2013-07-07 05:19 - 01273625 _____ C:\Users\Krystel\Desktop\zoek.exe
2013-07-07 05:18 - 2013-07-07 05:12 - 00000000 ____D C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-07 05:14 - 2013-07-07 05:14 - 00695128 _____ C:\Users\Krystel\Downloads\Flyff_DE.exe
2013-07-07 05:13 - 2013-07-07 05:13 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-07 05:13 - 2013-07-07 05:13 - 00000000 _____ C:\autoexec.bat
2013-07-07 05:10 - 2013-07-07 05:10 - 00726464 _____ (Enigma Software Group USA, LLC.) C:\Users\Krystel\Downloads\SpyHunter-Installer.exe
2013-07-06 20:34 - 2013-07-06 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-06 18:14 - 2013-07-06 17:55 - 57125395 _____ C:\Users\Krystel\Downloads\persteasy_-_roughnecks_aufgepasst_ep.zip
2013-07-06 17:56 - 2013-07-06 17:56 - 00210432 _____ C:\Users\Krystel\Downloads\F-Tool (1).exe
2013-07-04 18:33 - 2013-07-04 18:33 - 01390098 _____ C:\Users\Krystel\Downloads\FTool Extended.zip
2013-07-04 18:32 - 2013-07-04 18:32 - 00593659 _____ C:\Users\Krystel\Downloads\Renewal-MSX (2).rar
2013-07-04 18:30 - 2013-07-04 18:30 - 00574243 _____ C:\Users\Krystel\Downloads\Renewal-MSX (1).rar
2013-07-04 18:29 - 2013-07-04 18:29 - 00574243 _____ C:\Users\Krystel\Downloads\Renewal-MSX.rar
2013-07-04 16:26 - 2013-07-04 16:26 - 01424839 _____ C:\Users\Krystel\Downloads\FTool Extended.rar
2013-07-04 16:21 - 2013-07-04 16:20 - 00210432 _____ C:\Users\Krystel\Downloads\F-Tool.exe
2013-07-04 00:10 - 2013-07-04 00:10 - 00017586 _____ C:\Users\Krystel\Downloads\Flyff-Bot 2.0.rar
2013-07-03 23:48 - 2013-07-03 23:48 - 00993561 _____ C:\Users\Krystel\Downloads\FlyFF Bot By Incaner.rar
2013-07-03 23:47 - 2013-07-03 23:32 - 00000377 _____ C:\Users\Krystel\SciTE.session
2013-07-03 23:26 - 2013-07-03 23:26 - 07377952 _____ (AutoIt Team) C:\Users\Krystel\Downloads\autoit-v3-setup.exe
2013-07-03 23:26 - 2013-07-03 23:26 - 00000000 ____D C:\Program Files (x86)\AutoIt3
2013-07-03 23:26 - 2006-11-02 17:07 - 00000000 ____D C:\Windows\ShellNew
2013-07-03 23:14 - 2013-07-03 23:14 - 00707662 _____ C:\Users\Krystel\Downloads\FlyffBotXenox3.rar
2013-07-02 23:26 - 2013-07-02 23:26 - 00413462 _____ C:\Users\Krystel\Downloads\PublicFlyffBot.rar
2013-07-02 13:39 - 2013-07-02 13:38 - 00002455 _____ C:\AdwCleaner[S1].txt
2013-07-02 13:38 - 2013-07-02 13:38 - 00002531 _____ C:\AdwCleaner[R1].txt
2013-07-01 18:15 - 2013-07-01 18:13 - 178075832 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\314.07-desktop-win8-win7-winvista-64bit-english-whql.exe
2013-07-01 18:05 - 2013-07-01 18:05 - 00000000 ____D C:\NVIDIA
2013-07-01 18:04 - 2013-07-01 18:02 - 179164720 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\320.49-desktop-win8-win7-winvista-32bit-international-whql.exe
2013-07-01 15:27 - 2013-07-01 15:27 - 08062384 _____ (Cheat Engine                                                ) C:\Users\Krystel\Downloads\CheatEngine63.exe
2013-06-29 23:56 - 2013-06-29 23:56 - 08204850 _____ C:\Users\Krystel\Downloads\TwoWorlds.rar
2013-06-29 21:57 - 2013-06-29 21:56 - 00238856 _____ C:\Users\Krystel\Downloads\Thousand Foot Krutch - Phenomenon - 01 Phenomenon.mp3.sfk
2013-06-29 20:53 - 2013-06-29 20:48 - 01100656 _____ C:\Users\Krystel\Downloads\Epic Music Mix 4 (With Vocals).mp3.sfk
2013-06-29 20:21 - 2013-06-29 20:19 - 00083296 _____ C:\Users\Krystel\Downloads\pulsestylez DUBSTEP MASSACRE #1 CSS Frag Clip.mp4.sfk
2013-06-29 20:18 - 2013-06-29 20:17 - 21569004 _____ C:\Users\Krystel\Downloads\pulsestylez DUBSTEP MASSACRE #1 CSS Frag Clip.mp4
2013-06-29 20:14 - 2013-03-11 18:31 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-29 20:14 - 2013-03-11 18:31 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-29 20:12 - 2013-06-29 20:12 - 00903080 _____ (Oracle Corporation) C:\Users\Krystel\Downloads\chromeinstall-7u25.exe
2013-06-28 19:24 - 2013-03-13 10:50 - 00000000 ____D C:\Users\Krystel\AppData\Local\Akamai
2013-06-26 22:51 - 2013-06-26 22:51 - 00000000 ____D C:\Program Files\VideoLAN
2013-06-26 22:50 - 2013-06-26 22:50 - 23229256 _____ C:\Users\Krystel\Downloads\vlc-2.0.7-win64.exe
2013-06-26 22:17 - 2013-06-26 22:17 - 00284648 _____ C:\Users\Krystel\Downloads\Joywave - Tongues (feat Kopps) (RAC Remix).mp3.sfk
2013-06-26 22:17 - 2013-06-26 22:17 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Sony Creative Software Inc
2013-06-26 22:15 - 2013-06-26 21:57 - 00341776 _____ C:\Users\Krystel\Downloads\Chori Chori Video.mp3.sfk
2013-06-25 15:15 - 2013-06-25 15:06 - 681092659 _____ C:\Users\Krystel\Downloads\project-flyff.rar
2013-06-24 14:53 - 2013-06-24 14:37 - 972769591 _____ C:\Users\Krystel\Downloads\LightningGraveV3.7z
2013-06-23 23:07 - 2013-02-03 17:34 - 00066488 _____ C:\Users\Krystel\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-23 23:06 - 2013-06-23 23:06 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\DivX
2013-06-23 22:59 - 2013-06-23 22:59 - 00957248 _____ (DivX, LLC) C:\Users\Krystel\Downloads\DivXInstaller.exe
2013-06-23 22:53 - 2013-06-23 22:53 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-06-23 22:52 - 2013-06-23 22:52 - 04730223 _____ (ffdshow                                                     ) C:\Users\Krystel\Downloads\ffdshow_rev4513_20130525_clsid (1).exe
2013-06-23 22:36 - 2013-06-23 22:36 - 01361419 _____ C:\Users\Krystel\Downloads\MatroskaSplitter.exe
2013-06-23 22:36 - 2013-06-23 22:36 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-06-23 22:36 - 2013-06-23 22:36 - 00000000 ____D C:\Program Files (x86)\Haali
2013-06-23 22:35 - 2013-06-23 22:35 - 04730223 _____ (ffdshow                                                     ) C:\Users\Krystel\Downloads\ffdshow_rev4513_20130525_clsid.exe
2013-06-23 22:34 - 2013-06-23 22:33 - 00000000 ____D C:\Users\Krystel\Desktop\idk
2013-06-23 22:34 - 2013-05-06 01:26 - 00000000 ____D C:\Users\Krystel\Desktop\LoLZeug
2013-06-23 22:33 - 2013-06-23 22:33 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2013-06-23 22:33 - 2013-06-23 22:33 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-06-23 22:33 - 2013-06-23 22:32 - 41754896 _____ C:\Users\Krystel\Downloads\RipBot264v1.17.4 (1).7z
2013-06-23 22:28 - 2013-06-23 22:25 - 221698044 _____ C:\Users\Krystel\Downloads\Cani.rar
2013-06-23 15:59 - 2013-06-23 15:59 - 00163288 _____ () C:\Users\Krystel\Downloads\BeautifulESvonSchriftartenFontsde_downloader_by_SchriftartenFontsde.exe
2013-06-23 15:59 - 2013-06-23 15:59 - 00043113 _____ C:\Users\Krystel\Downloads\beautiful_es.zip
2013-06-23 15:20 - 2013-06-23 15:20 - 00243280 _____ C:\Users\Krystel\Downloads\AchtVier - Du und wer noch  (16BARSTV PREMIERE).mp3.sfk
2013-06-22 23:38 - 2013-03-03 00:42 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Sony
2013-06-22 22:51 - 2013-06-22 22:51 - 01924052 _____ C:\Users\Krystel\Downloads\aaleems 1.5k CC Pack!!! (1).rar
2013-06-22 22:47 - 2013-06-22 22:47 - 01924052 _____ C:\Users\Krystel\Downloads\aaleems 1.5k CC Pack!!!.rar
2013-06-22 01:11 - 2013-06-11 17:59 - 00000000 ____D C:\Program Files (x86)\MacroGamer
2013-06-21 14:06 - 2013-07-11 21:16 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-06-21 14:06 - 2013-07-11 21:16 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02597856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-06-21 14:06 - 2013-07-01 18:18 - 00021578 _____ C:\Windows\system32\nvinfo.pb
2013-06-21 14:06 - 2013-02-03 18:24 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-06-21 14:06 - 2013-02-03 18:24 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-06-21 14:06 - 2009-01-26 11:37 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-06-21 14:06 - 2009-01-26 11:37 - 12427240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-21 14:06 - 2009-01-26 11:37 - 02936208 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-06-21 12:23 - 2013-02-03 18:26 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-06-21 12:23 - 2009-01-26 11:37 - 06496544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-06-21 12:23 - 2009-01-26 11:37 - 03514656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-06-21 12:23 - 2009-01-26 11:37 - 02555680 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-06-21 12:23 - 2009-01-26 11:37 - 00884512 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-06-21 12:23 - 2009-01-26 11:37 - 00237856 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-06-21 08:10 - 2013-05-06 18:53 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\CorelHomeOffice
2013-06-20 21:55 - 2013-06-20 21:54 - 00367480 _____ C:\Users\Krystel\Downloads\KIZ-Spast [Lyrics].mp3.sfk
2013-06-19 16:11 - 2013-06-11 16:50 - 00054816 _____ (vrBrothers Corporation. ) C:\Windows\SysWOW64\qdisp.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-19 19:11

==================== End Of Log ============================
         

--- --- ---


Addition

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-07-2013
Ran by Krystel at 2013-07-19 19:56:36
Running from C:\Users\Krystel\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
Adobe AIR (x32 Version: 3.6.0.5970)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader 9 - Deutsch (x32 Version: 9.0.0)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.0.112)
Akamai NetSession Interface (HKCU)
AutoIt v3.3.8.1 (x32)
Avira Free Antivirus (x32 Version: 13.0.0.3882)
AviSynth 2.5 (x32)
Call of Duty: Modern Warfare 2 (x32)
Cheat Engine 6.2 (x32)
Cheat Engine 6.3 (x32)
Corel Home Office 5.0.36 (x32 Version: 5)
Counter-Strike: Source (x32)
Crossfire Europe (x32 Version: 1.144)
CyberGhost VPN
eaner (Version: 4.03)
ElsterFormular (x32 Version: 14.0.0.10960)
Energy Settings (x32 Version: 1.0.7)
EPSON Scan (x32)
EPSON SX110 Series Printer Uninstall
ffdshow v1.3.4513 [2013-05-25] (x32 Version: 1.3.4513.0)
Flyff (x32 Version: Flyff)
Fraps (remove only) (x32)
Garena *^¶¯Áp·ù¡]¥xÆW¡^ (x32 Version: 2013)
Google Chrome (HKCU Version: 28.0.1500.72)
Haali Media Splitter (x32)
ICQ 8.0 (build 5999, für aktuellen Benutzer) (HKCU Version: 8.0.5999.0)
League of Legends (x32 Version: 1.3)
LibUSB-Win32-0.1.10.1 (x32 Version: 0.1.10.1)
LOLReplay (x32 Version: 0.8.2.1)
MacroGamer 2.7.5 (x32)
Magic Bullet Suite 64-bit (Version: 11.4.1)
Magic Bullet Suite 64-bit (x32 Version: 11.4.1)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MotioninJoy ds3 driver version 0.5.0002 (Version: 0.5.0002)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT Redists (Version: 1.0)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MyFreeCodec (HKCU)
NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49)
NVIDIA Drivers
NVIDIA GeForce Experience 1.5 (Version: 1.5)
NVIDIA Grafiktreiber 320.49 (Version: 320.49)
NVIDIA Install Application (Version: 2.1002.124.810)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
NVIDIA Update 4.11.9 (Version: 4.11.9)
NVIDIA Update Components (Version: 4.11.9)
Preset Manager 2.0 (x32 Version: 2.0.114)
puush (x32 Version: 1.0.0.0)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662)
Samsung New PC Studio (x32 Version: 1.00.0000)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.650.0)
Snap.Do Engine (HKCU Version: 1.20.1.10742)
Spotify (HKCU Version: 0.9.1.53.g876fa9df)
Steam (x32 Version: 1.0.0.0)
swMSM (x32 Version: 12.0.0.1)
TeamSpeak 3 Client (Version: 3.0.10.1)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (x32 Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
Vegas Pro 12.0 (64-bit) (Version: 12.0.486)
VLC media player 2.0.7 (Version: 2.0.7)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)

==================== Restore Points  =========================

14-07-2013 13:22:40 Removed Samsung S5230 Wallpaper Creator
14-07-2013 13:24:43 Removed Snap.Do
14-07-2013 13:25:25 Removed Snap.Do
14-07-2013 13:26:59 Removed Snap.Do
14-07-2013 13:28:51 Removed Snap.Do
14-07-2013 13:30:19 Removed SystemDiagnostics
14-07-2013 13:31:19 Entfernt Samsung PC Studio 3
14-07-2013 13:31:59 Removed Java 7 Update 25
15-07-2013 18:29:09 Geplanter Prüfpunkt
19-07-2013 05:42:49 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {2945B9FE-084F-4D80-A934-63A2955DC6CD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2009-12-02] (Microsoft Corporation)
Task: {4E946E6C-49EC-4FD9-8F58-EB5AF1752C5D} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {6247F354-2176-42D8-8164-C9DED3BA6D5B} - \BrowserDefendert No Task File
Task: {7A6AF429-D83D-431D-895C-CD0AFCE449A1} - \EPUpdater No Task File
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {91247250-F85D-44DB-9B90-01016972E43B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-15] (Adobe Systems Incorporated)
Task: {95DF4C1A-829B-46E5-907C-5E08B4A22638} - System32\Tasks\Lyrics-Pal Update => C:\Program Files (x86)\LyricsPal\Lyrics.exe [2013-07-15] (LyricsPal Soft. LTD)
Task: {A07CFE55-69EC-4834-AE9A-41043ABF8D7C} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)
Task: {A9683382-0125-42BE-A29E-E39819CD3AF7} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {ABBE2436-F284-4244-B01A-9254C426B377} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3029538542-3273361527-2256941593-1000UA => C:\Users\Krystel\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-03] (Google Inc.)
Task: {C4869DD2-1DBF-4050-BFC5-5397230DF37A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {ED10CB18-3543-4D61-BFD4-DA0A141D4416} - System32\Tasks\User_Feed_Synchronization-{0F134943-7C99-49C6-907B-5B3836641A3D} => C:\Windows\system32\msfeedssync.exe [2013-05-07] (Microsoft Corporation)
Task: {F66B428C-08CF-46CB-8BC5-8932BF29CF09} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3029538542-3273361527-2256941593-1000Core => C:\Users\Krystel\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-03] (Google Inc.)
Task: {F7DF89E6-8DF2-42AB-9D4B-EF29A155641A} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Common\Red Giant Link.exe [2012-06-25] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3029538542-3273361527-2256941593-1000Core.job => C:\Users\Krystel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3029538542-3273361527-2256941593-1000UA.job => C:\Users\Krystel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Lyrics-Pal Update.job => C:\Program Files (x86)\LyricsPal\Lyrics.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/19/2013 07:10:34 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung gmer_2.1.19163.exe, Version 2.1.19163.0, Zeitstempel 0x515d31f0, fehlerhaftes Modul gmer_2.1.19163.exe, Version 2.1.19163.0, Zeitstempel 0x515d31f0, Ausnahmecode 0xc0000005, Fehleroffset 0x0000218a,
Prozess-ID 0xa1c, Anwendungsstartzeit gmer_2.1.19163.exe0.

Error: (07/19/2013 07:05:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/19/2013 02:48:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/19/2013 02:40:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/18/2013 06:50:04 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung rads_user_kernel.exe, Version 0.0.0.0, Zeitstempel 0x4e65c1ac, fehlerhaftes Modul rads_user_kernel.exe, Version 0.0.0.0, Zeitstempel 0x4e65c1ac, Ausnahmecode 0xc0000005, Fehleroffset 0x000b8554,
Prozess-ID 0x1464, Anwendungsstartzeit rads_user_kernel.exe0.

Error: (07/18/2013 06:49:59 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung rads_user_kernel.exe, Version 0.0.0.0, Zeitstempel 0x4e65c1ac, fehlerhaftes Modul rads_user_kernel.exe, Version 0.0.0.0, Zeitstempel 0x4e65c1ac, Ausnahmecode 0xc0000005, Fehleroffset 0x000b8554,
Prozess-ID 0xd1c, Anwendungsstartzeit rads_user_kernel.exe0.

Error: (07/18/2013 03:28:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2013 07:32:09 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2013 01:51:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2013 01:42:25 AM) (Source: Application Hang) (User: )
Description: Programm Neuz.exe, Version 3.8.22.1 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 808
Anfangszeit: 01ce827e142ddd35
Zeitpunkt der Beendigung: 82


System errors:
=============
Error: (07/19/2013 07:10:21 PM) (Source: nvstor64) (User: )
Description: Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden.

Error: (07/19/2013 07:10:17 PM) (Source: nvstor64) (User: )
Description: Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden.

Error: (07/19/2013 07:08:56 PM) (Source: nvstor64) (User: )
Description: Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden.

Error: (07/19/2013 07:08:10 PM) (Source: nvstor64) (User: )
Description: Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden.

Error: (07/19/2013 07:05:56 PM) (Source: Service Control Manager) (User: )
Description: StarOpen

Error: (07/19/2013 07:05:56 PM) (Source: Service Control Manager) (User: )
Description: LibUsb-Win32 - Daemon, Version 0.1.10.1%%2

Error: (07/19/2013 07:04:07 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (07/19/2013 02:48:26 PM) (Source: Service Control Manager) (User: )
Description: StarOpen

Error: (07/19/2013 02:48:26 PM) (Source: Service Control Manager) (User: )
Description: LibUsb-Win32 - Daemon, Version 0.1.10.1%%2

Error: (07/19/2013 02:46:36 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


Microsoft Office Sessions:
=========================
Error: (07/19/2013 07:10:34 PM) (Source: Application Error)(User: )
Description: gmer_2.1.19163.exe2.1.19163.0515d31f0gmer_2.1.19163.exe2.1.19163.0515d31f0c00000050000218aa1c01ce84a254e5ab26

Error: (07/19/2013 07:05:56 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/19/2013 02:48:26 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/19/2013 02:40:16 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/18/2013 06:50:04 PM) (Source: Application Error)(User: )
Description: rads_user_kernel.exe0.0.0.04e65c1acrads_user_kernel.exe0.0.0.04e65c1acc0000005000b8554146401ce83d6da05bfe4

Error: (07/18/2013 06:49:59 PM) (Source: Application Error)(User: )
Description: rads_user_kernel.exe0.0.0.04e65c1acrads_user_kernel.exe0.0.0.04e65c1acc0000005000b8554d1c01ce83d6d2ad98d7

Error: (07/18/2013 03:28:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2013 07:32:09 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2013 01:51:28 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2013 01:42:25 AM) (Source: Application Hang)(User: )
Description: Neuz.exe3.8.22.180801ce827e142ddd3582


CodeIntegrity Errors:
===================================
  Date: 2013-07-19 05:58:29.585
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-19 05:58:29.383
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-19 05:58:29.164
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-19 05:58:28.961
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-19 05:58:28.759
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-19 05:58:28.556
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-19 05:58:28.197
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-19 05:58:27.994
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-19 05:58:27.776
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-19 05:58:27.557
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 48%
Total physical RAM: 4094.32 MB
Available physical RAM: 2112.78 MB
Total Pagefile: 8361.94 MB
Available Pagefile: 6073.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:327.54 GB) (Free:154.31 GB) NTFS (Disk=0 Partition=2) ==>[Drive with boot components (obtained from BCD)]
Drive e: (DATA) (Fixed) (Total:592.25 GB) (Free:496.37 GB) NTFS (Disk=0 Partition=3)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: C347115F)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=328 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=592 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

AdwCleaner löschen.

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

ADW

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v2.305 - Datei am 19/07/2013 um 21:46:15 erstellt
# Aktualisiert am 11/07/2013 von Xplode
# Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Benutzer : Krystel - KRYSTEL-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Krystel\Desktop\AdwCleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\foxydeal.sqlite
Gelöscht mit Neustart : C:\Program Files (x86)\FoxyDeal
Gelöscht mit Neustart : C:\Program Files (x86)\LyricsPal

***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16496

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\prefs.js

Gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
Gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
Gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Gelöscht : user_pref("extensions.helperbar.Visibility", false);

-\\ Google Chrome v28.0.1500.72

Datei : C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.2878] : urls_to_restore_on_startup = [ "hxxp://websearch.mocaflix.com/", "" ]

*************************

AdwCleaner[R1].txt - [2531 octets] - [02/07/2013 13:38:05]
AdwCleaner[R2].txt - [6753 octets] - [13/07/2013 14:06:29]
AdwCleaner[R3].txt - [2249 octets] - [15/07/2013 22:26:20]
AdwCleaner[R4].txt - [1915 octets] - [19/07/2013 14:44:34]
AdwCleaner[R5].txt - [2033 octets] - [19/07/2013 21:45:21]
AdwCleaner[S1].txt - [2455 octets] - [02/07/2013 13:38:43]
AdwCleaner[S2].txt - [6790 octets] - [13/07/2013 14:06:56]
AdwCleaner[S3].txt - [2424 octets] - [15/07/2013 22:27:45]
AdwCleaner[S4].txt - [1989 octets] - [19/07/2013 14:45:05]
AdwCleaner[S5].txt - [1978 octets] - [19/07/2013 21:46:15]

########## EOF - C:\AdwCleaner[S5].txt - [2038 octets] ##########
         

JRT

Code: Alles auswählenAufklappen

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.1.6 (07.17.2013:4)
OS: Windows (TM) Vista Home Premium x64
Ran by Krystel on 19.07.2013 at 21:50:17,02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\searchURL\\Default
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Windows\tasks\Lyrics-Pal Update.job
Successfully deleted: [File] C:\Windows\prefetch\LYRICS.EXE-4954B66E.pf



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\lyricspal"



~~~ FireFox

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\{9309fa47-1b48-4768-afa4-9e0556f5dc81}
Successfully deleted the following from C:\Users\Krystel\AppData\Roaming\mozilla\firefox\profiles\8zu5s3ea.default\prefs.js

user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=db2f991b-106f-477d-a712-c771073b6e79&searchtype=nt&installDate=10/07
user_pref("keyword.URL", "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=db2f991b-106f-477d-a712-c771073b6e79&searchtype=ds&installDate=10/07/2013&q
Emptied folder: C:\Users\Krystel\AppData\Roaming\mozilla\firefox\profiles\8zu5s3ea.default\minidumps [8 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.07.2013 at 21:56:52,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST


FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-07-2013
Ran by Krystel (administrator) on 19-07-2013 21:59:22
Running from C:\Users\Krystel\Desktop\board
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Krystel\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Program Files (x86)\puush\puush.exe
(Spotify Ltd) C:\Users\Krystel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Akamai Technologies, Inc.) C:\Users\Krystel\AppData\Local\Akamai\netsession_win.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKCU\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [2438656 2009-04-11] (Microsoft Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Krystel\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [152064 2008-07-03] (Microsoft Corporation)
HKCU\...\Run: [puush] - C:\Program Files (x86)\puush\puush.exe [567880 2013-07-14] ()
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Krystel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-06-21] (Spotify Ltd)
HKCU\...\Run: [Google Update] - C:\Users\Krystel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-03] (Google Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe [x]
MountPoints2: {8d8777ce-87f9-11e2-83fb-00242150365f} - L:\Install.exe
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [NPSStartup] -  [x]
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-11] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
ShortcutTarget: LOLRecorder.lnk -> C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default
FF Homepage: about:home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Krystel\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Krystel\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\{db2f991b-106f-477d-a712-c771073b6e79}
FF Extension: FoxyDeal - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D}
FF Extension: firebug - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: firefox - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\firefox@mega.co.nz.xpi
FF Extension: No Name - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

Chrome: 
=======
CHR RestoreOnStartup: "hxxp://websearch.mocaflix.com/", ""
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Krystel\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Krystel\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Krystel\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Users\Krystel\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (YouTube) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (AdBlock) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0
CHR Extension: (ProxMate - Improve your Internet!) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm\2.3.8_0
CHR Extension: (Lyrics-Pal) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiopbgcekanlhpjkonogoljpfmhpkhf\1.122_0

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
S2 libusbd; C:\Windows\SysWow64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4722728 2013-03-14] (INCA Internet Co., Ltd.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-27] (Avira Operations GmbH & Co. KG)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 libusb0; C:\Windows\SysWow64\drivers\libusb0.sys [33792 2005-03-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 libusb0; system32\drivers\libusb0.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S1 StarOpen; No ImagePath
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-19 21:56 - 2013-07-19 21:56 - 00003026 _____ C:\Users\Krystel\Desktop\JRT.txt
2013-07-19 21:47 - 2013-07-19 21:47 - 00002107 _____ C:\Users\Krystel\Desktop\AdwCleaner[S5].txt
2013-07-19 21:46 - 2013-07-19 21:46 - 00002107 _____ C:\AdwCleaner[S5].txt
2013-07-19 21:45 - 2013-07-19 21:45 - 00002033 _____ C:\AdwCleaner[R5].txt
2013-07-19 19:55 - 2013-07-19 19:55 - 00000000 ____D C:\FRST
2013-07-19 19:38 - 2013-07-19 19:38 - 00000072 _____ C:\Users\Krystel\Desktop\Wichtig Motor lackieren Anleitung.txt
2013-07-19 18:51 - 2013-07-19 18:51 - 00000000 _____ C:\Users\Krystel\defogger_reenable
2013-07-19 18:50 - 2013-07-19 21:58 - 00000000 ____D C:\Users\Krystel\Desktop\board
2013-07-19 17:35 - 2013-07-19 17:35 - 00001797 _____ C:\Users\Krystel\Desktop\old.txt
2013-07-19 14:45 - 2013-07-19 14:45 - 00001989 _____ C:\AdwCleaner[S4].txt
2013-07-19 14:44 - 2013-07-19 14:44 - 00001915 _____ C:\AdwCleaner[R4].txt
2013-07-15 22:27 - 2013-07-15 22:28 - 00002424 _____ C:\AdwCleaner[S3].txt
2013-07-15 22:26 - 2013-07-15 22:26 - 00002249 _____ C:\AdwCleaner[R3].txt
2013-07-15 20:57 - 2013-07-15 20:57 - 00000000 ____D C:\Users\Krystel\AppData\Local\NVIDIA
2013-07-15 13:06 - 2013-07-15 22:29 - 00000848 _____ C:\Windows\PFRO.log
2013-07-14 15:28 - 2013-07-14 15:28 - 00000776 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-07-14 15:27 - 2013-07-14 15:27 - 04396440 _____ (Piriform Ltd) C:\Users\Krystel\Downloads\ccsetup403.exe
2013-07-14 05:57 - 2013-07-14 05:57 - 00000000 ____D C:\Users\Krystel\AppData\Local\master131
2013-07-14 05:55 - 2013-07-14 05:55 - 00417036 _____ C:\Users\Krystel\Downloads\hook.rar
2013-07-14 05:40 - 2013-07-14 05:40 - 00000000 ____D C:\Users\Krystel\AppData\Local\TrinityEntertainmentNetwo
2013-07-14 05:39 - 2013-07-14 05:39 - 00572128 _____ C:\Users\Krystel\Downloads\BlackDragonInjector.rar
2013-07-14 05:20 - 2013-07-14 05:20 - 00374495 _____ C:\Users\Krystel\Downloads\FlyFF Infiltration Hack.zip
2013-07-14 04:59 - 2013-07-14 04:59 - 02231481 _____ C:\Users\Krystel\Downloads\Twixtor for Vegas Pro 12.zip
2013-07-14 00:27 - 2013-07-14 00:31 - 00109904 _____ C:\Users\Krystel\Downloads\Afi-Prelude(Lyrics).mp3.sfk
2013-07-13 14:06 - 2013-07-13 14:07 - 00006790 _____ C:\AdwCleaner[S2].txt
2013-07-13 14:06 - 2013-07-13 14:06 - 00006753 _____ C:\AdwCleaner[R2].txt
2013-07-13 01:35 - 2013-07-13 01:35 - 00617312 _____ (www.download-sponsor.de) C:\Users\Krystel\Downloads\296.10__desktop_win7_winvista_64bit_universal_whql.exe
2013-07-12 13:43 - 2013-05-29 08:15 - 17829376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-12 13:43 - 2013-05-29 07:50 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-12 13:43 - 2013-05-29 07:43 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-12 13:43 - 2013-05-29 07:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-12 13:43 - 2013-05-29 07:35 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-12 13:43 - 2013-05-29 07:34 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-12 13:43 - 2013-05-29 07:33 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-12 13:43 - 2013-05-29 07:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-12 13:43 - 2013-05-29 07:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-12 13:43 - 2013-05-29 07:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-12 13:43 - 2013-05-29 07:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-12 13:43 - 2013-05-29 07:27 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-12 13:43 - 2013-05-29 07:27 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-12 13:43 - 2013-05-29 07:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-12 13:43 - 2013-05-29 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-12 13:43 - 2013-05-29 07:18 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-12 13:43 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-12 13:43 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-12 13:43 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-12 13:43 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-12 13:43 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-12 13:43 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-12 13:43 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-12 13:43 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-12 13:43 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-12 13:43 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-12 13:43 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-12 13:43 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-12 13:43 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-12 13:43 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-12 13:43 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-12 13:43 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-11 21:20 - 2013-07-11 21:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-11 21:16 - 2013-06-21 14:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-07-11 21:16 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02597856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-07-11 21:03 - 2013-07-11 21:10 - 229594432 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\320.49-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-07-11 18:12 - 2013-06-01 06:19 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 18:12 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 18:11 - 2013-06-04 04:03 - 02775040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 18:11 - 2013-05-08 06:18 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 18:11 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 18:11 - 2013-04-17 14:32 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-11 18:11 - 2013-04-17 14:32 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-11 18:11 - 2013-04-17 14:32 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-11 18:11 - 2013-04-17 14:32 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-11 18:11 - 2013-04-17 13:29 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-11 18:11 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-11 18:11 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-11 18:11 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-11 18:11 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-11 18:11 - 2013-04-17 13:27 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-11 18:11 - 2013-04-17 13:02 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-11 18:11 - 2013-04-17 12:58 - 01556480 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 18:11 - 2013-04-17 12:58 - 01149440 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-11 18:11 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-11 18:11 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-11 18:11 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-11 18:11 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 18:06 - 2013-07-07 05:43 - 00038505 _____ C:\zoek-results07.07.2013-0543.log
2013-07-10 17:44 - 2013-07-10 17:44 - 00002294 _____ C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-07-10 17:26 - 2013-07-10 17:26 - 00000930 _____ C:\Users\Krystel\Desktop\Cheat Engine.lnk
2013-07-10 17:26 - 2013-07-10 17:26 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.2
2013-07-10 17:25 - 2013-07-10 17:25 - 07280088 _____ (Dark Byte                                                   ) C:\Users\Krystel\Downloads\CheatEngine62 (1).exe
2013-07-09 22:53 - 2013-07-09 23:00 - 00279464 _____ C:\Users\Krystel\Downloads\Margaret - Thank You Very Much.mp3.sfk
2013-07-09 18:42 - 2013-07-09 18:43 - 993908742 _____ C:\Users\Krystel\Downloads\Royal Revenge.rar
2013-07-09 16:57 - 2013-07-09 16:57 - 46185304 _____ C:\Users\Krystel\Downloads\Sexurlaub-EP_Klaus-Bukkake_MC-Baum_MekkroMye_www.meinrap.de-2.zip
2013-07-07 05:59 - 2013-07-19 21:48 - 00000378 _____ C:\Windows\Tasks\Lyrics-Pal Update.job
2013-07-07 05:59 - 2013-07-07 05:59 - 00003030 _____ C:\Windows\System32\Tasks\Lyrics-Pal Update
2013-07-07 05:59 - 2013-07-07 05:59 - 00000000 ____D C:\Program Files (x86)\FoxyDeal
2013-07-07 05:58 - 2013-07-07 05:58 - 00158168 _____ () C:\Users\Krystel\Downloads\CheatEngine62.exe
2013-07-07 05:47 - 2013-03-14 02:00 - 04722728 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des
2013-07-07 05:47 - 2005-01-02 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys
2013-07-07 05:47 - 2003-07-18 23:17 - 00005174 _____ C:\Windows\SysWOW64\nppt9x.vxd
2013-07-07 05:46 - 2013-07-07 05:46 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2013-07-07 05:41 - 2013-07-07 05:41 - 00001513 _____ C:\Users\Public\Desktop\Flyff.lnk
2013-07-07 05:41 - 2013-07-07 05:41 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\PiccShare
2013-07-07 05:41 - 2013-07-07 05:41 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Common
2013-07-07 05:36 - 2013-07-07 05:36 - 00000000 ____D C:\Program Files\gPotato.eu
2013-07-07 05:20 - 2013-07-07 05:19 - 00000396 _____ C:\zoek-results07.07.2013-0519.log
2013-07-07 05:19 - 2013-07-11 18:06 - 00002284 _____ C:\zoek-results.log
2013-07-07 05:19 - 2013-07-07 05:19 - 01273625 _____ C:\Users\Krystel\Desktop\zoek.exe
2013-07-07 05:14 - 2013-07-07 05:14 - 00695128 _____ C:\Users\Krystel\Downloads\Flyff_DE.exe
2013-07-07 05:13 - 2013-07-07 05:13 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-07 05:13 - 2013-07-07 05:13 - 00000000 _____ C:\autoexec.bat
2013-07-07 05:12 - 2013-07-07 05:18 - 00000000 ____D C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-07 05:10 - 2013-07-07 05:10 - 00726464 _____ (Enigma Software Group USA, LLC.) C:\Users\Krystel\Downloads\SpyHunter-Installer.exe
2013-07-07 00:14 - 2013-07-17 01:48 - 00000000 ____D C:\Users\Krystel\Desktop\alex
2013-07-06 20:34 - 2013-07-06 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-06 17:56 - 2013-07-06 17:56 - 00210432 _____ C:\Users\Krystel\Downloads\F-Tool (1).exe
2013-07-06 17:55 - 2013-07-06 18:14 - 57125395 _____ C:\Users\Krystel\Downloads\persteasy_-_roughnecks_aufgepasst_ep.zip
2013-07-04 18:33 - 2013-07-04 18:33 - 01390098 _____ C:\Users\Krystel\Downloads\FTool Extended.zip
2013-07-04 18:32 - 2013-07-04 18:32 - 00593659 _____ C:\Users\Krystel\Downloads\Renewal-MSX (2).rar
2013-07-04 18:30 - 2013-07-04 18:30 - 00574243 _____ C:\Users\Krystel\Downloads\Renewal-MSX (1).rar
2013-07-04 18:29 - 2013-07-04 18:29 - 00574243 _____ C:\Users\Krystel\Downloads\Renewal-MSX.rar
2013-07-04 16:26 - 2013-07-04 16:26 - 01424839 _____ C:\Users\Krystel\Downloads\FTool Extended.rar
2013-07-04 16:20 - 2013-07-04 16:21 - 00210432 _____ C:\Users\Krystel\Downloads\F-Tool.exe
2013-07-04 00:10 - 2013-07-04 00:10 - 00017586 _____ C:\Users\Krystel\Downloads\Flyff-Bot 2.0.rar
2013-07-03 23:48 - 2013-07-03 23:48 - 00993561 _____ C:\Users\Krystel\Downloads\FlyFF Bot By Incaner.rar
2013-07-03 23:32 - 2013-07-03 23:47 - 00000377 _____ C:\Users\Krystel\SciTE.session
2013-07-03 23:26 - 2013-07-03 23:26 - 07377952 _____ (AutoIt Team) C:\Users\Krystel\Downloads\autoit-v3-setup.exe
2013-07-03 23:26 - 2013-07-03 23:26 - 00000000 ____D C:\Program Files (x86)\AutoIt3
2013-07-03 23:14 - 2013-07-03 23:14 - 00707662 _____ C:\Users\Krystel\Downloads\FlyffBotXenox3.rar
2013-07-02 23:26 - 2013-07-02 23:26 - 00413462 _____ C:\Users\Krystel\Downloads\PublicFlyffBot.rar
2013-07-02 13:38 - 2013-07-02 13:39 - 00002455 _____ C:\AdwCleaner[S1].txt
2013-07-02 13:38 - 2013-07-02 13:38 - 00002531 _____ C:\AdwCleaner[R1].txt
2013-07-01 18:18 - 2013-06-21 14:06 - 00021578 _____ C:\Windows\system32\nvinfo.pb
2013-07-01 18:18 - 2013-02-10 05:25 - 01807136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6420294.dll
2013-07-01 18:18 - 2013-02-10 05:25 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6420162.dll
2013-07-01 18:13 - 2013-07-01 18:15 - 178075832 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\314.07-desktop-win8-win7-winvista-64bit-english-whql.exe
2013-07-01 18:05 - 2013-07-01 18:05 - 00000000 ____D C:\NVIDIA
2013-07-01 18:02 - 2013-07-01 18:04 - 179164720 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\320.49-desktop-win8-win7-winvista-32bit-international-whql.exe
2013-07-01 15:27 - 2013-07-07 05:59 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-07-01 15:27 - 2013-07-01 15:27 - 08062384 _____ (Cheat Engine                                                ) C:\Users\Krystel\Downloads\CheatEngine63.exe
2013-06-29 23:56 - 2013-06-29 23:56 - 08204850 _____ C:\Users\Krystel\Downloads\TwoWorlds.rar
2013-06-29 21:56 - 2013-06-29 21:57 - 00238856 _____ C:\Users\Krystel\Downloads\Thousand Foot Krutch - Phenomenon - 01 Phenomenon.mp3.sfk
2013-06-29 20:48 - 2013-06-29 20:53 - 01100656 _____ C:\Users\Krystel\Downloads\Epic Music Mix 4 (With Vocals).mp3.sfk
2013-06-29 20:19 - 2013-06-29 20:21 - 00083296 _____ C:\Users\Krystel\Downloads\pulsestylez DUBSTEP MASSACRE #1 CSS Frag Clip.mp4.sfk
2013-06-29 20:17 - 2013-06-29 20:18 - 21569004 _____ C:\Users\Krystel\Downloads\pulsestylez DUBSTEP MASSACRE #1 CSS Frag Clip.mp4
2013-06-29 20:12 - 2013-06-29 20:12 - 00903080 _____ (Oracle Corporation) C:\Users\Krystel\Downloads\chromeinstall-7u25.exe
2013-06-26 22:53 - 2013-07-14 01:36 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\vlc
2013-06-26 22:51 - 2013-06-26 22:51 - 00000000 ____D C:\Program Files\VideoLAN
2013-06-26 22:50 - 2013-06-26 22:50 - 23229256 _____ C:\Users\Krystel\Downloads\vlc-2.0.7-win64.exe
2013-06-26 22:17 - 2013-06-26 22:17 - 00284648 _____ C:\Users\Krystel\Downloads\Joywave - Tongues (feat Kopps) (RAC Remix).mp3.sfk
2013-06-26 22:17 - 2013-06-26 22:17 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Sony Creative Software Inc
2013-06-26 21:57 - 2013-06-26 22:15 - 00341776 _____ C:\Users\Krystel\Downloads\Chori Chori Video.mp3.sfk
2013-06-25 15:06 - 2013-06-25 15:15 - 681092659 _____ C:\Users\Krystel\Downloads\project-flyff.rar
2013-06-24 14:37 - 2013-06-24 14:53 - 972769591 _____ C:\Users\Krystel\Downloads\LightningGraveV3.7z
2013-06-23 23:06 - 2013-06-23 23:06 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\DivX
2013-06-23 23:01 - 2013-07-14 15:34 - 00000000 ____D C:\Program Files\DivX
2013-06-23 22:59 - 2013-07-14 15:34 - 00000000 ____D C:\ProgramData\DivX
2013-06-23 22:59 - 2013-06-23 22:59 - 00957248 _____ (DivX, LLC) C:\Users\Krystel\Downloads\DivXInstaller.exe
2013-06-23 22:53 - 2013-06-23 22:53 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-06-23 22:53 - 2013-05-27 15:07 - 00112640 _____ C:\Windows\SysWOW64\ff_vfw.dll
2013-06-23 22:52 - 2013-06-23 22:52 - 04730223 _____ (ffdshow                                                     ) C:\Users\Krystel\Downloads\ffdshow_rev4513_20130525_clsid (1).exe
2013-06-23 22:36 - 2013-06-23 22:36 - 01361419 _____ C:\Users\Krystel\Downloads\MatroskaSplitter.exe
2013-06-23 22:36 - 2013-06-23 22:36 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-06-23 22:36 - 2013-06-23 22:36 - 00000000 ____D C:\Program Files (x86)\Haali
2013-06-23 22:35 - 2013-06-23 22:35 - 04730223 _____ (ffdshow                                                     ) C:\Users\Krystel\Downloads\ffdshow_rev4513_20130525_clsid.exe
2013-06-23 22:33 - 2013-06-23 22:34 - 00000000 ____D C:\Users\Krystel\Desktop\idk
2013-06-23 22:33 - 2013-06-23 22:33 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2013-06-23 22:33 - 2013-06-23 22:33 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-06-23 22:32 - 2013-06-23 22:33 - 41754896 _____ C:\Users\Krystel\Downloads\RipBot264v1.17.4 (1).7z
2013-06-23 22:25 - 2013-06-23 22:28 - 221698044 _____ C:\Users\Krystel\Downloads\Cani.rar
2013-06-23 15:59 - 2013-06-23 15:59 - 00163288 _____ () C:\Users\Krystel\Downloads\BeautifulESvonSchriftartenFontsde_downloader_by_SchriftartenFontsde.exe
2013-06-23 15:59 - 2013-06-23 15:59 - 00043113 _____ C:\Users\Krystel\Downloads\beautiful_es.zip
2013-06-23 15:20 - 2013-06-23 15:20 - 00243280 _____ C:\Users\Krystel\Downloads\AchtVier - Du und wer noch  (16BARSTV PREMIERE).mp3.sfk
2013-06-22 22:51 - 2013-06-22 22:51 - 01924052 _____ C:\Users\Krystel\Downloads\aaleems 1.5k CC Pack!!! (1).rar
2013-06-22 22:47 - 2013-06-22 22:47 - 01924052 _____ C:\Users\Krystel\Downloads\aaleems 1.5k CC Pack!!!.rar
2013-06-20 21:54 - 2013-06-20 21:55 - 00367480 _____ C:\Users\Krystel\Downloads\KIZ-Spast [Lyrics].mp3.sfk

==================== One Month Modified Files and Folders =======

2013-07-19 21:58 - 2013-07-19 18:50 - 00000000 ____D C:\Users\Krystel\Desktop\board
2013-07-19 21:57 - 2013-03-13 10:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-19 21:56 - 2013-07-19 21:56 - 00003026 _____ C:\Users\Krystel\Desktop\JRT.txt
2013-07-19 21:52 - 2013-02-03 17:27 - 01976326 _____ C:\Windows\WindowsUpdate.log
2013-07-19 21:48 - 2013-07-07 05:59 - 00000378 _____ C:\Windows\Tasks\Lyrics-Pal Update.job
2013-07-19 21:48 - 2006-11-02 17:07 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-07-19 21:47 - 2013-07-19 21:47 - 00002107 _____ C:\Users\Krystel\Desktop\AdwCleaner[S5].txt
2013-07-19 21:47 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-19 21:47 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-19 21:47 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-19 21:46 - 2013-07-19 21:46 - 00002107 _____ C:\AdwCleaner[S5].txt
2013-07-19 21:46 - 2013-06-05 09:12 - 00001648 _____ C:\Windows\DeleteOnReboot.bat
2013-07-19 21:46 - 2006-11-02 17:42 - 00032534 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-19 21:45 - 2013-07-19 21:45 - 00002033 _____ C:\AdwCleaner[R5].txt
2013-07-19 21:16 - 2013-02-03 17:44 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3029538542-3273361527-2256941593-1000UA.job
2013-07-19 20:58 - 2013-02-14 07:02 - 00000000 ____D C:\Program Files (x86)\Steam
2013-07-19 20:58 - 2013-02-04 14:38 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\TS3Client
2013-07-19 19:55 - 2013-07-19 19:55 - 00000000 ____D C:\FRST
2013-07-19 19:38 - 2013-07-19 19:38 - 00000072 _____ C:\Users\Krystel\Desktop\Wichtig Motor lackieren Anleitung.txt
2013-07-19 18:51 - 2013-07-19 18:51 - 00000000 _____ C:\Users\Krystel\defogger_reenable
2013-07-19 18:51 - 2013-02-03 17:32 - 00000000 ____D C:\Users\Krystel
2013-07-19 17:35 - 2013-07-19 17:35 - 00001797 _____ C:\Users\Krystel\Desktop\old.txt
2013-07-19 16:14 - 2013-05-13 16:24 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\BoL
2013-07-19 14:45 - 2013-07-19 14:45 - 00001989 _____ C:\AdwCleaner[S4].txt
2013-07-19 14:44 - 2013-07-19 14:44 - 00001915 _____ C:\AdwCleaner[R4].txt
2013-07-19 05:29 - 2013-05-07 19:18 - 00003706 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0F134943-7C99-49C6-907B-5B3836641A3D}
2013-07-17 14:16 - 2013-02-03 17:43 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3029538542-3273361527-2256941593-1000Core.job
2013-07-17 01:48 - 2013-07-07 00:14 - 00000000 ____D C:\Users\Krystel\Desktop\alex
2013-07-17 01:47 - 2013-03-03 18:46 - 00000000 ____D C:\Users\Krystel\Desktop\qmacro
2013-07-17 01:46 - 2013-02-03 18:27 - 00056320 _____ C:\Users\Krystel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-15 22:29 - 2013-07-15 13:06 - 00000848 _____ C:\Windows\PFRO.log
2013-07-15 22:28 - 2013-07-15 22:27 - 00002424 _____ C:\AdwCleaner[S3].txt
2013-07-15 22:26 - 2013-07-15 22:26 - 00002249 _____ C:\AdwCleaner[R3].txt
2013-07-15 20:57 - 2013-07-15 20:57 - 00000000 ____D C:\Users\Krystel\AppData\Local\NVIDIA
2013-07-15 20:57 - 2013-02-03 18:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-07-15 13:11 - 2013-03-13 10:31 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-15 13:11 - 2013-03-13 10:31 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-15 13:11 - 2013-03-13 10:31 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-15 13:11 - 2013-02-14 06:55 - 00000000 ____D C:\Users\Krystel\AppData\Local\Adobe
2013-07-14 20:45 - 2013-06-15 21:26 - 00000000 ____D C:\Program Files (x86)\puush
2013-07-14 15:36 - 2013-02-04 10:17 - 00000000 ____D C:\Windows\Minidump
2013-07-14 15:34 - 2013-06-23 23:01 - 00000000 ____D C:\Program Files\DivX
2013-07-14 15:34 - 2013-06-23 22:59 - 00000000 ____D C:\ProgramData\DivX
2013-07-14 15:31 - 2013-06-11 16:50 - 00000000 ____D C:\Program Files (x86)\«öÁäºëÆF
2013-07-14 15:31 - 2013-02-20 09:07 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-07-14 15:31 - 2013-02-03 19:25 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-14 15:30 - 2013-02-24 17:15 - 00000000 ____D C:\Program Files (x86)\UltraISO
2013-07-14 15:30 - 2013-02-03 17:31 - 00000000 ____D C:\Program Files (x86)\Fujitsu Siemens Computers
2013-07-14 15:28 - 2013-07-14 15:28 - 00000776 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-07-14 15:28 - 2013-06-05 21:40 - 00000000 ____D C:\Program Files\CCleaner
2013-07-14 15:27 - 2013-07-14 15:27 - 04396440 _____ (Piriform Ltd) C:\Users\Krystel\Downloads\ccsetup403.exe
2013-07-14 05:57 - 2013-07-14 05:57 - 00000000 ____D C:\Users\Krystel\AppData\Local\master131
2013-07-14 05:55 - 2013-07-14 05:55 - 00417036 _____ C:\Users\Krystel\Downloads\hook.rar
2013-07-14 05:40 - 2013-07-14 05:40 - 00000000 ____D C:\Users\Krystel\AppData\Local\TrinityEntertainmentNetwo
2013-07-14 05:39 - 2013-07-14 05:39 - 00572128 _____ C:\Users\Krystel\Downloads\BlackDragonInjector.rar
2013-07-14 05:37 - 2013-06-10 21:13 - 00000000 ____D C:\Users\Krystel\Desktop\FlyFF
2013-07-14 05:20 - 2013-07-14 05:20 - 00374495 _____ C:\Users\Krystel\Downloads\FlyFF Infiltration Hack.zip
2013-07-14 05:20 - 2013-02-03 17:49 - 00000000 ____D C:\Users\Krystel\Desktop\Trash
2013-07-14 04:59 - 2013-07-14 04:59 - 02231481 _____ C:\Users\Krystel\Downloads\Twixtor for Vegas Pro 12.zip
2013-07-14 01:36 - 2013-06-26 22:53 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\vlc
2013-07-14 00:31 - 2013-07-14 00:27 - 00109904 _____ C:\Users\Krystel\Downloads\Afi-Prelude(Lyrics).mp3.sfk
2013-07-13 19:22 - 2013-02-03 17:50 - 00002058 _____ C:\Users\Krystel\Desktop\Google Chrome.lnk
2013-07-13 14:11 - 2013-02-03 17:44 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3029538542-3273361527-2256941593-1000UA
2013-07-13 14:11 - 2013-02-03 17:43 - 00003710 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3029538542-3273361527-2256941593-1000Core
2013-07-13 14:07 - 2013-07-13 14:06 - 00006790 _____ C:\AdwCleaner[S2].txt
2013-07-13 14:06 - 2013-07-13 14:06 - 00006753 _____ C:\AdwCleaner[R2].txt
2013-07-13 01:35 - 2013-07-13 01:35 - 00617312 _____ (www.download-sponsor.de) C:\Users\Krystel\Downloads\296.10__desktop_win7_winvista_64bit_universal_whql.exe
2013-07-12 14:00 - 2006-11-02 17:21 - 00282952 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 13:58 - 2006-11-02 17:07 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-07-12 13:58 - 2006-11-02 17:07 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-12 13:54 - 2006-11-02 14:35 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-07-11 23:45 - 2013-02-11 00:45 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Spotify
2013-07-11 23:43 - 2013-02-11 00:45 - 00000000 ____D C:\Users\Krystel\AppData\Local\Spotify
2013-07-11 21:43 - 2008-01-21 13:10 - 00006972 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-11 21:43 - 2008-01-21 13:09 - 02640946 _____ C:\Windows\system32\perfh007.dat
2013-07-11 21:43 - 2008-01-21 13:09 - 00778750 _____ C:\Windows\system32\perfc007.dat
2013-07-11 21:21 - 2013-02-03 18:27 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-11 21:20 - 2013-07-11 21:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-11 21:20 - 2009-01-26 12:49 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-11 21:10 - 2013-07-11 21:03 - 229594432 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\320.49-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-07-11 18:06 - 2013-07-07 05:19 - 00002284 _____ C:\zoek-results.log
2013-07-10 17:44 - 2013-07-10 17:44 - 00002294 _____ C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-07-10 17:26 - 2013-07-10 17:26 - 00000930 _____ C:\Users\Krystel\Desktop\Cheat Engine.lnk
2013-07-10 17:26 - 2013-07-10 17:26 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.2
2013-07-10 17:25 - 2013-07-10 17:25 - 07280088 _____ (Dark Byte                                                   ) C:\Users\Krystel\Downloads\CheatEngine62 (1).exe
2013-07-09 23:00 - 2013-07-09 22:53 - 00279464 _____ C:\Users\Krystel\Downloads\Margaret - Thank You Very Much.mp3.sfk
2013-07-09 18:43 - 2013-07-09 18:42 - 993908742 _____ C:\Users\Krystel\Downloads\Royal Revenge.rar
2013-07-09 16:57 - 2013-07-09 16:57 - 46185304 _____ C:\Users\Krystel\Downloads\Sexurlaub-EP_Klaus-Bukkake_MC-Baum_MekkroMye_www.meinrap.de-2.zip
2013-07-07 23:26 - 2013-02-03 17:33 - 00000000 ____D C:\Users\Krystel\AppData\Local\VirtualStore
2013-07-07 05:59 - 2013-07-07 05:59 - 00003030 _____ C:\Windows\System32\Tasks\Lyrics-Pal Update
2013-07-07 05:59 - 2013-07-07 05:59 - 00000000 ____D C:\Program Files (x86)\FoxyDeal
2013-07-07 05:59 - 2013-07-01 15:27 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-07-07 05:58 - 2013-07-07 05:58 - 00158168 _____ () C:\Users\Krystel\Downloads\CheatEngine62.exe
2013-07-07 05:46 - 2013-07-07 05:46 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2013-07-07 05:43 - 2013-07-11 18:06 - 00038505 _____ C:\zoek-results07.07.2013-0543.log
2013-07-07 05:43 - 2013-02-03 17:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-07 05:41 - 2013-07-07 05:41 - 00001513 _____ C:\Users\Public\Desktop\Flyff.lnk
2013-07-07 05:41 - 2013-07-07 05:41 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\PiccShare
2013-07-07 05:41 - 2013-07-07 05:41 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Common
2013-07-07 05:36 - 2013-07-07 05:36 - 00000000 ____D C:\Program Files\gPotato.eu
2013-07-07 05:19 - 2013-07-07 05:20 - 00000396 _____ C:\zoek-results07.07.2013-0519.log
2013-07-07 05:19 - 2013-07-07 05:19 - 01273625 _____ C:\Users\Krystel\Desktop\zoek.exe
2013-07-07 05:18 - 2013-07-07 05:12 - 00000000 ____D C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-07 05:14 - 2013-07-07 05:14 - 00695128 _____ C:\Users\Krystel\Downloads\Flyff_DE.exe
2013-07-07 05:13 - 2013-07-07 05:13 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-07 05:13 - 2013-07-07 05:13 - 00000000 _____ C:\autoexec.bat
2013-07-07 05:10 - 2013-07-07 05:10 - 00726464 _____ (Enigma Software Group USA, LLC.) C:\Users\Krystel\Downloads\SpyHunter-Installer.exe
2013-07-06 20:34 - 2013-07-06 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-06 18:14 - 2013-07-06 17:55 - 57125395 _____ C:\Users\Krystel\Downloads\persteasy_-_roughnecks_aufgepasst_ep.zip
2013-07-06 17:56 - 2013-07-06 17:56 - 00210432 _____ C:\Users\Krystel\Downloads\F-Tool (1).exe
2013-07-04 18:33 - 2013-07-04 18:33 - 01390098 _____ C:\Users\Krystel\Downloads\FTool Extended.zip
2013-07-04 18:32 - 2013-07-04 18:32 - 00593659 _____ C:\Users\Krystel\Downloads\Renewal-MSX (2).rar
2013-07-04 18:30 - 2013-07-04 18:30 - 00574243 _____ C:\Users\Krystel\Downloads\Renewal-MSX (1).rar
2013-07-04 18:29 - 2013-07-04 18:29 - 00574243 _____ C:\Users\Krystel\Downloads\Renewal-MSX.rar
2013-07-04 16:26 - 2013-07-04 16:26 - 01424839 _____ C:\Users\Krystel\Downloads\FTool Extended.rar
2013-07-04 16:21 - 2013-07-04 16:20 - 00210432 _____ C:\Users\Krystel\Downloads\F-Tool.exe
2013-07-04 00:10 - 2013-07-04 00:10 - 00017586 _____ C:\Users\Krystel\Downloads\Flyff-Bot 2.0.rar
2013-07-03 23:48 - 2013-07-03 23:48 - 00993561 _____ C:\Users\Krystel\Downloads\FlyFF Bot By Incaner.rar
2013-07-03 23:47 - 2013-07-03 23:32 - 00000377 _____ C:\Users\Krystel\SciTE.session
2013-07-03 23:26 - 2013-07-03 23:26 - 07377952 _____ (AutoIt Team) C:\Users\Krystel\Downloads\autoit-v3-setup.exe
2013-07-03 23:26 - 2013-07-03 23:26 - 00000000 ____D C:\Program Files (x86)\AutoIt3
2013-07-03 23:26 - 2006-11-02 17:07 - 00000000 ____D C:\Windows\ShellNew
2013-07-03 23:14 - 2013-07-03 23:14 - 00707662 _____ C:\Users\Krystel\Downloads\FlyffBotXenox3.rar
2013-07-02 23:26 - 2013-07-02 23:26 - 00413462 _____ C:\Users\Krystel\Downloads\PublicFlyffBot.rar
2013-07-02 13:39 - 2013-07-02 13:38 - 00002455 _____ C:\AdwCleaner[S1].txt
2013-07-02 13:38 - 2013-07-02 13:38 - 00002531 _____ C:\AdwCleaner[R1].txt
2013-07-01 18:15 - 2013-07-01 18:13 - 178075832 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\314.07-desktop-win8-win7-winvista-64bit-english-whql.exe
2013-07-01 18:05 - 2013-07-01 18:05 - 00000000 ____D C:\NVIDIA
2013-07-01 18:04 - 2013-07-01 18:02 - 179164720 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\320.49-desktop-win8-win7-winvista-32bit-international-whql.exe
2013-07-01 15:27 - 2013-07-01 15:27 - 08062384 _____ (Cheat Engine                                                ) C:\Users\Krystel\Downloads\CheatEngine63.exe
2013-06-29 23:56 - 2013-06-29 23:56 - 08204850 _____ C:\Users\Krystel\Downloads\TwoWorlds.rar
2013-06-29 21:57 - 2013-06-29 21:56 - 00238856 _____ C:\Users\Krystel\Downloads\Thousand Foot Krutch - Phenomenon - 01 Phenomenon.mp3.sfk
2013-06-29 20:53 - 2013-06-29 20:48 - 01100656 _____ C:\Users\Krystel\Downloads\Epic Music Mix 4 (With Vocals).mp3.sfk
2013-06-29 20:21 - 2013-06-29 20:19 - 00083296 _____ C:\Users\Krystel\Downloads\pulsestylez DUBSTEP MASSACRE #1 CSS Frag Clip.mp4.sfk
2013-06-29 20:18 - 2013-06-29 20:17 - 21569004 _____ C:\Users\Krystel\Downloads\pulsestylez DUBSTEP MASSACRE #1 CSS Frag Clip.mp4
2013-06-29 20:14 - 2013-03-11 18:31 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-29 20:14 - 2013-03-11 18:31 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-29 20:12 - 2013-06-29 20:12 - 00903080 _____ (Oracle Corporation) C:\Users\Krystel\Downloads\chromeinstall-7u25.exe
2013-06-28 19:24 - 2013-03-13 10:50 - 00000000 ____D C:\Users\Krystel\AppData\Local\Akamai
2013-06-26 22:51 - 2013-06-26 22:51 - 00000000 ____D C:\Program Files\VideoLAN
2013-06-26 22:50 - 2013-06-26 22:50 - 23229256 _____ C:\Users\Krystel\Downloads\vlc-2.0.7-win64.exe
2013-06-26 22:17 - 2013-06-26 22:17 - 00284648 _____ C:\Users\Krystel\Downloads\Joywave - Tongues (feat Kopps) (RAC Remix).mp3.sfk
2013-06-26 22:17 - 2013-06-26 22:17 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Sony Creative Software Inc
2013-06-26 22:15 - 2013-06-26 21:57 - 00341776 _____ C:\Users\Krystel\Downloads\Chori Chori Video.mp3.sfk
2013-06-25 15:15 - 2013-06-25 15:06 - 681092659 _____ C:\Users\Krystel\Downloads\project-flyff.rar
2013-06-24 14:53 - 2013-06-24 14:37 - 972769591 _____ C:\Users\Krystel\Downloads\LightningGraveV3.7z
2013-06-23 23:07 - 2013-02-03 17:34 - 00066488 _____ C:\Users\Krystel\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-23 23:06 - 2013-06-23 23:06 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\DivX
2013-06-23 22:59 - 2013-06-23 22:59 - 00957248 _____ (DivX, LLC) C:\Users\Krystel\Downloads\DivXInstaller.exe
2013-06-23 22:53 - 2013-06-23 22:53 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-06-23 22:52 - 2013-06-23 22:52 - 04730223 _____ (ffdshow                                                     ) C:\Users\Krystel\Downloads\ffdshow_rev4513_20130525_clsid (1).exe
2013-06-23 22:36 - 2013-06-23 22:36 - 01361419 _____ C:\Users\Krystel\Downloads\MatroskaSplitter.exe
2013-06-23 22:36 - 2013-06-23 22:36 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-06-23 22:36 - 2013-06-23 22:36 - 00000000 ____D C:\Program Files (x86)\Haali
2013-06-23 22:35 - 2013-06-23 22:35 - 04730223 _____ (ffdshow                                                     ) C:\Users\Krystel\Downloads\ffdshow_rev4513_20130525_clsid.exe
2013-06-23 22:34 - 2013-06-23 22:33 - 00000000 ____D C:\Users\Krystel\Desktop\idk
2013-06-23 22:34 - 2013-05-06 01:26 - 00000000 ____D C:\Users\Krystel\Desktop\LoLZeug
2013-06-23 22:33 - 2013-06-23 22:33 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2013-06-23 22:33 - 2013-06-23 22:33 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-06-23 22:33 - 2013-06-23 22:32 - 41754896 _____ C:\Users\Krystel\Downloads\RipBot264v1.17.4 (1).7z
2013-06-23 22:28 - 2013-06-23 22:25 - 221698044 _____ C:\Users\Krystel\Downloads\Cani.rar
2013-06-23 15:59 - 2013-06-23 15:59 - 00163288 _____ () C:\Users\Krystel\Downloads\BeautifulESvonSchriftartenFontsde_downloader_by_SchriftartenFontsde.exe
2013-06-23 15:59 - 2013-06-23 15:59 - 00043113 _____ C:\Users\Krystel\Downloads\beautiful_es.zip
2013-06-23 15:20 - 2013-06-23 15:20 - 00243280 _____ C:\Users\Krystel\Downloads\AchtVier - Du und wer noch  (16BARSTV PREMIERE).mp3.sfk
2013-06-22 23:38 - 2013-03-03 00:42 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Sony
2013-06-22 22:51 - 2013-06-22 22:51 - 01924052 _____ C:\Users\Krystel\Downloads\aaleems 1.5k CC Pack!!! (1).rar
2013-06-22 22:47 - 2013-06-22 22:47 - 01924052 _____ C:\Users\Krystel\Downloads\aaleems 1.5k CC Pack!!!.rar
2013-06-22 01:11 - 2013-06-11 17:59 - 00000000 ____D C:\Program Files (x86)\MacroGamer
2013-06-21 14:06 - 2013-07-11 21:16 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-06-21 14:06 - 2013-07-11 21:16 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02597856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-06-21 14:06 - 2013-07-01 18:18 - 00021578 _____ C:\Windows\system32\nvinfo.pb
2013-06-21 14:06 - 2013-02-03 18:24 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-06-21 14:06 - 2013-02-03 18:24 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-06-21 14:06 - 2009-01-26 11:37 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-06-21 14:06 - 2009-01-26 11:37 - 12427240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-21 14:06 - 2009-01-26 11:37 - 02936208 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-06-21 12:23 - 2013-02-03 18:26 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-06-21 12:23 - 2009-01-26 11:37 - 06496544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-06-21 12:23 - 2009-01-26 11:37 - 03514656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-06-21 12:23 - 2009-01-26 11:37 - 02555680 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-06-21 12:23 - 2009-01-26 11:37 - 00884512 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-06-21 12:23 - 2009-01-26 11:37 - 00237856 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-06-21 08:10 - 2013-05-06 18:53 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\CorelHomeOffice
2013-06-20 21:55 - 2013-06-20 21:54 - 00367480 _____ C:\Users\Krystel\Downloads\KIZ-Spast [Lyrics].mp3.sfk
2013-06-19 16:11 - 2013-06-11 16:50 - 00054816 _____ (vrBrothers Corporation. ) C:\Windows\SysWOW64\qdisp.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-19 21:53

==================== End Of Log ============================
         

--- --- ---


mfg

ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte SecurityCheck und:

• Speichere es auf dem Desktop.
• Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
• Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Der Eset Scan blieb seit 3 Stunden bei 34% hängen, ist das normal?
Ich werde ihn später nochmal neu starten.

Code: Alles auswählenAufklappen

ATTFilter

 Results of screen317's Security Check version 0.99.70  
 Windows Vista Service Pack 2 x64 (UAC is enabled)  
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Adobe Flash Player 	11.8.800.94  
 Adobe Reader 9 Adobe Reader out of Date! 
 Mozilla Firefox (22.0) 
 Google Chrome 28.0.1500.71  
 Google Chrome 28.0.1500.72  
 Google Chrome Plugins...  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         

FRST


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-07-2013
Ran by Krystel (administrator) on 20-07-2013 18:26:09
Running from C:\Users\Krystel\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Krystel\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Program Files (x86)\puush\puush.exe
(Spotify Ltd) C:\Users\Krystel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Akamai Technologies, Inc.) C:\Users\Krystel\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.175\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.33\deploy\LolClient.exe
(Google Inc.) C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKCU\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [2438656 2009-04-11] (Microsoft Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Krystel\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [152064 2008-07-03] (Microsoft Corporation)
HKCU\...\Run: [puush] - C:\Program Files (x86)\puush\puush.exe [567880 2013-07-14] ()
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Krystel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-06-21] (Spotify Ltd)
HKCU\...\Run: [Google Update] - C:\Users\Krystel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-03] (Google Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe [x]
MountPoints2: {8d8777ce-87f9-11e2-83fb-00242150365f} - L:\Install.exe
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [NPSStartup] -  [x]
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-11] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
ShortcutTarget: LOLRecorder.lnk -> C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default
FF Homepage: about:home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Krystel\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Krystel\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\{db2f991b-106f-477d-a712-c771073b6e79}
FF Extension: FoxyDeal - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D}
FF Extension: firebug - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: firefox - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\firefox@mega.co.nz.xpi
FF Extension: No Name - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

Chrome: 
=======
CHR RestoreOnStartup: "hxxp://websearch.mocaflix.com/", ""
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Krystel\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Krystel\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Krystel\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Users\Krystel\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0
CHR Extension: (ProxMate - Improve your Internet!) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm\2.3.8_0
CHR Extension: (Gmail) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
S2 libusbd; C:\Windows\SysWow64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4722728 2013-03-14] (INCA Internet Co., Ltd.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-27] (Avira Operations GmbH & Co. KG)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 libusb0; C:\Windows\SysWow64\drivers\libusb0.sys [33792 2005-03-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 libusb0; system32\drivers\libusb0.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S1 StarOpen; No ImagePath
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-20 17:54 - 2013-07-20 17:54 - 00000177 _____ C:\zoek-results20.07.2013-1754.log
2013-07-20 15:56 - 2013-07-20 15:56 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-20 04:57 - 2013-07-20 04:57 - 00013027 _____ C:\Users\Krystel\Downloads\untargetable2.1.txt
2013-07-19 21:46 - 2013-07-19 21:46 - 00002107 _____ C:\AdwCleaner[S5].txt
2013-07-19 21:45 - 2013-07-19 21:45 - 00002033 _____ C:\AdwCleaner[R5].txt
2013-07-19 19:55 - 2013-07-19 19:55 - 01778207 _____ (Farbar) C:\Users\Krystel\Desktop\FRST64.exe
2013-07-19 19:55 - 2013-07-19 19:55 - 00000000 ____D C:\FRST
2013-07-19 19:38 - 2013-07-19 19:38 - 00000072 _____ C:\Users\Krystel\Desktop\Wichtig Motor lackieren Anleitung.txt
2013-07-19 18:51 - 2013-07-19 18:51 - 00000000 _____ C:\Users\Krystel\defogger_reenable
2013-07-19 18:50 - 2013-07-20 18:25 - 00000000 ____D C:\Users\Krystel\Desktop\board
2013-07-19 17:35 - 2013-07-19 17:35 - 00001797 _____ C:\Users\Krystel\Desktop\old.txt
2013-07-19 14:45 - 2013-07-19 14:45 - 00001989 _____ C:\AdwCleaner[S4].txt
2013-07-19 14:44 - 2013-07-19 14:44 - 00001915 _____ C:\AdwCleaner[R4].txt
2013-07-15 22:27 - 2013-07-15 22:28 - 00002424 _____ C:\AdwCleaner[S3].txt
2013-07-15 22:26 - 2013-07-15 22:26 - 00002249 _____ C:\AdwCleaner[R3].txt
2013-07-15 20:57 - 2013-07-15 20:57 - 00000000 ____D C:\Users\Krystel\AppData\Local\NVIDIA
2013-07-15 13:06 - 2013-07-15 22:29 - 00000848 _____ C:\Windows\PFRO.log
2013-07-14 15:28 - 2013-07-14 15:28 - 00000776 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-07-14 15:27 - 2013-07-14 15:27 - 04396440 _____ (Piriform Ltd) C:\Users\Krystel\Downloads\ccsetup403.exe
2013-07-14 05:57 - 2013-07-14 05:57 - 00000000 ____D C:\Users\Krystel\AppData\Local\master131
2013-07-14 05:55 - 2013-07-14 05:55 - 00417036 _____ C:\Users\Krystel\Downloads\hook.rar
2013-07-14 05:40 - 2013-07-14 05:40 - 00000000 ____D C:\Users\Krystel\AppData\Local\TrinityEntertainmentNetwo
2013-07-14 05:39 - 2013-07-14 05:39 - 00572128 _____ C:\Users\Krystel\Downloads\BlackDragonInjector.rar
2013-07-14 05:20 - 2013-07-14 05:20 - 00374495 _____ C:\Users\Krystel\Downloads\FlyFF Infiltration Hack.zip
2013-07-14 04:59 - 2013-07-14 04:59 - 02231481 _____ C:\Users\Krystel\Downloads\Twixtor for Vegas Pro 12.zip
2013-07-14 00:27 - 2013-07-14 00:31 - 00109904 _____ C:\Users\Krystel\Downloads\Afi-Prelude(Lyrics).mp3.sfk
2013-07-13 14:06 - 2013-07-13 14:07 - 00006790 _____ C:\AdwCleaner[S2].txt
2013-07-13 14:06 - 2013-07-13 14:06 - 00006753 _____ C:\AdwCleaner[R2].txt
2013-07-13 01:35 - 2013-07-13 01:35 - 00617312 _____ (www.download-sponsor.de) C:\Users\Krystel\Downloads\296.10__desktop_win7_winvista_64bit_universal_whql.exe
2013-07-12 13:43 - 2013-05-29 08:15 - 17829376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-12 13:43 - 2013-05-29 07:50 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-12 13:43 - 2013-05-29 07:43 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-12 13:43 - 2013-05-29 07:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-12 13:43 - 2013-05-29 07:35 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-12 13:43 - 2013-05-29 07:34 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-12 13:43 - 2013-05-29 07:33 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-12 13:43 - 2013-05-29 07:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-12 13:43 - 2013-05-29 07:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-12 13:43 - 2013-05-29 07:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-12 13:43 - 2013-05-29 07:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-12 13:43 - 2013-05-29 07:27 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-12 13:43 - 2013-05-29 07:27 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-12 13:43 - 2013-05-29 07:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-12 13:43 - 2013-05-29 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-12 13:43 - 2013-05-29 07:18 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-12 13:43 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-12 13:43 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-12 13:43 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-12 13:43 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-12 13:43 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-12 13:43 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-12 13:43 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-12 13:43 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-12 13:43 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-12 13:43 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-12 13:43 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-12 13:43 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-12 13:43 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-12 13:43 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-12 13:43 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-12 13:43 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-11 21:20 - 2013-07-11 21:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-11 21:16 - 2013-06-21 14:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-07-11 21:16 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02597856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-07-11 21:03 - 2013-07-11 21:10 - 229594432 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\320.49-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-07-11 18:12 - 2013-06-01 06:19 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 18:12 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 18:11 - 2013-06-04 04:03 - 02775040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 18:11 - 2013-05-08 06:18 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 18:11 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 18:11 - 2013-04-17 14:32 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-11 18:11 - 2013-04-17 14:32 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-11 18:11 - 2013-04-17 14:32 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-11 18:11 - 2013-04-17 14:32 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-11 18:11 - 2013-04-17 13:29 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-11 18:11 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-11 18:11 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-11 18:11 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-11 18:11 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-11 18:11 - 2013-04-17 13:27 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-11 18:11 - 2013-04-17 13:02 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-11 18:11 - 2013-04-17 12:58 - 01556480 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 18:11 - 2013-04-17 12:58 - 01149440 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-11 18:11 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-11 18:11 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-11 18:11 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-11 18:11 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 18:06 - 2013-07-07 05:43 - 00038505 _____ C:\zoek-results07.07.2013-0543.log
2013-07-10 17:44 - 2013-07-10 17:44 - 00002294 _____ C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-07-10 17:26 - 2013-07-10 17:26 - 00000930 _____ C:\Users\Krystel\Desktop\Cheat Engine.lnk
2013-07-10 17:26 - 2013-07-10 17:26 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.2
2013-07-10 17:25 - 2013-07-10 17:25 - 07280088 _____ (Dark Byte                                                   ) C:\Users\Krystel\Downloads\CheatEngine62 (1).exe
2013-07-09 22:53 - 2013-07-09 23:00 - 00279464 _____ C:\Users\Krystel\Downloads\Margaret - Thank You Very Much.mp3.sfk
2013-07-09 18:42 - 2013-07-09 18:43 - 993908742 _____ C:\Users\Krystel\Downloads\Royal Revenge.rar
2013-07-09 16:57 - 2013-07-09 16:57 - 46185304 _____ C:\Users\Krystel\Downloads\Sexurlaub-EP_Klaus-Bukkake_MC-Baum_MekkroMye_www.meinrap.de-2.zip
2013-07-07 05:59 - 2013-07-20 15:52 - 00000378 _____ C:\Windows\Tasks\Lyrics-Pal Update.job
2013-07-07 05:59 - 2013-07-07 05:59 - 00003030 _____ C:\Windows\System32\Tasks\Lyrics-Pal Update
2013-07-07 05:59 - 2013-07-07 05:59 - 00000000 ____D C:\Program Files (x86)\FoxyDeal
2013-07-07 05:58 - 2013-07-07 05:58 - 00158168 _____ () C:\Users\Krystel\Downloads\CheatEngine62.exe
2013-07-07 05:47 - 2013-03-14 02:00 - 04722728 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des
2013-07-07 05:47 - 2005-01-02 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys
2013-07-07 05:47 - 2003-07-18 23:17 - 00005174 _____ C:\Windows\SysWOW64\nppt9x.vxd
2013-07-07 05:46 - 2013-07-07 05:46 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2013-07-07 05:41 - 2013-07-07 05:41 - 00001513 _____ C:\Users\Public\Desktop\Flyff.lnk
2013-07-07 05:41 - 2013-07-07 05:41 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\PiccShare
2013-07-07 05:41 - 2013-07-07 05:41 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Common
2013-07-07 05:36 - 2013-07-07 05:36 - 00000000 ____D C:\Program Files\gPotato.eu
2013-07-07 05:20 - 2013-07-07 05:19 - 00000396 _____ C:\zoek-results07.07.2013-0519.log
2013-07-07 05:19 - 2013-07-20 17:54 - 00001234 _____ C:\zoek-results.log
2013-07-07 05:14 - 2013-07-07 05:14 - 00695128 _____ C:\Users\Krystel\Downloads\Flyff_DE.exe
2013-07-07 05:13 - 2013-07-07 05:13 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-07 05:13 - 2013-07-07 05:13 - 00000000 _____ C:\autoexec.bat
2013-07-07 05:12 - 2013-07-07 05:18 - 00000000 ____D C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-07 05:10 - 2013-07-07 05:10 - 00726464 _____ (Enigma Software Group USA, LLC.) C:\Users\Krystel\Downloads\SpyHunter-Installer.exe
2013-07-07 00:14 - 2013-07-17 01:48 - 00000000 ____D C:\Users\Krystel\Desktop\alex
2013-07-06 20:34 - 2013-07-06 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-06 17:56 - 2013-07-06 17:56 - 00210432 _____ C:\Users\Krystel\Downloads\F-Tool (1).exe
2013-07-06 17:55 - 2013-07-06 18:14 - 57125395 _____ C:\Users\Krystel\Downloads\persteasy_-_roughnecks_aufgepasst_ep.zip
2013-07-04 18:33 - 2013-07-04 18:33 - 01390098 _____ C:\Users\Krystel\Downloads\FTool Extended.zip
2013-07-04 18:32 - 2013-07-04 18:32 - 00593659 _____ C:\Users\Krystel\Downloads\Renewal-MSX (2).rar
2013-07-04 18:30 - 2013-07-04 18:30 - 00574243 _____ C:\Users\Krystel\Downloads\Renewal-MSX (1).rar
2013-07-04 18:29 - 2013-07-04 18:29 - 00574243 _____ C:\Users\Krystel\Downloads\Renewal-MSX.rar
2013-07-04 16:26 - 2013-07-04 16:26 - 01424839 _____ C:\Users\Krystel\Downloads\FTool Extended.rar
2013-07-04 16:20 - 2013-07-04 16:21 - 00210432 _____ C:\Users\Krystel\Downloads\F-Tool.exe
2013-07-04 00:10 - 2013-07-04 00:10 - 00017586 _____ C:\Users\Krystel\Downloads\Flyff-Bot 2.0.rar
2013-07-03 23:48 - 2013-07-03 23:48 - 00993561 _____ C:\Users\Krystel\Downloads\FlyFF Bot By Incaner.rar
2013-07-03 23:32 - 2013-07-03 23:47 - 00000377 _____ C:\Users\Krystel\SciTE.session
2013-07-03 23:26 - 2013-07-03 23:26 - 07377952 _____ (AutoIt Team) C:\Users\Krystel\Downloads\autoit-v3-setup.exe
2013-07-03 23:26 - 2013-07-03 23:26 - 00000000 ____D C:\Program Files (x86)\AutoIt3
2013-07-03 23:14 - 2013-07-03 23:14 - 00707662 _____ C:\Users\Krystel\Downloads\FlyffBotXenox3.rar
2013-07-02 23:26 - 2013-07-02 23:26 - 00413462 _____ C:\Users\Krystel\Downloads\PublicFlyffBot.rar
2013-07-02 13:38 - 2013-07-02 13:39 - 00002455 _____ C:\AdwCleaner[S1].txt
2013-07-02 13:38 - 2013-07-02 13:38 - 00002531 _____ C:\AdwCleaner[R1].txt
2013-07-01 18:18 - 2013-06-21 14:06 - 00021578 _____ C:\Windows\system32\nvinfo.pb
2013-07-01 18:18 - 2013-02-10 05:25 - 01807136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6420294.dll
2013-07-01 18:18 - 2013-02-10 05:25 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6420162.dll
2013-07-01 18:13 - 2013-07-01 18:15 - 178075832 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\314.07-desktop-win8-win7-winvista-64bit-english-whql.exe
2013-07-01 18:05 - 2013-07-01 18:05 - 00000000 ____D C:\NVIDIA
2013-07-01 18:02 - 2013-07-01 18:04 - 179164720 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\320.49-desktop-win8-win7-winvista-32bit-international-whql.exe
2013-07-01 15:27 - 2013-07-07 05:59 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-07-01 15:27 - 2013-07-01 15:27 - 08062384 _____ (Cheat Engine                                                ) C:\Users\Krystel\Downloads\CheatEngine63.exe
2013-06-29 23:56 - 2013-06-29 23:56 - 08204850 _____ C:\Users\Krystel\Downloads\TwoWorlds.rar
2013-06-29 21:56 - 2013-06-29 21:57 - 00238856 _____ C:\Users\Krystel\Downloads\Thousand Foot Krutch - Phenomenon - 01 Phenomenon.mp3.sfk
2013-06-29 20:48 - 2013-06-29 20:53 - 01100656 _____ C:\Users\Krystel\Downloads\Epic Music Mix 4 (With Vocals).mp3.sfk
2013-06-29 20:19 - 2013-06-29 20:21 - 00083296 _____ C:\Users\Krystel\Downloads\pulsestylez DUBSTEP MASSACRE #1 CSS Frag Clip.mp4.sfk
2013-06-29 20:17 - 2013-06-29 20:18 - 21569004 _____ C:\Users\Krystel\Downloads\pulsestylez DUBSTEP MASSACRE #1 CSS Frag Clip.mp4
2013-06-29 20:12 - 2013-06-29 20:12 - 00903080 _____ (Oracle Corporation) C:\Users\Krystel\Downloads\chromeinstall-7u25.exe
2013-06-26 22:53 - 2013-07-14 01:36 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\vlc
2013-06-26 22:51 - 2013-06-26 22:51 - 00000000 ____D C:\Program Files\VideoLAN
2013-06-26 22:50 - 2013-06-26 22:50 - 23229256 _____ C:\Users\Krystel\Downloads\vlc-2.0.7-win64.exe
2013-06-26 22:17 - 2013-06-26 22:17 - 00284648 _____ C:\Users\Krystel\Downloads\Joywave - Tongues (feat Kopps) (RAC Remix).mp3.sfk
2013-06-26 22:17 - 2013-06-26 22:17 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Sony Creative Software Inc
2013-06-26 21:57 - 2013-06-26 22:15 - 00341776 _____ C:\Users\Krystel\Downloads\Chori Chori Video.mp3.sfk
2013-06-25 15:06 - 2013-06-25 15:15 - 681092659 _____ C:\Users\Krystel\Downloads\project-flyff.rar
2013-06-24 14:37 - 2013-06-24 14:53 - 972769591 _____ C:\Users\Krystel\Downloads\LightningGraveV3.7z
2013-06-23 23:06 - 2013-06-23 23:06 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\DivX
2013-06-23 23:01 - 2013-07-14 15:34 - 00000000 ____D C:\Program Files\DivX
2013-06-23 22:59 - 2013-07-14 15:34 - 00000000 ____D C:\ProgramData\DivX
2013-06-23 22:59 - 2013-06-23 22:59 - 00957248 _____ (DivX, LLC) C:\Users\Krystel\Downloads\DivXInstaller.exe
2013-06-23 22:53 - 2013-06-23 22:53 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-06-23 22:53 - 2013-05-27 15:07 - 00112640 _____ C:\Windows\SysWOW64\ff_vfw.dll
2013-06-23 22:52 - 2013-06-23 22:52 - 04730223 _____ (ffdshow                                                     ) C:\Users\Krystel\Downloads\ffdshow_rev4513_20130525_clsid (1).exe
2013-06-23 22:36 - 2013-06-23 22:36 - 01361419 _____ C:\Users\Krystel\Downloads\MatroskaSplitter.exe
2013-06-23 22:36 - 2013-06-23 22:36 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-06-23 22:36 - 2013-06-23 22:36 - 00000000 ____D C:\Program Files (x86)\Haali
2013-06-23 22:35 - 2013-06-23 22:35 - 04730223 _____ (ffdshow                                                     ) C:\Users\Krystel\Downloads\ffdshow_rev4513_20130525_clsid.exe
2013-06-23 22:33 - 2013-06-23 22:34 - 00000000 ____D C:\Users\Krystel\Desktop\idk
2013-06-23 22:33 - 2013-06-23 22:33 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2013-06-23 22:33 - 2013-06-23 22:33 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-06-23 22:32 - 2013-06-23 22:33 - 41754896 _____ C:\Users\Krystel\Downloads\RipBot264v1.17.4 (1).7z
2013-06-23 22:25 - 2013-06-23 22:28 - 221698044 _____ C:\Users\Krystel\Downloads\Cani.rar
2013-06-23 15:59 - 2013-06-23 15:59 - 00163288 _____ () C:\Users\Krystel\Downloads\BeautifulESvonSchriftartenFontsde_downloader_by_SchriftartenFontsde.exe
2013-06-23 15:59 - 2013-06-23 15:59 - 00043113 _____ C:\Users\Krystel\Downloads\beautiful_es.zip
2013-06-23 15:20 - 2013-06-23 15:20 - 00243280 _____ C:\Users\Krystel\Downloads\AchtVier - Du und wer noch  (16BARSTV PREMIERE).mp3.sfk
2013-06-22 22:51 - 2013-06-22 22:51 - 01924052 _____ C:\Users\Krystel\Downloads\aaleems 1.5k CC Pack!!! (1).rar
2013-06-22 22:47 - 2013-06-22 22:47 - 01924052 _____ C:\Users\Krystel\Downloads\aaleems 1.5k CC Pack!!!.rar
2013-06-20 21:54 - 2013-06-20 21:55 - 00367480 _____ C:\Users\Krystel\Downloads\KIZ-Spast [Lyrics].mp3.sfk

==================== One Month Modified Files and Folders =======

2013-07-20 18:25 - 2013-07-19 18:50 - 00000000 ____D C:\Users\Krystel\Desktop\board
2013-07-20 18:19 - 2013-02-03 17:27 - 02004629 _____ C:\Windows\WindowsUpdate.log
2013-07-20 18:16 - 2013-02-03 17:44 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3029538542-3273361527-2256941593-1000UA.job
2013-07-20 17:57 - 2013-03-13 10:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-20 17:54 - 2013-07-20 17:54 - 00000177 _____ C:\zoek-results20.07.2013-1754.log
2013-07-20 17:54 - 2013-07-07 05:19 - 00001234 _____ C:\zoek-results.log
2013-07-20 17:52 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-20 17:52 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-20 15:56 - 2013-07-20 15:56 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-20 15:52 - 2013-07-07 05:59 - 00000378 _____ C:\Windows\Tasks\Lyrics-Pal Update.job
2013-07-20 15:52 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-20 15:52 - 2006-11-02 17:07 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-07-20 12:33 - 2006-11-02 17:42 - 00032534 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-20 05:25 - 2013-05-13 16:24 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\BoL
2013-07-20 04:57 - 2013-07-20 04:57 - 00013027 _____ C:\Users\Krystel\Downloads\untargetable2.1.txt
2013-07-20 03:32 - 2013-05-07 19:18 - 00003706 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0F134943-7C99-49C6-907B-5B3836641A3D}
2013-07-20 00:07 - 2013-02-04 14:38 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\TS3Client
2013-07-19 21:46 - 2013-07-19 21:46 - 00002107 _____ C:\AdwCleaner[S5].txt
2013-07-19 21:46 - 2013-06-05 09:12 - 00001648 _____ C:\Windows\DeleteOnReboot.bat
2013-07-19 21:45 - 2013-07-19 21:45 - 00002033 _____ C:\AdwCleaner[R5].txt
2013-07-19 20:58 - 2013-02-14 07:02 - 00000000 ____D C:\Program Files (x86)\Steam
2013-07-19 19:55 - 2013-07-19 19:55 - 01778207 _____ (Farbar) C:\Users\Krystel\Desktop\FRST64.exe
2013-07-19 19:55 - 2013-07-19 19:55 - 00000000 ____D C:\FRST
2013-07-19 19:38 - 2013-07-19 19:38 - 00000072 _____ C:\Users\Krystel\Desktop\Wichtig Motor lackieren Anleitung.txt
2013-07-19 18:51 - 2013-07-19 18:51 - 00000000 _____ C:\Users\Krystel\defogger_reenable
2013-07-19 18:51 - 2013-02-03 17:32 - 00000000 ____D C:\Users\Krystel
2013-07-19 17:35 - 2013-07-19 17:35 - 00001797 _____ C:\Users\Krystel\Desktop\old.txt
2013-07-19 14:45 - 2013-07-19 14:45 - 00001989 _____ C:\AdwCleaner[S4].txt
2013-07-19 14:44 - 2013-07-19 14:44 - 00001915 _____ C:\AdwCleaner[R4].txt
2013-07-17 14:16 - 2013-02-03 17:43 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3029538542-3273361527-2256941593-1000Core.job
2013-07-17 01:48 - 2013-07-07 00:14 - 00000000 ____D C:\Users\Krystel\Desktop\alex
2013-07-17 01:47 - 2013-03-03 18:46 - 00000000 ____D C:\Users\Krystel\Desktop\qmacro
2013-07-17 01:46 - 2013-02-03 18:27 - 00056320 _____ C:\Users\Krystel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-15 22:29 - 2013-07-15 13:06 - 00000848 _____ C:\Windows\PFRO.log
2013-07-15 22:28 - 2013-07-15 22:27 - 00002424 _____ C:\AdwCleaner[S3].txt
2013-07-15 22:26 - 2013-07-15 22:26 - 00002249 _____ C:\AdwCleaner[R3].txt
2013-07-15 20:57 - 2013-07-15 20:57 - 00000000 ____D C:\Users\Krystel\AppData\Local\NVIDIA
2013-07-15 20:57 - 2013-02-03 18:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-07-15 13:11 - 2013-03-13 10:31 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-15 13:11 - 2013-03-13 10:31 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-15 13:11 - 2013-03-13 10:31 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-15 13:11 - 2013-02-14 06:55 - 00000000 ____D C:\Users\Krystel\AppData\Local\Adobe
2013-07-14 20:45 - 2013-06-15 21:26 - 00000000 ____D C:\Program Files (x86)\puush
2013-07-14 15:36 - 2013-02-04 10:17 - 00000000 ____D C:\Windows\Minidump
2013-07-14 15:34 - 2013-06-23 23:01 - 00000000 ____D C:\Program Files\DivX
2013-07-14 15:34 - 2013-06-23 22:59 - 00000000 ____D C:\ProgramData\DivX
2013-07-14 15:31 - 2013-06-11 16:50 - 00000000 ____D C:\Program Files (x86)\«öÁäºëÆF
2013-07-14 15:31 - 2013-02-20 09:07 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-07-14 15:31 - 2013-02-03 19:25 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-14 15:30 - 2013-02-24 17:15 - 00000000 ____D C:\Program Files (x86)\UltraISO
2013-07-14 15:30 - 2013-02-03 17:31 - 00000000 ____D C:\Program Files (x86)\Fujitsu Siemens Computers
2013-07-14 15:28 - 2013-07-14 15:28 - 00000776 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-07-14 15:28 - 2013-06-05 21:40 - 00000000 ____D C:\Program Files\CCleaner
2013-07-14 15:27 - 2013-07-14 15:27 - 04396440 _____ (Piriform Ltd) C:\Users\Krystel\Downloads\ccsetup403.exe
2013-07-14 05:57 - 2013-07-14 05:57 - 00000000 ____D C:\Users\Krystel\AppData\Local\master131
2013-07-14 05:55 - 2013-07-14 05:55 - 00417036 _____ C:\Users\Krystel\Downloads\hook.rar
2013-07-14 05:40 - 2013-07-14 05:40 - 00000000 ____D C:\Users\Krystel\AppData\Local\TrinityEntertainmentNetwo
2013-07-14 05:39 - 2013-07-14 05:39 - 00572128 _____ C:\Users\Krystel\Downloads\BlackDragonInjector.rar
2013-07-14 05:37 - 2013-06-10 21:13 - 00000000 ____D C:\Users\Krystel\Desktop\FlyFF
2013-07-14 05:20 - 2013-07-14 05:20 - 00374495 _____ C:\Users\Krystel\Downloads\FlyFF Infiltration Hack.zip
2013-07-14 05:20 - 2013-02-03 17:49 - 00000000 ____D C:\Users\Krystel\Desktop\Trash
2013-07-14 04:59 - 2013-07-14 04:59 - 02231481 _____ C:\Users\Krystel\Downloads\Twixtor for Vegas Pro 12.zip
2013-07-14 01:36 - 2013-06-26 22:53 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\vlc
2013-07-14 00:31 - 2013-07-14 00:27 - 00109904 _____ C:\Users\Krystel\Downloads\Afi-Prelude(Lyrics).mp3.sfk
2013-07-13 19:22 - 2013-02-03 17:50 - 00002058 _____ C:\Users\Krystel\Desktop\Google Chrome.lnk
2013-07-13 14:11 - 2013-02-03 17:44 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3029538542-3273361527-2256941593-1000UA
2013-07-13 14:11 - 2013-02-03 17:43 - 00003710 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3029538542-3273361527-2256941593-1000Core
2013-07-13 14:07 - 2013-07-13 14:06 - 00006790 _____ C:\AdwCleaner[S2].txt
2013-07-13 14:06 - 2013-07-13 14:06 - 00006753 _____ C:\AdwCleaner[R2].txt
2013-07-13 01:35 - 2013-07-13 01:35 - 00617312 _____ (www.download-sponsor.de) C:\Users\Krystel\Downloads\296.10__desktop_win7_winvista_64bit_universal_whql.exe
2013-07-12 14:00 - 2006-11-02 17:21 - 00282952 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 13:58 - 2006-11-02 17:07 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-07-12 13:58 - 2006-11-02 17:07 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-12 13:54 - 2006-11-02 14:35 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-07-11 23:45 - 2013-02-11 00:45 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Spotify
2013-07-11 23:43 - 2013-02-11 00:45 - 00000000 ____D C:\Users\Krystel\AppData\Local\Spotify
2013-07-11 21:43 - 2008-01-21 13:10 - 00006972 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-11 21:43 - 2008-01-21 13:09 - 02640946 _____ C:\Windows\system32\perfh007.dat
2013-07-11 21:43 - 2008-01-21 13:09 - 00778750 _____ C:\Windows\system32\perfc007.dat
2013-07-11 21:21 - 2013-02-03 18:27 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-11 21:20 - 2013-07-11 21:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-11 21:20 - 2009-01-26 12:49 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-11 21:10 - 2013-07-11 21:03 - 229594432 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\320.49-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-07-10 17:44 - 2013-07-10 17:44 - 00002294 _____ C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-07-10 17:26 - 2013-07-10 17:26 - 00000930 _____ C:\Users\Krystel\Desktop\Cheat Engine.lnk
2013-07-10 17:26 - 2013-07-10 17:26 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.2
2013-07-10 17:25 - 2013-07-10 17:25 - 07280088 _____ (Dark Byte                                                   ) C:\Users\Krystel\Downloads\CheatEngine62 (1).exe
2013-07-09 23:00 - 2013-07-09 22:53 - 00279464 _____ C:\Users\Krystel\Downloads\Margaret - Thank You Very Much.mp3.sfk
2013-07-09 18:43 - 2013-07-09 18:42 - 993908742 _____ C:\Users\Krystel\Downloads\Royal Revenge.rar
2013-07-09 16:57 - 2013-07-09 16:57 - 46185304 _____ C:\Users\Krystel\Downloads\Sexurlaub-EP_Klaus-Bukkake_MC-Baum_MekkroMye_www.meinrap.de-2.zip
2013-07-07 23:26 - 2013-02-03 17:33 - 00000000 ____D C:\Users\Krystel\AppData\Local\VirtualStore
2013-07-07 05:59 - 2013-07-07 05:59 - 00003030 _____ C:\Windows\System32\Tasks\Lyrics-Pal Update
2013-07-07 05:59 - 2013-07-07 05:59 - 00000000 ____D C:\Program Files (x86)\FoxyDeal
2013-07-07 05:59 - 2013-07-01 15:27 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-07-07 05:58 - 2013-07-07 05:58 - 00158168 _____ () C:\Users\Krystel\Downloads\CheatEngine62.exe
2013-07-07 05:46 - 2013-07-07 05:46 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2013-07-07 05:43 - 2013-07-11 18:06 - 00038505 _____ C:\zoek-results07.07.2013-0543.log
2013-07-07 05:43 - 2013-02-03 17:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-07 05:41 - 2013-07-07 05:41 - 00001513 _____ C:\Users\Public\Desktop\Flyff.lnk
2013-07-07 05:41 - 2013-07-07 05:41 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\PiccShare
2013-07-07 05:41 - 2013-07-07 05:41 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Common
2013-07-07 05:36 - 2013-07-07 05:36 - 00000000 ____D C:\Program Files\gPotato.eu
2013-07-07 05:19 - 2013-07-07 05:20 - 00000396 _____ C:\zoek-results07.07.2013-0519.log
2013-07-07 05:18 - 2013-07-07 05:12 - 00000000 ____D C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-07 05:14 - 2013-07-07 05:14 - 00695128 _____ C:\Users\Krystel\Downloads\Flyff_DE.exe
2013-07-07 05:13 - 2013-07-07 05:13 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-07 05:13 - 2013-07-07 05:13 - 00000000 _____ C:\autoexec.bat
2013-07-07 05:10 - 2013-07-07 05:10 - 00726464 _____ (Enigma Software Group USA, LLC.) C:\Users\Krystel\Downloads\SpyHunter-Installer.exe
2013-07-06 20:34 - 2013-07-06 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-06 18:14 - 2013-07-06 17:55 - 57125395 _____ C:\Users\Krystel\Downloads\persteasy_-_roughnecks_aufgepasst_ep.zip
2013-07-06 17:56 - 2013-07-06 17:56 - 00210432 _____ C:\Users\Krystel\Downloads\F-Tool (1).exe
2013-07-04 18:33 - 2013-07-04 18:33 - 01390098 _____ C:\Users\Krystel\Downloads\FTool Extended.zip
2013-07-04 18:32 - 2013-07-04 18:32 - 00593659 _____ C:\Users\Krystel\Downloads\Renewal-MSX (2).rar
2013-07-04 18:30 - 2013-07-04 18:30 - 00574243 _____ C:\Users\Krystel\Downloads\Renewal-MSX (1).rar
2013-07-04 18:29 - 2013-07-04 18:29 - 00574243 _____ C:\Users\Krystel\Downloads\Renewal-MSX.rar
2013-07-04 16:26 - 2013-07-04 16:26 - 01424839 _____ C:\Users\Krystel\Downloads\FTool Extended.rar
2013-07-04 16:21 - 2013-07-04 16:20 - 00210432 _____ C:\Users\Krystel\Downloads\F-Tool.exe
2013-07-04 00:10 - 2013-07-04 00:10 - 00017586 _____ C:\Users\Krystel\Downloads\Flyff-Bot 2.0.rar
2013-07-03 23:48 - 2013-07-03 23:48 - 00993561 _____ C:\Users\Krystel\Downloads\FlyFF Bot By Incaner.rar
2013-07-03 23:47 - 2013-07-03 23:32 - 00000377 _____ C:\Users\Krystel\SciTE.session
2013-07-03 23:26 - 2013-07-03 23:26 - 07377952 _____ (AutoIt Team) C:\Users\Krystel\Downloads\autoit-v3-setup.exe
2013-07-03 23:26 - 2013-07-03 23:26 - 00000000 ____D C:\Program Files (x86)\AutoIt3
2013-07-03 23:26 - 2006-11-02 17:07 - 00000000 ____D C:\Windows\ShellNew
2013-07-03 23:14 - 2013-07-03 23:14 - 00707662 _____ C:\Users\Krystel\Downloads\FlyffBotXenox3.rar
2013-07-02 23:26 - 2013-07-02 23:26 - 00413462 _____ C:\Users\Krystel\Downloads\PublicFlyffBot.rar
2013-07-02 13:39 - 2013-07-02 13:38 - 00002455 _____ C:\AdwCleaner[S1].txt
2013-07-02 13:38 - 2013-07-02 13:38 - 00002531 _____ C:\AdwCleaner[R1].txt
2013-07-01 18:15 - 2013-07-01 18:13 - 178075832 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\314.07-desktop-win8-win7-winvista-64bit-english-whql.exe
2013-07-01 18:05 - 2013-07-01 18:05 - 00000000 ____D C:\NVIDIA
2013-07-01 18:04 - 2013-07-01 18:02 - 179164720 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\320.49-desktop-win8-win7-winvista-32bit-international-whql.exe
2013-07-01 15:27 - 2013-07-01 15:27 - 08062384 _____ (Cheat Engine                                                ) C:\Users\Krystel\Downloads\CheatEngine63.exe
2013-06-29 23:56 - 2013-06-29 23:56 - 08204850 _____ C:\Users\Krystel\Downloads\TwoWorlds.rar
2013-06-29 21:57 - 2013-06-29 21:56 - 00238856 _____ C:\Users\Krystel\Downloads\Thousand Foot Krutch - Phenomenon - 01 Phenomenon.mp3.sfk
2013-06-29 20:53 - 2013-06-29 20:48 - 01100656 _____ C:\Users\Krystel\Downloads\Epic Music Mix 4 (With Vocals).mp3.sfk
2013-06-29 20:21 - 2013-06-29 20:19 - 00083296 _____ C:\Users\Krystel\Downloads\pulsestylez DUBSTEP MASSACRE #1 CSS Frag Clip.mp4.sfk
2013-06-29 20:18 - 2013-06-29 20:17 - 21569004 _____ C:\Users\Krystel\Downloads\pulsestylez DUBSTEP MASSACRE #1 CSS Frag Clip.mp4
2013-06-29 20:14 - 2013-03-11 18:31 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-29 20:14 - 2013-03-11 18:31 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-29 20:12 - 2013-06-29 20:12 - 00903080 _____ (Oracle Corporation) C:\Users\Krystel\Downloads\chromeinstall-7u25.exe
2013-06-28 19:24 - 2013-03-13 10:50 - 00000000 ____D C:\Users\Krystel\AppData\Local\Akamai
2013-06-26 22:51 - 2013-06-26 22:51 - 00000000 ____D C:\Program Files\VideoLAN
2013-06-26 22:50 - 2013-06-26 22:50 - 23229256 _____ C:\Users\Krystel\Downloads\vlc-2.0.7-win64.exe
2013-06-26 22:17 - 2013-06-26 22:17 - 00284648 _____ C:\Users\Krystel\Downloads\Joywave - Tongues (feat Kopps) (RAC Remix).mp3.sfk
2013-06-26 22:17 - 2013-06-26 22:17 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Sony Creative Software Inc
2013-06-26 22:15 - 2013-06-26 21:57 - 00341776 _____ C:\Users\Krystel\Downloads\Chori Chori Video.mp3.sfk
2013-06-25 15:15 - 2013-06-25 15:06 - 681092659 _____ C:\Users\Krystel\Downloads\project-flyff.rar
2013-06-24 14:53 - 2013-06-24 14:37 - 972769591 _____ C:\Users\Krystel\Downloads\LightningGraveV3.7z
2013-06-23 23:07 - 2013-02-03 17:34 - 00066488 _____ C:\Users\Krystel\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-23 23:06 - 2013-06-23 23:06 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\DivX
2013-06-23 22:59 - 2013-06-23 22:59 - 00957248 _____ (DivX, LLC) C:\Users\Krystel\Downloads\DivXInstaller.exe
2013-06-23 22:53 - 2013-06-23 22:53 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-06-23 22:52 - 2013-06-23 22:52 - 04730223 _____ (ffdshow                                                     ) C:\Users\Krystel\Downloads\ffdshow_rev4513_20130525_clsid (1).exe
2013-06-23 22:36 - 2013-06-23 22:36 - 01361419 _____ C:\Users\Krystel\Downloads\MatroskaSplitter.exe
2013-06-23 22:36 - 2013-06-23 22:36 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-06-23 22:36 - 2013-06-23 22:36 - 00000000 ____D C:\Program Files (x86)\Haali
2013-06-23 22:35 - 2013-06-23 22:35 - 04730223 _____ (ffdshow                                                     ) C:\Users\Krystel\Downloads\ffdshow_rev4513_20130525_clsid.exe
2013-06-23 22:34 - 2013-06-23 22:33 - 00000000 ____D C:\Users\Krystel\Desktop\idk
2013-06-23 22:34 - 2013-05-06 01:26 - 00000000 ____D C:\Users\Krystel\Desktop\LoLZeug
2013-06-23 22:33 - 2013-06-23 22:33 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2013-06-23 22:33 - 2013-06-23 22:33 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-06-23 22:33 - 2013-06-23 22:32 - 41754896 _____ C:\Users\Krystel\Downloads\RipBot264v1.17.4 (1).7z
2013-06-23 22:28 - 2013-06-23 22:25 - 221698044 _____ C:\Users\Krystel\Downloads\Cani.rar
2013-06-23 15:59 - 2013-06-23 15:59 - 00163288 _____ () C:\Users\Krystel\Downloads\BeautifulESvonSchriftartenFontsde_downloader_by_SchriftartenFontsde.exe
2013-06-23 15:59 - 2013-06-23 15:59 - 00043113 _____ C:\Users\Krystel\Downloads\beautiful_es.zip
2013-06-23 15:20 - 2013-06-23 15:20 - 00243280 _____ C:\Users\Krystel\Downloads\AchtVier - Du und wer noch  (16BARSTV PREMIERE).mp3.sfk
2013-06-22 23:38 - 2013-03-03 00:42 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Sony
2013-06-22 22:51 - 2013-06-22 22:51 - 01924052 _____ C:\Users\Krystel\Downloads\aaleems 1.5k CC Pack!!! (1).rar
2013-06-22 22:47 - 2013-06-22 22:47 - 01924052 _____ C:\Users\Krystel\Downloads\aaleems 1.5k CC Pack!!!.rar
2013-06-22 01:11 - 2013-06-11 17:59 - 00000000 ____D C:\Program Files (x86)\MacroGamer
2013-06-21 14:06 - 2013-07-11 21:16 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-06-21 14:06 - 2013-07-11 21:16 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02597856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-06-21 14:06 - 2013-07-01 18:18 - 00021578 _____ C:\Windows\system32\nvinfo.pb
2013-06-21 14:06 - 2013-02-03 18:24 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-06-21 14:06 - 2013-02-03 18:24 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-06-21 14:06 - 2009-01-26 11:37 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-06-21 14:06 - 2009-01-26 11:37 - 12427240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-21 14:06 - 2009-01-26 11:37 - 02936208 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-06-21 12:23 - 2013-02-03 18:26 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-06-21 12:23 - 2009-01-26 11:37 - 06496544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-06-21 12:23 - 2009-01-26 11:37 - 03514656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-06-21 12:23 - 2009-01-26 11:37 - 02555680 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-06-21 12:23 - 2009-01-26 11:37 - 00884512 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-06-21 12:23 - 2009-01-26 11:37 - 00237856 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-06-21 08:10 - 2013-05-06 18:53 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\CorelHomeOffice
2013-06-20 21:55 - 2013-06-20 21:54 - 00367480 _____ C:\Users\Krystel\Downloads\KIZ-Spast [Lyrics].mp3.sfk

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-20 15:58

==================== End Of Log ============================
         

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Zitat:

Zitat von schrauber

Noch Probleme?

Das LyricsPal Problem ist nicht mehr vorzufinden.
Das Problem mit den websearch.mocaflix Seiten ist leider immer noch vorhanden.

Nachdem ADW Scan waren sie auch für den ersten Moment nicht da, aber spätestens nach einem Neustart des Rechners, erscheinen sie leider wieder.



Dieses Problem hatte ich schon mal wie man hier ( http://www.trojaner-board.de/136177-...x-problem.html ) nachlesen kann.

Ich bin mir nicht sicher, ob ich mir das Zeug wieder neu eingefangen habe, oder ob das Problem früher noch gar nicht richtig entfernt worden ist.

Vilt. hilft dir das weiter.

In Chrome? Deinstalliere Chrome, behalte keine Daten, installier ihn neu.

Dann ein frisches FRST log. Noch Probleme?

Zitat:

Zitat von schrauber

In Chrome? Deinstalliere Chrome, behalte keine Daten, installier ihn neu.

Dann ein frisches FRST log. Noch Probleme?

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-07-2013
Ran by Krystel (administrator) on 21-07-2013 01:54:00
Running from C:\Users\Krystel\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Akamai Technologies, Inc.) C:\Users\Krystel\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Program Files (x86)\puush\puush.exe
(Spotify Ltd) C:\Users\Krystel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Akamai Technologies, Inc.) C:\Users\Krystel\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehRec.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKCU\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [2438656 2009-04-11] (Microsoft Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Krystel\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [152064 2008-07-03] (Microsoft Corporation)
HKCU\...\Run: [puush] - C:\Program Files (x86)\puush\puush.exe [567880 2013-07-14] ()
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Krystel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-06-21] (Spotify Ltd)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe [x]
MountPoints2: {8d8777ce-87f9-11e2-83fb-00242150365f} - L:\Install.exe
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [NPSStartup] -  [x]
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-11] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
ShortcutTarget: LOLRecorder.lnk -> C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default
FF Homepage: about:home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\{db2f991b-106f-477d-a712-c771073b6e79}
FF Extension: FoxyDeal - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D}
FF Extension: firebug - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: firefox - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\firefox@mega.co.nz.xpi
FF Extension: No Name - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (Docs) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Gmail) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
S2 libusbd; C:\Windows\SysWow64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4722728 2013-03-14] (INCA Internet Co., Ltd.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-27] (Avira Operations GmbH & Co. KG)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 libusb0; C:\Windows\SysWow64\drivers\libusb0.sys [33792 2005-03-09] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 libusb0; system32\drivers\libusb0.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S1 StarOpen; No ImagePath
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-21 01:53 - 2013-07-21 01:53 - 00002031 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-21 01:52 - 2013-07-21 01:52 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-21 01:52 - 2013-07-21 01:52 - 00003856 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-21 01:52 - 2013-07-21 01:52 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-21 01:52 - 2013-07-21 01:52 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-21 01:51 - 2013-07-21 01:51 - 00784888 _____ (Google Inc.) C:\Users\Krystel\Downloads\ChromeSetup.exe
2013-07-20 17:54 - 2013-07-20 17:54 - 00000177 _____ C:\zoek-results20.07.2013-1754.log
2013-07-20 15:56 - 2013-07-20 15:56 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-20 04:57 - 2013-07-20 04:57 - 00013027 _____ C:\Users\Krystel\Downloads\untargetable2.1.txt
2013-07-19 21:46 - 2013-07-19 21:46 - 00002107 _____ C:\AdwCleaner[S5].txt
2013-07-19 21:45 - 2013-07-19 21:45 - 00002033 _____ C:\AdwCleaner[R5].txt
2013-07-19 19:55 - 2013-07-19 19:55 - 01778207 _____ (Farbar) C:\Users\Krystel\Desktop\FRST64.exe
2013-07-19 19:55 - 2013-07-19 19:55 - 00000000 ____D C:\FRST
2013-07-19 19:38 - 2013-07-19 19:38 - 00000072 _____ C:\Users\Krystel\Desktop\Wichtig Motor lackieren Anleitung.txt
2013-07-19 18:51 - 2013-07-19 18:51 - 00000000 _____ C:\Users\Krystel\defogger_reenable
2013-07-19 18:50 - 2013-07-21 01:53 - 00000000 ____D C:\Users\Krystel\Desktop\board
2013-07-19 17:35 - 2013-07-19 17:35 - 00001797 _____ C:\Users\Krystel\Desktop\old.txt
2013-07-19 14:45 - 2013-07-19 14:45 - 00001989 _____ C:\AdwCleaner[S4].txt
2013-07-19 14:44 - 2013-07-19 14:44 - 00001915 _____ C:\AdwCleaner[R4].txt
2013-07-15 22:27 - 2013-07-15 22:28 - 00002424 _____ C:\AdwCleaner[S3].txt
2013-07-15 22:26 - 2013-07-15 22:26 - 00002249 _____ C:\AdwCleaner[R3].txt
2013-07-15 20:57 - 2013-07-15 20:57 - 00000000 ____D C:\Users\Krystel\AppData\Local\NVIDIA
2013-07-15 13:06 - 2013-07-21 01:47 - 00001864 _____ C:\Windows\PFRO.log
2013-07-14 15:28 - 2013-07-14 15:28 - 00000776 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-07-14 15:27 - 2013-07-14 15:27 - 04396440 _____ (Piriform Ltd) C:\Users\Krystel\Downloads\ccsetup403.exe
2013-07-14 05:57 - 2013-07-14 05:57 - 00000000 ____D C:\Users\Krystel\AppData\Local\master131
2013-07-14 05:55 - 2013-07-14 05:55 - 00417036 _____ C:\Users\Krystel\Downloads\hook.rar
2013-07-14 05:40 - 2013-07-14 05:40 - 00000000 ____D C:\Users\Krystel\AppData\Local\TrinityEntertainmentNetwo
2013-07-14 05:39 - 2013-07-14 05:39 - 00572128 _____ C:\Users\Krystel\Downloads\BlackDragonInjector.rar
2013-07-14 05:20 - 2013-07-14 05:20 - 00374495 _____ C:\Users\Krystel\Downloads\FlyFF Infiltration Hack.zip
2013-07-14 04:59 - 2013-07-14 04:59 - 02231481 _____ C:\Users\Krystel\Downloads\Twixtor for Vegas Pro 12.zip
2013-07-14 00:27 - 2013-07-14 00:31 - 00109904 _____ C:\Users\Krystel\Downloads\Afi-Prelude(Lyrics).mp3.sfk
2013-07-13 14:06 - 2013-07-13 14:07 - 00006790 _____ C:\AdwCleaner[S2].txt
2013-07-13 14:06 - 2013-07-13 14:06 - 00006753 _____ C:\AdwCleaner[R2].txt
2013-07-13 01:35 - 2013-07-13 01:35 - 00617312 _____ (www.download-sponsor.de) C:\Users\Krystel\Downloads\296.10__desktop_win7_winvista_64bit_universal_whql.exe
2013-07-12 13:43 - 2013-05-29 08:15 - 17829376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-12 13:43 - 2013-05-29 07:50 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-12 13:43 - 2013-05-29 07:43 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-12 13:43 - 2013-05-29 07:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-12 13:43 - 2013-05-29 07:35 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-12 13:43 - 2013-05-29 07:34 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-12 13:43 - 2013-05-29 07:33 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-12 13:43 - 2013-05-29 07:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-12 13:43 - 2013-05-29 07:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-12 13:43 - 2013-05-29 07:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-12 13:43 - 2013-05-29 07:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-12 13:43 - 2013-05-29 07:27 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-12 13:43 - 2013-05-29 07:27 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-12 13:43 - 2013-05-29 07:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-12 13:43 - 2013-05-29 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-12 13:43 - 2013-05-29 07:18 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-12 13:43 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-12 13:43 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-12 13:43 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-12 13:43 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-12 13:43 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-12 13:43 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-12 13:43 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-12 13:43 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-12 13:43 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-12 13:43 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-12 13:43 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-12 13:43 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-12 13:43 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-12 13:43 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-12 13:43 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-12 13:43 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-11 21:20 - 2013-07-11 21:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-11 21:16 - 2013-06-21 14:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-07-11 21:16 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02597856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-07-11 21:03 - 2013-07-11 21:10 - 229594432 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\320.49-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-07-11 18:12 - 2013-06-01 06:19 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 18:12 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 18:11 - 2013-06-04 04:03 - 02775040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 18:11 - 2013-05-08 06:18 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 18:11 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 18:11 - 2013-04-17 14:32 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-11 18:11 - 2013-04-17 14:32 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-11 18:11 - 2013-04-17 14:32 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-11 18:11 - 2013-04-17 14:32 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-11 18:11 - 2013-04-17 13:29 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-11 18:11 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-11 18:11 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-11 18:11 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-11 18:11 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-11 18:11 - 2013-04-17 13:27 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-11 18:11 - 2013-04-17 13:02 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-11 18:11 - 2013-04-17 12:58 - 01556480 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 18:11 - 2013-04-17 12:58 - 01149440 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-11 18:11 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-11 18:11 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-11 18:11 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-11 18:11 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 18:06 - 2013-07-07 05:43 - 00038505 _____ C:\zoek-results07.07.2013-0543.log
2013-07-10 17:44 - 2013-07-10 17:44 - 00002294 _____ C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-07-10 17:26 - 2013-07-10 17:26 - 00000930 _____ C:\Users\Krystel\Desktop\Cheat Engine.lnk
2013-07-10 17:26 - 2013-07-10 17:26 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.2
2013-07-10 17:25 - 2013-07-10 17:25 - 07280088 _____ (Dark Byte                                                   ) C:\Users\Krystel\Downloads\CheatEngine62 (1).exe
2013-07-09 22:53 - 2013-07-09 23:00 - 00279464 _____ C:\Users\Krystel\Downloads\Margaret - Thank You Very Much.mp3.sfk
2013-07-09 18:42 - 2013-07-09 18:43 - 993908742 _____ C:\Users\Krystel\Downloads\Royal Revenge.rar
2013-07-09 16:57 - 2013-07-09 16:57 - 46185304 _____ C:\Users\Krystel\Downloads\Sexurlaub-EP_Klaus-Bukkake_MC-Baum_MekkroMye_www.meinrap.de-2.zip
2013-07-07 05:59 - 2013-07-21 01:48 - 00000378 _____ C:\Windows\Tasks\Lyrics-Pal Update.job
2013-07-07 05:59 - 2013-07-07 05:59 - 00003030 _____ C:\Windows\System32\Tasks\Lyrics-Pal Update
2013-07-07 05:59 - 2013-07-07 05:59 - 00000000 ____D C:\Program Files (x86)\FoxyDeal
2013-07-07 05:58 - 2013-07-07 05:58 - 00158168 _____ () C:\Users\Krystel\Downloads\CheatEngine62.exe
2013-07-07 05:47 - 2013-03-14 02:00 - 04722728 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des
2013-07-07 05:47 - 2005-01-02 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys
2013-07-07 05:47 - 2003-07-18 23:17 - 00005174 _____ C:\Windows\SysWOW64\nppt9x.vxd
2013-07-07 05:46 - 2013-07-07 05:46 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2013-07-07 05:41 - 2013-07-07 05:41 - 00001513 _____ C:\Users\Public\Desktop\Flyff.lnk
2013-07-07 05:41 - 2013-07-07 05:41 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\PiccShare
2013-07-07 05:41 - 2013-07-07 05:41 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Common
2013-07-07 05:36 - 2013-07-07 05:36 - 00000000 ____D C:\Program Files\gPotato.eu
2013-07-07 05:20 - 2013-07-07 05:19 - 00000396 _____ C:\zoek-results07.07.2013-0519.log
2013-07-07 05:19 - 2013-07-20 17:54 - 00001234 _____ C:\zoek-results.log
2013-07-07 05:14 - 2013-07-07 05:14 - 00695128 _____ C:\Users\Krystel\Downloads\Flyff_DE.exe
2013-07-07 05:13 - 2013-07-07 05:13 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-07 05:13 - 2013-07-07 05:13 - 00000000 _____ C:\autoexec.bat
2013-07-07 05:12 - 2013-07-07 05:18 - 00000000 ____D C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-07 05:10 - 2013-07-07 05:10 - 00726464 _____ (Enigma Software Group USA, LLC.) C:\Users\Krystel\Downloads\SpyHunter-Installer.exe
2013-07-07 00:14 - 2013-07-17 01:48 - 00000000 ____D C:\Users\Krystel\Desktop\alex
2013-07-06 20:34 - 2013-07-06 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-06 17:56 - 2013-07-06 17:56 - 00210432 _____ C:\Users\Krystel\Downloads\F-Tool (1).exe
2013-07-06 17:55 - 2013-07-06 18:14 - 57125395 _____ C:\Users\Krystel\Downloads\persteasy_-_roughnecks_aufgepasst_ep.zip
2013-07-04 18:33 - 2013-07-04 18:33 - 01390098 _____ C:\Users\Krystel\Downloads\FTool Extended.zip
2013-07-04 18:32 - 2013-07-04 18:32 - 00593659 _____ C:\Users\Krystel\Downloads\Renewal-MSX (2).rar
2013-07-04 18:30 - 2013-07-04 18:30 - 00574243 _____ C:\Users\Krystel\Downloads\Renewal-MSX (1).rar
2013-07-04 18:29 - 2013-07-04 18:29 - 00574243 _____ C:\Users\Krystel\Downloads\Renewal-MSX.rar
2013-07-04 16:26 - 2013-07-04 16:26 - 01424839 _____ C:\Users\Krystel\Downloads\FTool Extended.rar
2013-07-04 16:20 - 2013-07-04 16:21 - 00210432 _____ C:\Users\Krystel\Downloads\F-Tool.exe
2013-07-04 00:10 - 2013-07-04 00:10 - 00017586 _____ C:\Users\Krystel\Downloads\Flyff-Bot 2.0.rar
2013-07-03 23:48 - 2013-07-03 23:48 - 00993561 _____ C:\Users\Krystel\Downloads\FlyFF Bot By Incaner.rar
2013-07-03 23:32 - 2013-07-03 23:47 - 00000377 _____ C:\Users\Krystel\SciTE.session
2013-07-03 23:26 - 2013-07-03 23:26 - 07377952 _____ (AutoIt Team) C:\Users\Krystel\Downloads\autoit-v3-setup.exe
2013-07-03 23:26 - 2013-07-03 23:26 - 00000000 ____D C:\Program Files (x86)\AutoIt3
2013-07-03 23:14 - 2013-07-03 23:14 - 00707662 _____ C:\Users\Krystel\Downloads\FlyffBotXenox3.rar
2013-07-02 23:26 - 2013-07-02 23:26 - 00413462 _____ C:\Users\Krystel\Downloads\PublicFlyffBot.rar
2013-07-02 13:38 - 2013-07-02 13:39 - 00002455 _____ C:\AdwCleaner[S1].txt
2013-07-02 13:38 - 2013-07-02 13:38 - 00002531 _____ C:\AdwCleaner[R1].txt
2013-07-01 18:18 - 2013-06-21 14:06 - 00021578 _____ C:\Windows\system32\nvinfo.pb
2013-07-01 18:18 - 2013-02-10 05:25 - 01807136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6420294.dll
2013-07-01 18:18 - 2013-02-10 05:25 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6420162.dll
2013-07-01 18:13 - 2013-07-01 18:15 - 178075832 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\314.07-desktop-win8-win7-winvista-64bit-english-whql.exe
2013-07-01 18:05 - 2013-07-01 18:05 - 00000000 ____D C:\NVIDIA
2013-07-01 18:02 - 2013-07-01 18:04 - 179164720 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\320.49-desktop-win8-win7-winvista-32bit-international-whql.exe
2013-07-01 15:27 - 2013-07-07 05:59 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-07-01 15:27 - 2013-07-01 15:27 - 08062384 _____ (Cheat Engine                                                ) C:\Users\Krystel\Downloads\CheatEngine63.exe
2013-06-29 23:56 - 2013-06-29 23:56 - 08204850 _____ C:\Users\Krystel\Downloads\TwoWorlds.rar
2013-06-29 21:56 - 2013-06-29 21:57 - 00238856 _____ C:\Users\Krystel\Downloads\Thousand Foot Krutch - Phenomenon - 01 Phenomenon.mp3.sfk
2013-06-29 20:48 - 2013-06-29 20:53 - 01100656 _____ C:\Users\Krystel\Downloads\Epic Music Mix 4 (With Vocals).mp3.sfk
2013-06-29 20:19 - 2013-06-29 20:21 - 00083296 _____ C:\Users\Krystel\Downloads\pulsestylez DUBSTEP MASSACRE #1 CSS Frag Clip.mp4.sfk
2013-06-29 20:17 - 2013-06-29 20:18 - 21569004 _____ C:\Users\Krystel\Downloads\pulsestylez DUBSTEP MASSACRE #1 CSS Frag Clip.mp4
2013-06-29 20:12 - 2013-06-29 20:12 - 00903080 _____ (Oracle Corporation) C:\Users\Krystel\Downloads\chromeinstall-7u25.exe
2013-06-26 22:53 - 2013-07-14 01:36 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\vlc
2013-06-26 22:51 - 2013-06-26 22:51 - 00000000 ____D C:\Program Files\VideoLAN
2013-06-26 22:50 - 2013-06-26 22:50 - 23229256 _____ C:\Users\Krystel\Downloads\vlc-2.0.7-win64.exe
2013-06-26 22:17 - 2013-06-26 22:17 - 00284648 _____ C:\Users\Krystel\Downloads\Joywave - Tongues (feat Kopps) (RAC Remix).mp3.sfk
2013-06-26 22:17 - 2013-06-26 22:17 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Sony Creative Software Inc
2013-06-26 21:57 - 2013-06-26 22:15 - 00341776 _____ C:\Users\Krystel\Downloads\Chori Chori Video.mp3.sfk
2013-06-25 15:06 - 2013-06-25 15:15 - 681092659 _____ C:\Users\Krystel\Downloads\project-flyff.rar
2013-06-24 14:37 - 2013-06-24 14:53 - 972769591 _____ C:\Users\Krystel\Downloads\LightningGraveV3.7z
2013-06-23 23:06 - 2013-06-23 23:06 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\DivX
2013-06-23 23:01 - 2013-07-14 15:34 - 00000000 ____D C:\Program Files\DivX
2013-06-23 22:59 - 2013-07-14 15:34 - 00000000 ____D C:\ProgramData\DivX
2013-06-23 22:59 - 2013-06-23 22:59 - 00957248 _____ (DivX, LLC) C:\Users\Krystel\Downloads\DivXInstaller.exe
2013-06-23 22:53 - 2013-06-23 22:53 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-06-23 22:53 - 2013-05-27 15:07 - 00112640 _____ C:\Windows\SysWOW64\ff_vfw.dll
2013-06-23 22:52 - 2013-06-23 22:52 - 04730223 _____ (ffdshow                                                     ) C:\Users\Krystel\Downloads\ffdshow_rev4513_20130525_clsid (1).exe
2013-06-23 22:36 - 2013-06-23 22:36 - 01361419 _____ C:\Users\Krystel\Downloads\MatroskaSplitter.exe
2013-06-23 22:36 - 2013-06-23 22:36 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-06-23 22:36 - 2013-06-23 22:36 - 00000000 ____D C:\Program Files (x86)\Haali
2013-06-23 22:35 - 2013-06-23 22:35 - 04730223 _____ (ffdshow                                                     ) C:\Users\Krystel\Downloads\ffdshow_rev4513_20130525_clsid.exe
2013-06-23 22:33 - 2013-06-23 22:34 - 00000000 ____D C:\Users\Krystel\Desktop\idk
2013-06-23 22:33 - 2013-06-23 22:33 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2013-06-23 22:33 - 2013-06-23 22:33 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-06-23 22:32 - 2013-06-23 22:33 - 41754896 _____ C:\Users\Krystel\Downloads\RipBot264v1.17.4 (1).7z
2013-06-23 22:25 - 2013-06-23 22:28 - 221698044 _____ C:\Users\Krystel\Downloads\Cani.rar
2013-06-23 15:59 - 2013-06-23 15:59 - 00163288 _____ () C:\Users\Krystel\Downloads\BeautifulESvonSchriftartenFontsde_downloader_by_SchriftartenFontsde.exe
2013-06-23 15:59 - 2013-06-23 15:59 - 00043113 _____ C:\Users\Krystel\Downloads\beautiful_es.zip
2013-06-23 15:20 - 2013-06-23 15:20 - 00243280 _____ C:\Users\Krystel\Downloads\AchtVier - Du und wer noch  (16BARSTV PREMIERE).mp3.sfk
2013-06-22 22:51 - 2013-06-22 22:51 - 01924052 _____ C:\Users\Krystel\Downloads\aaleems 1.5k CC Pack!!! (1).rar
2013-06-22 22:47 - 2013-06-22 22:47 - 01924052 _____ C:\Users\Krystel\Downloads\aaleems 1.5k CC Pack!!!.rar

==================== One Month Modified Files and Folders =======

2013-07-21 01:53 - 2013-07-21 01:53 - 00002031 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-21 01:53 - 2013-07-19 18:50 - 00000000 ____D C:\Users\Krystel\Desktop\board
2013-07-21 01:53 - 2013-02-03 17:34 - 00000000 ____D C:\Users\Krystel\AppData\Local\Google
2013-07-21 01:52 - 2013-07-21 01:52 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-21 01:52 - 2013-07-21 01:52 - 00003856 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-21 01:52 - 2013-07-21 01:52 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-21 01:52 - 2013-07-21 01:52 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-21 01:52 - 2013-02-03 17:31 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-21 01:52 - 2013-02-03 17:27 - 02030145 _____ C:\Windows\WindowsUpdate.log
2013-07-21 01:51 - 2013-07-21 01:51 - 00784888 _____ (Google Inc.) C:\Users\Krystel\Downloads\ChromeSetup.exe
2013-07-21 01:48 - 2013-07-07 05:59 - 00000378 _____ C:\Windows\Tasks\Lyrics-Pal Update.job
2013-07-21 01:48 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-21 01:48 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-21 01:48 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-21 01:48 - 2006-11-02 17:07 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-07-21 01:47 - 2013-07-15 13:06 - 00001864 _____ C:\Windows\PFRO.log
2013-07-20 22:51 - 2006-11-02 17:42 - 00032534 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-20 21:57 - 2013-03-13 10:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-20 20:45 - 2013-02-04 14:38 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\TS3Client
2013-07-20 17:54 - 2013-07-20 17:54 - 00000177 _____ C:\zoek-results20.07.2013-1754.log
2013-07-20 17:54 - 2013-07-07 05:19 - 00001234 _____ C:\zoek-results.log
2013-07-20 15:56 - 2013-07-20 15:56 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-20 05:25 - 2013-05-13 16:24 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\BoL
2013-07-20 04:57 - 2013-07-20 04:57 - 00013027 _____ C:\Users\Krystel\Downloads\untargetable2.1.txt
2013-07-20 03:32 - 2013-05-07 19:18 - 00003706 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0F134943-7C99-49C6-907B-5B3836641A3D}
2013-07-19 21:46 - 2013-07-19 21:46 - 00002107 _____ C:\AdwCleaner[S5].txt
2013-07-19 21:46 - 2013-06-05 09:12 - 00001648 _____ C:\Windows\DeleteOnReboot.bat
2013-07-19 21:45 - 2013-07-19 21:45 - 00002033 _____ C:\AdwCleaner[R5].txt
2013-07-19 20:58 - 2013-02-14 07:02 - 00000000 ____D C:\Program Files (x86)\Steam
2013-07-19 19:55 - 2013-07-19 19:55 - 01778207 _____ (Farbar) C:\Users\Krystel\Desktop\FRST64.exe
2013-07-19 19:55 - 2013-07-19 19:55 - 00000000 ____D C:\FRST
2013-07-19 19:38 - 2013-07-19 19:38 - 00000072 _____ C:\Users\Krystel\Desktop\Wichtig Motor lackieren Anleitung.txt
2013-07-19 18:51 - 2013-07-19 18:51 - 00000000 _____ C:\Users\Krystel\defogger_reenable
2013-07-19 18:51 - 2013-02-03 17:32 - 00000000 ____D C:\Users\Krystel
2013-07-19 17:35 - 2013-07-19 17:35 - 00001797 _____ C:\Users\Krystel\Desktop\old.txt
2013-07-19 14:45 - 2013-07-19 14:45 - 00001989 _____ C:\AdwCleaner[S4].txt
2013-07-19 14:44 - 2013-07-19 14:44 - 00001915 _____ C:\AdwCleaner[R4].txt
2013-07-17 01:48 - 2013-07-07 00:14 - 00000000 ____D C:\Users\Krystel\Desktop\alex
2013-07-17 01:47 - 2013-03-03 18:46 - 00000000 ____D C:\Users\Krystel\Desktop\qmacro
2013-07-17 01:46 - 2013-02-03 18:27 - 00056320 _____ C:\Users\Krystel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-15 22:28 - 2013-07-15 22:27 - 00002424 _____ C:\AdwCleaner[S3].txt
2013-07-15 22:26 - 2013-07-15 22:26 - 00002249 _____ C:\AdwCleaner[R3].txt
2013-07-15 20:57 - 2013-07-15 20:57 - 00000000 ____D C:\Users\Krystel\AppData\Local\NVIDIA
2013-07-15 20:57 - 2013-02-03 18:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-07-15 13:11 - 2013-03-13 10:31 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-15 13:11 - 2013-03-13 10:31 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-15 13:11 - 2013-03-13 10:31 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-15 13:11 - 2013-02-14 06:55 - 00000000 ____D C:\Users\Krystel\AppData\Local\Adobe
2013-07-14 20:45 - 2013-06-15 21:26 - 00000000 ____D C:\Program Files (x86)\puush
2013-07-14 15:36 - 2013-02-04 10:17 - 00000000 ____D C:\Windows\Minidump
2013-07-14 15:34 - 2013-06-23 23:01 - 00000000 ____D C:\Program Files\DivX
2013-07-14 15:34 - 2013-06-23 22:59 - 00000000 ____D C:\ProgramData\DivX
2013-07-14 15:31 - 2013-06-11 16:50 - 00000000 ____D C:\Program Files (x86)\«öÁäºëÆF
2013-07-14 15:31 - 2013-02-20 09:07 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-07-14 15:31 - 2013-02-03 19:25 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-14 15:30 - 2013-02-24 17:15 - 00000000 ____D C:\Program Files (x86)\UltraISO
2013-07-14 15:30 - 2013-02-03 17:31 - 00000000 ____D C:\Program Files (x86)\Fujitsu Siemens Computers
2013-07-14 15:28 - 2013-07-14 15:28 - 00000776 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-07-14 15:28 - 2013-06-05 21:40 - 00000000 ____D C:\Program Files\CCleaner
2013-07-14 15:27 - 2013-07-14 15:27 - 04396440 _____ (Piriform Ltd) C:\Users\Krystel\Downloads\ccsetup403.exe
2013-07-14 05:57 - 2013-07-14 05:57 - 00000000 ____D C:\Users\Krystel\AppData\Local\master131
2013-07-14 05:55 - 2013-07-14 05:55 - 00417036 _____ C:\Users\Krystel\Downloads\hook.rar
2013-07-14 05:40 - 2013-07-14 05:40 - 00000000 ____D C:\Users\Krystel\AppData\Local\TrinityEntertainmentNetwo
2013-07-14 05:39 - 2013-07-14 05:39 - 00572128 _____ C:\Users\Krystel\Downloads\BlackDragonInjector.rar
2013-07-14 05:37 - 2013-06-10 21:13 - 00000000 ____D C:\Users\Krystel\Desktop\FlyFF
2013-07-14 05:20 - 2013-07-14 05:20 - 00374495 _____ C:\Users\Krystel\Downloads\FlyFF Infiltration Hack.zip
2013-07-14 05:20 - 2013-02-03 17:49 - 00000000 ____D C:\Users\Krystel\Desktop\Trash
2013-07-14 04:59 - 2013-07-14 04:59 - 02231481 _____ C:\Users\Krystel\Downloads\Twixtor for Vegas Pro 12.zip
2013-07-14 01:36 - 2013-06-26 22:53 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\vlc
2013-07-14 00:31 - 2013-07-14 00:27 - 00109904 _____ C:\Users\Krystel\Downloads\Afi-Prelude(Lyrics).mp3.sfk
2013-07-13 14:07 - 2013-07-13 14:06 - 00006790 _____ C:\AdwCleaner[S2].txt
2013-07-13 14:06 - 2013-07-13 14:06 - 00006753 _____ C:\AdwCleaner[R2].txt
2013-07-13 01:35 - 2013-07-13 01:35 - 00617312 _____ (www.download-sponsor.de) C:\Users\Krystel\Downloads\296.10__desktop_win7_winvista_64bit_universal_whql.exe
2013-07-12 14:00 - 2006-11-02 17:21 - 00282952 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 13:58 - 2006-11-02 17:07 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-07-12 13:58 - 2006-11-02 17:07 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-12 13:54 - 2006-11-02 14:35 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-07-11 23:45 - 2013-02-11 00:45 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Spotify
2013-07-11 23:43 - 2013-02-11 00:45 - 00000000 ____D C:\Users\Krystel\AppData\Local\Spotify
2013-07-11 21:43 - 2008-01-21 13:10 - 00006972 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-11 21:43 - 2008-01-21 13:09 - 02640946 _____ C:\Windows\system32\perfh007.dat
2013-07-11 21:43 - 2008-01-21 13:09 - 00778750 _____ C:\Windows\system32\perfc007.dat
2013-07-11 21:21 - 2013-02-03 18:27 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-11 21:20 - 2013-07-11 21:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-11 21:20 - 2009-01-26 12:49 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-11 21:10 - 2013-07-11 21:03 - 229594432 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\320.49-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-07-10 17:44 - 2013-07-10 17:44 - 00002294 _____ C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-07-10 17:26 - 2013-07-10 17:26 - 00000930 _____ C:\Users\Krystel\Desktop\Cheat Engine.lnk
2013-07-10 17:26 - 2013-07-10 17:26 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.2
2013-07-10 17:25 - 2013-07-10 17:25 - 07280088 _____ (Dark Byte                                                   ) C:\Users\Krystel\Downloads\CheatEngine62 (1).exe
2013-07-09 23:00 - 2013-07-09 22:53 - 00279464 _____ C:\Users\Krystel\Downloads\Margaret - Thank You Very Much.mp3.sfk
2013-07-09 18:43 - 2013-07-09 18:42 - 993908742 _____ C:\Users\Krystel\Downloads\Royal Revenge.rar
2013-07-09 16:57 - 2013-07-09 16:57 - 46185304 _____ C:\Users\Krystel\Downloads\Sexurlaub-EP_Klaus-Bukkake_MC-Baum_MekkroMye_www.meinrap.de-2.zip
2013-07-07 23:26 - 2013-02-03 17:33 - 00000000 ____D C:\Users\Krystel\AppData\Local\VirtualStore
2013-07-07 05:59 - 2013-07-07 05:59 - 00003030 _____ C:\Windows\System32\Tasks\Lyrics-Pal Update
2013-07-07 05:59 - 2013-07-07 05:59 - 00000000 ____D C:\Program Files (x86)\FoxyDeal
2013-07-07 05:59 - 2013-07-01 15:27 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-07-07 05:58 - 2013-07-07 05:58 - 00158168 _____ () C:\Users\Krystel\Downloads\CheatEngine62.exe
2013-07-07 05:46 - 2013-07-07 05:46 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2013-07-07 05:43 - 2013-07-11 18:06 - 00038505 _____ C:\zoek-results07.07.2013-0543.log
2013-07-07 05:43 - 2013-02-03 17:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-07 05:41 - 2013-07-07 05:41 - 00001513 _____ C:\Users\Public\Desktop\Flyff.lnk
2013-07-07 05:41 - 2013-07-07 05:41 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\PiccShare
2013-07-07 05:41 - 2013-07-07 05:41 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Common
2013-07-07 05:36 - 2013-07-07 05:36 - 00000000 ____D C:\Program Files\gPotato.eu
2013-07-07 05:19 - 2013-07-07 05:20 - 00000396 _____ C:\zoek-results07.07.2013-0519.log
2013-07-07 05:18 - 2013-07-07 05:12 - 00000000 ____D C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-07 05:14 - 2013-07-07 05:14 - 00695128 _____ C:\Users\Krystel\Downloads\Flyff_DE.exe
2013-07-07 05:13 - 2013-07-07 05:13 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-07 05:13 - 2013-07-07 05:13 - 00000000 _____ C:\autoexec.bat
2013-07-07 05:10 - 2013-07-07 05:10 - 00726464 _____ (Enigma Software Group USA, LLC.) C:\Users\Krystel\Downloads\SpyHunter-Installer.exe
2013-07-06 20:34 - 2013-07-06 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-06 18:14 - 2013-07-06 17:55 - 57125395 _____ C:\Users\Krystel\Downloads\persteasy_-_roughnecks_aufgepasst_ep.zip
2013-07-06 17:56 - 2013-07-06 17:56 - 00210432 _____ C:\Users\Krystel\Downloads\F-Tool (1).exe
2013-07-04 18:33 - 2013-07-04 18:33 - 01390098 _____ C:\Users\Krystel\Downloads\FTool Extended.zip
2013-07-04 18:32 - 2013-07-04 18:32 - 00593659 _____ C:\Users\Krystel\Downloads\Renewal-MSX (2).rar
2013-07-04 18:30 - 2013-07-04 18:30 - 00574243 _____ C:\Users\Krystel\Downloads\Renewal-MSX (1).rar
2013-07-04 18:29 - 2013-07-04 18:29 - 00574243 _____ C:\Users\Krystel\Downloads\Renewal-MSX.rar
2013-07-04 16:26 - 2013-07-04 16:26 - 01424839 _____ C:\Users\Krystel\Downloads\FTool Extended.rar
2013-07-04 16:21 - 2013-07-04 16:20 - 00210432 _____ C:\Users\Krystel\Downloads\F-Tool.exe
2013-07-04 00:10 - 2013-07-04 00:10 - 00017586 _____ C:\Users\Krystel\Downloads\Flyff-Bot 2.0.rar
2013-07-03 23:48 - 2013-07-03 23:48 - 00993561 _____ C:\Users\Krystel\Downloads\FlyFF Bot By Incaner.rar
2013-07-03 23:47 - 2013-07-03 23:32 - 00000377 _____ C:\Users\Krystel\SciTE.session
2013-07-03 23:26 - 2013-07-03 23:26 - 07377952 _____ (AutoIt Team) C:\Users\Krystel\Downloads\autoit-v3-setup.exe
2013-07-03 23:26 - 2013-07-03 23:26 - 00000000 ____D C:\Program Files (x86)\AutoIt3
2013-07-03 23:26 - 2006-11-02 17:07 - 00000000 ____D C:\Windows\ShellNew
2013-07-03 23:14 - 2013-07-03 23:14 - 00707662 _____ C:\Users\Krystel\Downloads\FlyffBotXenox3.rar
2013-07-02 23:26 - 2013-07-02 23:26 - 00413462 _____ C:\Users\Krystel\Downloads\PublicFlyffBot.rar
2013-07-02 13:39 - 2013-07-02 13:38 - 00002455 _____ C:\AdwCleaner[S1].txt
2013-07-02 13:38 - 2013-07-02 13:38 - 00002531 _____ C:\AdwCleaner[R1].txt
2013-07-01 18:15 - 2013-07-01 18:13 - 178075832 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\314.07-desktop-win8-win7-winvista-64bit-english-whql.exe
2013-07-01 18:05 - 2013-07-01 18:05 - 00000000 ____D C:\NVIDIA
2013-07-01 18:04 - 2013-07-01 18:02 - 179164720 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\320.49-desktop-win8-win7-winvista-32bit-international-whql.exe
2013-07-01 15:27 - 2013-07-01 15:27 - 08062384 _____ (Cheat Engine                                                ) C:\Users\Krystel\Downloads\CheatEngine63.exe
2013-06-29 23:56 - 2013-06-29 23:56 - 08204850 _____ C:\Users\Krystel\Downloads\TwoWorlds.rar
2013-06-29 21:57 - 2013-06-29 21:56 - 00238856 _____ C:\Users\Krystel\Downloads\Thousand Foot Krutch - Phenomenon - 01 Phenomenon.mp3.sfk
2013-06-29 20:53 - 2013-06-29 20:48 - 01100656 _____ C:\Users\Krystel\Downloads\Epic Music Mix 4 (With Vocals).mp3.sfk
2013-06-29 20:21 - 2013-06-29 20:19 - 00083296 _____ C:\Users\Krystel\Downloads\pulsestylez DUBSTEP MASSACRE #1 CSS Frag Clip.mp4.sfk
2013-06-29 20:18 - 2013-06-29 20:17 - 21569004 _____ C:\Users\Krystel\Downloads\pulsestylez DUBSTEP MASSACRE #1 CSS Frag Clip.mp4
2013-06-29 20:14 - 2013-03-11 18:31 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-29 20:14 - 2013-03-11 18:31 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-29 20:12 - 2013-06-29 20:12 - 00903080 _____ (Oracle Corporation) C:\Users\Krystel\Downloads\chromeinstall-7u25.exe
2013-06-28 19:24 - 2013-03-13 10:50 - 00000000 ____D C:\Users\Krystel\AppData\Local\Akamai
2013-06-26 22:51 - 2013-06-26 22:51 - 00000000 ____D C:\Program Files\VideoLAN
2013-06-26 22:50 - 2013-06-26 22:50 - 23229256 _____ C:\Users\Krystel\Downloads\vlc-2.0.7-win64.exe
2013-06-26 22:17 - 2013-06-26 22:17 - 00284648 _____ C:\Users\Krystel\Downloads\Joywave - Tongues (feat Kopps) (RAC Remix).mp3.sfk
2013-06-26 22:17 - 2013-06-26 22:17 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Sony Creative Software Inc
2013-06-26 22:15 - 2013-06-26 21:57 - 00341776 _____ C:\Users\Krystel\Downloads\Chori Chori Video.mp3.sfk
2013-06-25 15:15 - 2013-06-25 15:06 - 681092659 _____ C:\Users\Krystel\Downloads\project-flyff.rar
2013-06-24 14:53 - 2013-06-24 14:37 - 972769591 _____ C:\Users\Krystel\Downloads\LightningGraveV3.7z
2013-06-23 23:07 - 2013-02-03 17:34 - 00066488 _____ C:\Users\Krystel\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-23 23:06 - 2013-06-23 23:06 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\DivX
2013-06-23 22:59 - 2013-06-23 22:59 - 00957248 _____ (DivX, LLC) C:\Users\Krystel\Downloads\DivXInstaller.exe
2013-06-23 22:53 - 2013-06-23 22:53 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-06-23 22:52 - 2013-06-23 22:52 - 04730223 _____ (ffdshow                                                     ) C:\Users\Krystel\Downloads\ffdshow_rev4513_20130525_clsid (1).exe
2013-06-23 22:36 - 2013-06-23 22:36 - 01361419 _____ C:\Users\Krystel\Downloads\MatroskaSplitter.exe
2013-06-23 22:36 - 2013-06-23 22:36 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-06-23 22:36 - 2013-06-23 22:36 - 00000000 ____D C:\Program Files (x86)\Haali
2013-06-23 22:35 - 2013-06-23 22:35 - 04730223 _____ (ffdshow                                                     ) C:\Users\Krystel\Downloads\ffdshow_rev4513_20130525_clsid.exe
2013-06-23 22:34 - 2013-06-23 22:33 - 00000000 ____D C:\Users\Krystel\Desktop\idk
2013-06-23 22:34 - 2013-05-06 01:26 - 00000000 ____D C:\Users\Krystel\Desktop\LoLZeug
2013-06-23 22:33 - 2013-06-23 22:33 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2013-06-23 22:33 - 2013-06-23 22:33 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-06-23 22:33 - 2013-06-23 22:32 - 41754896 _____ C:\Users\Krystel\Downloads\RipBot264v1.17.4 (1).7z
2013-06-23 22:28 - 2013-06-23 22:25 - 221698044 _____ C:\Users\Krystel\Downloads\Cani.rar
2013-06-23 15:59 - 2013-06-23 15:59 - 00163288 _____ () C:\Users\Krystel\Downloads\BeautifulESvonSchriftartenFontsde_downloader_by_SchriftartenFontsde.exe
2013-06-23 15:59 - 2013-06-23 15:59 - 00043113 _____ C:\Users\Krystel\Downloads\beautiful_es.zip
2013-06-23 15:20 - 2013-06-23 15:20 - 00243280 _____ C:\Users\Krystel\Downloads\AchtVier - Du und wer noch  (16BARSTV PREMIERE).mp3.sfk
2013-06-22 23:38 - 2013-03-03 00:42 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Sony
2013-06-22 22:51 - 2013-06-22 22:51 - 01924052 _____ C:\Users\Krystel\Downloads\aaleems 1.5k CC Pack!!! (1).rar
2013-06-22 22:47 - 2013-06-22 22:47 - 01924052 _____ C:\Users\Krystel\Downloads\aaleems 1.5k CC Pack!!!.rar
2013-06-22 01:11 - 2013-06-11 17:59 - 00000000 ____D C:\Program Files (x86)\MacroGamer
2013-06-21 14:06 - 2013-07-11 21:16 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-06-21 14:06 - 2013-07-11 21:16 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02597856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-06-21 14:06 - 2013-07-01 18:18 - 00021578 _____ C:\Windows\system32\nvinfo.pb
2013-06-21 14:06 - 2013-02-03 18:24 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-06-21 14:06 - 2013-02-03 18:24 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-06-21 14:06 - 2009-01-26 11:37 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-06-21 14:06 - 2009-01-26 11:37 - 12427240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-21 14:06 - 2009-01-26 11:37 - 02936208 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-06-21 12:23 - 2013-02-03 18:26 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-06-21 12:23 - 2009-01-26 11:37 - 06496544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-06-21 12:23 - 2009-01-26 11:37 - 03514656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-06-21 12:23 - 2009-01-26 11:37 - 02555680 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-06-21 12:23 - 2009-01-26 11:37 - 00884512 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-06-21 12:23 - 2009-01-26 11:37 - 00237856 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-06-21 08:10 - 2013-05-06 18:53 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\CorelHomeOffice

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-21 01:54

==================== End Of Log ============================
         

--- --- ---

--- --- ---

--- --- ---

--- --- ---


Leider tauchen die Seiten nach paar Stunden wieder auf.
Simple Säuberungen des Browsers hilft hier irgendwie nicht weiter.

Für's Erste verschwinden sie wenn man mit ADWCleaner oder ähnlichen Programmen versucht dagegen vorzugehen, aber tauchen nach einigen Stunden wieder auf, da kann man wohl so oft mit ADWCleaner oder anderen Programmen drüber wie man möchte : (

Der Log oben ist direkt nach der kompletten neuinstallierung von Chrome entstanden und zeigt daher wohl auch keine Problem mehr an.
Aber wie schon gesagt, sobald man den Browser für wenige Stunden benutzt, entsteht das Problem wieder.

Hier mal ein Log ein paar Stunden nach der neuinstallierung von Chrome.


FRST Logfile:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-07-2013
Ran by Krystel (administrator) on 21-07-2013 04:08:58
Running from C:\Users\Krystel\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Akamai Technologies, Inc.) C:\Users\Krystel\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Program Files (x86)\puush\puush.exe
(Spotify Ltd) C:\Users\Krystel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Akamai Technologies, Inc.) C:\Users\Krystel\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.175\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.33\deploy\LolClient.exe
() C:\Users\Krystel\Desktop\LoLZeug\BoL\BoL Studio.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKCU\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [2438656 2009-04-11] (Microsoft Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Krystel\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [152064 2008-07-03] (Microsoft Corporation)
HKCU\...\Run: [puush] - C:\Program Files (x86)\puush\puush.exe [567880 2013-07-14] ()
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Krystel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-06-21] (Spotify Ltd)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe [x]
MountPoints2: {8d8777ce-87f9-11e2-83fb-00242150365f} - L:\Install.exe
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [NPSStartup] -  [x]
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-11] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
ShortcutTarget: LOLRecorder.lnk -> C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default
FF Homepage: about:home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\{db2f991b-106f-477d-a712-c771073b6e79}
FF Extension: FoxyDeal - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D}
FF Extension: firebug - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: firefox - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\firefox@mega.co.nz.xpi
FF Extension: No Name - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

Chrome: 
=======
CHR RestoreOnStartup: "hxxp://websearch.mocaflix.com/", ""
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0
CHR Extension: (ProxMate - Improve your Internet!) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm\2.3.8_0
CHR Extension: (Gmail) - C:\Users\Krystel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
S2 libusbd; C:\Windows\SysWow64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4722728 2013-03-14] (INCA Internet Co., Ltd.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-27] (Avira Operations GmbH & Co. KG)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 libusb0; C:\Windows\SysWow64\drivers\libusb0.sys [33792 2005-03-09] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 libusb0; system32\drivers\libusb0.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S1 StarOpen; No ImagePath
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-21 01:54 - 2013-05-02 02:06 - 00278800 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-07-21 01:53 - 2013-07-21 01:53 - 00002031 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-21 01:52 - 2013-07-21 03:57 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-21 01:52 - 2013-07-21 01:57 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-21 01:52 - 2013-07-21 01:52 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-21 01:52 - 2013-07-21 01:52 - 00003856 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-21 01:51 - 2013-07-21 01:51 - 00784888 _____ (Google Inc.) C:\Users\Krystel\Downloads\ChromeSetup.exe
2013-07-20 17:54 - 2013-07-20 17:54 - 00000177 _____ C:\zoek-results20.07.2013-1754.log
2013-07-20 15:56 - 2013-07-20 15:56 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-20 04:57 - 2013-07-20 04:57 - 00013027 _____ C:\Users\Krystel\Downloads\untargetable2.1.txt
2013-07-19 21:46 - 2013-07-19 21:46 - 00002107 _____ C:\AdwCleaner[S5].txt
2013-07-19 21:45 - 2013-07-19 21:45 - 00002033 _____ C:\AdwCleaner[R5].txt
2013-07-19 19:55 - 2013-07-19 19:55 - 01778207 _____ (Farbar) C:\Users\Krystel\Desktop\FRST64.exe
2013-07-19 19:55 - 2013-07-19 19:55 - 00000000 ____D C:\FRST
2013-07-19 19:38 - 2013-07-19 19:38 - 00000072 _____ C:\Users\Krystel\Desktop\Wichtig Motor lackieren Anleitung.txt
2013-07-19 18:51 - 2013-07-19 18:51 - 00000000 _____ C:\Users\Krystel\defogger_reenable
2013-07-19 18:50 - 2013-07-21 04:08 - 00000000 ____D C:\Users\Krystel\Desktop\board
2013-07-19 17:35 - 2013-07-19 17:35 - 00001797 _____ C:\Users\Krystel\Desktop\old.txt
2013-07-19 14:45 - 2013-07-19 14:45 - 00001989 _____ C:\AdwCleaner[S4].txt
2013-07-19 14:44 - 2013-07-19 14:44 - 00001915 _____ C:\AdwCleaner[R4].txt
2013-07-15 22:27 - 2013-07-15 22:28 - 00002424 _____ C:\AdwCleaner[S3].txt
2013-07-15 22:26 - 2013-07-15 22:26 - 00002249 _____ C:\AdwCleaner[R3].txt
2013-07-15 20:57 - 2013-07-15 20:57 - 00000000 ____D C:\Users\Krystel\AppData\Local\NVIDIA
2013-07-15 13:06 - 2013-07-21 01:47 - 00001864 _____ C:\Windows\PFRO.log
2013-07-14 15:28 - 2013-07-14 15:28 - 00000776 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-07-14 15:27 - 2013-07-14 15:27 - 04396440 _____ (Piriform Ltd) C:\Users\Krystel\Downloads\ccsetup403.exe
2013-07-14 05:57 - 2013-07-14 05:57 - 00000000 ____D C:\Users\Krystel\AppData\Local\master131
2013-07-14 05:55 - 2013-07-14 05:55 - 00417036 _____ C:\Users\Krystel\Downloads\hook.rar
2013-07-14 05:40 - 2013-07-14 05:40 - 00000000 ____D C:\Users\Krystel\AppData\Local\TrinityEntertainmentNetwo
2013-07-14 05:39 - 2013-07-14 05:39 - 00572128 _____ C:\Users\Krystel\Downloads\BlackDragonInjector.rar
2013-07-14 05:20 - 2013-07-14 05:20 - 00374495 _____ C:\Users\Krystel\Downloads\FlyFF Infiltration Hack.zip
2013-07-14 04:59 - 2013-07-14 04:59 - 02231481 _____ C:\Users\Krystel\Downloads\Twixtor for Vegas Pro 12.zip
2013-07-14 00:27 - 2013-07-14 00:31 - 00109904 _____ C:\Users\Krystel\Downloads\Afi-Prelude(Lyrics).mp3.sfk
2013-07-13 14:06 - 2013-07-13 14:07 - 00006790 _____ C:\AdwCleaner[S2].txt
2013-07-13 14:06 - 2013-07-13 14:06 - 00006753 _____ C:\AdwCleaner[R2].txt
2013-07-13 01:35 - 2013-07-13 01:35 - 00617312 _____ (www.download-sponsor.de) C:\Users\Krystel\Downloads\296.10__desktop_win7_winvista_64bit_universal_whql.exe
2013-07-12 13:43 - 2013-05-29 08:15 - 17829376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-12 13:43 - 2013-05-29 07:50 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-12 13:43 - 2013-05-29 07:43 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-12 13:43 - 2013-05-29 07:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-12 13:43 - 2013-05-29 07:35 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-12 13:43 - 2013-05-29 07:34 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-12 13:43 - 2013-05-29 07:33 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-12 13:43 - 2013-05-29 07:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-12 13:43 - 2013-05-29 07:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-12 13:43 - 2013-05-29 07:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-12 13:43 - 2013-05-29 07:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-12 13:43 - 2013-05-29 07:27 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-12 13:43 - 2013-05-29 07:27 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-12 13:43 - 2013-05-29 07:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-12 13:43 - 2013-05-29 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-12 13:43 - 2013-05-29 07:18 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-12 13:43 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-12 13:43 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-12 13:43 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-12 13:43 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-12 13:43 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-12 13:43 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-12 13:43 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-12 13:43 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-12 13:43 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-12 13:43 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-12 13:43 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-12 13:43 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-12 13:43 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-12 13:43 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-12 13:43 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-12 13:43 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-11 21:20 - 2013-07-11 21:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-11 21:16 - 2013-06-21 14:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-07-11 21:16 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-07-11 21:16 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02597856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-07-11 21:15 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-07-11 21:03 - 2013-07-11 21:10 - 229594432 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\320.49-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-07-11 18:12 - 2013-06-01 06:19 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 18:12 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 18:11 - 2013-06-04 04:03 - 02775040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 18:11 - 2013-05-08 06:18 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 18:11 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 18:11 - 2013-04-17 14:32 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-11 18:11 - 2013-04-17 14:32 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-11 18:11 - 2013-04-17 14:32 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-11 18:11 - 2013-04-17 14:32 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-11 18:11 - 2013-04-17 13:29 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-11 18:11 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-11 18:11 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-11 18:11 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-11 18:11 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-11 18:11 - 2013-04-17 13:27 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-11 18:11 - 2013-04-17 13:02 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-11 18:11 - 2013-04-17 12:58 - 01556480 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 18:11 - 2013-04-17 12:58 - 01149440 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-11 18:11 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-11 18:11 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-11 18:11 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-11 18:11 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 18:06 - 2013-07-07 05:43 - 00038505 _____ C:\zoek-results07.07.2013-0543.log
2013-07-10 17:44 - 2013-07-10 17:44 - 00002294 _____ C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-07-10 17:26 - 2013-07-10 17:26 - 00000930 _____ C:\Users\Krystel\Desktop\Cheat Engine.lnk
2013-07-10 17:26 - 2013-07-10 17:26 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.2
2013-07-10 17:25 - 2013-07-10 17:25 - 07280088 _____ (Dark Byte                                                   ) C:\Users\Krystel\Downloads\CheatEngine62 (1).exe
2013-07-09 22:53 - 2013-07-09 23:00 - 00279464 _____ C:\Users\Krystel\Downloads\Margaret - Thank You Very Much.mp3.sfk
2013-07-09 18:42 - 2013-07-09 18:43 - 993908742 _____ C:\Users\Krystel\Downloads\Royal Revenge.rar
2013-07-09 16:57 - 2013-07-09 16:57 - 46185304 _____ C:\Users\Krystel\Downloads\Sexurlaub-EP_Klaus-Bukkake_MC-Baum_MekkroMye_www.meinrap.de-2.zip
2013-07-07 05:59 - 2013-07-21 01:48 - 00000378 _____ C:\Windows\Tasks\Lyrics-Pal Update.job
2013-07-07 05:59 - 2013-07-07 05:59 - 00003030 _____ C:\Windows\System32\Tasks\Lyrics-Pal Update
2013-07-07 05:59 - 2013-07-07 05:59 - 00000000 ____D C:\Program Files (x86)\FoxyDeal
2013-07-07 05:58 - 2013-07-07 05:58 - 00158168 _____ () C:\Users\Krystel\Downloads\CheatEngine62.exe
2013-07-07 05:47 - 2013-03-14 02:00 - 04722728 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des
2013-07-07 05:47 - 2005-01-02 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys
2013-07-07 05:47 - 2003-07-18 23:17 - 00005174 _____ C:\Windows\SysWOW64\nppt9x.vxd
2013-07-07 05:46 - 2013-07-07 05:46 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2013-07-07 05:41 - 2013-07-07 05:41 - 00001513 _____ C:\Users\Public\Desktop\Flyff.lnk
2013-07-07 05:41 - 2013-07-07 05:41 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\PiccShare
2013-07-07 05:41 - 2013-07-07 05:41 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Common
2013-07-07 05:36 - 2013-07-07 05:36 - 00000000 ____D C:\Program Files\gPotato.eu
2013-07-07 05:20 - 2013-07-07 05:19 - 00000396 _____ C:\zoek-results07.07.2013-0519.log
2013-07-07 05:19 - 2013-07-20 17:54 - 00001234 _____ C:\zoek-results.log
2013-07-07 05:14 - 2013-07-07 05:14 - 00695128 _____ C:\Users\Krystel\Downloads\Flyff_DE.exe
2013-07-07 05:13 - 2013-07-07 05:13 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-07 05:13 - 2013-07-07 05:13 - 00000000 _____ C:\autoexec.bat
2013-07-07 05:12 - 2013-07-07 05:18 - 00000000 ____D C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-07 05:10 - 2013-07-07 05:10 - 00726464 _____ (Enigma Software Group USA, LLC.) C:\Users\Krystel\Downloads\SpyHunter-Installer.exe
2013-07-07 00:14 - 2013-07-17 01:48 - 00000000 ____D C:\Users\Krystel\Desktop\alex
2013-07-06 20:34 - 2013-07-06 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-06 17:56 - 2013-07-06 17:56 - 00210432 _____ C:\Users\Krystel\Downloads\F-Tool (1).exe
2013-07-06 17:55 - 2013-07-06 18:14 - 57125395 _____ C:\Users\Krystel\Downloads\persteasy_-_roughnecks_aufgepasst_ep.zip
2013-07-04 18:33 - 2013-07-04 18:33 - 01390098 _____ C:\Users\Krystel\Downloads\FTool Extended.zip
2013-07-04 18:32 - 2013-07-04 18:32 - 00593659 _____ C:\Users\Krystel\Downloads\Renewal-MSX (2).rar
2013-07-04 18:30 - 2013-07-04 18:30 - 00574243 _____ C:\Users\Krystel\Downloads\Renewal-MSX (1).rar
2013-07-04 18:29 - 2013-07-04 18:29 - 00574243 _____ C:\Users\Krystel\Downloads\Renewal-MSX.rar
2013-07-04 16:26 - 2013-07-04 16:26 - 01424839 _____ C:\Users\Krystel\Downloads\FTool Extended.rar
2013-07-04 16:20 - 2013-07-04 16:21 - 00210432 _____ C:\Users\Krystel\Downloads\F-Tool.exe
2013-07-04 00:10 - 2013-07-04 00:10 - 00017586 _____ C:\Users\Krystel\Downloads\Flyff-Bot 2.0.rar
2013-07-03 23:48 - 2013-07-03 23:48 - 00993561 _____ C:\Users\Krystel\Downloads\FlyFF Bot By Incaner.rar
2013-07-03 23:32 - 2013-07-03 23:47 - 00000377 _____ C:\Users\Krystel\SciTE.session
2013-07-03 23:26 - 2013-07-03 23:26 - 07377952 _____ (AutoIt Team) C:\Users\Krystel\Downloads\autoit-v3-setup.exe
2013-07-03 23:26 - 2013-07-03 23:26 - 00000000 ____D C:\Program Files (x86)\AutoIt3
2013-07-03 23:14 - 2013-07-03 23:14 - 00707662 _____ C:\Users\Krystel\Downloads\FlyffBotXenox3.rar
2013-07-02 23:26 - 2013-07-02 23:26 - 00413462 _____ C:\Users\Krystel\Downloads\PublicFlyffBot.rar
2013-07-02 13:38 - 2013-07-02 13:39 - 00002455 _____ C:\AdwCleaner[S1].txt
2013-07-02 13:38 - 2013-07-02 13:38 - 00002531 _____ C:\AdwCleaner[R1].txt
2013-07-01 18:18 - 2013-06-21 14:06 - 00021578 _____ C:\Windows\system32\nvinfo.pb
2013-07-01 18:18 - 2013-02-10 05:25 - 01807136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6420294.dll
2013-07-01 18:18 - 2013-02-10 05:25 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6420162.dll
2013-07-01 18:13 - 2013-07-01 18:15 - 178075832 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\314.07-desktop-win8-win7-winvista-64bit-english-whql.exe
2013-07-01 18:05 - 2013-07-01 18:05 - 00000000 ____D C:\NVIDIA
2013-07-01 18:02 - 2013-07-01 18:04 - 179164720 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\320.49-desktop-win8-win7-winvista-32bit-international-whql.exe
2013-07-01 15:27 - 2013-07-07 05:59 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-07-01 15:27 - 2013-07-01 15:27 - 08062384 _____ (Cheat Engine                                                ) C:\Users\Krystel\Downloads\CheatEngine63.exe
2013-06-29 23:56 - 2013-06-29 23:56 - 08204850 _____ C:\Users\Krystel\Downloads\TwoWorlds.rar
2013-06-29 21:56 - 2013-06-29 21:57 - 00238856 _____ C:\Users\Krystel\Downloads\Thousand Foot Krutch - Phenomenon - 01 Phenomenon.mp3.sfk
2013-06-29 20:48 - 2013-06-29 20:53 - 01100656 _____ C:\Users\Krystel\Downloads\Epic Music Mix 4 (With Vocals).mp3.sfk
2013-06-29 20:19 - 2013-06-29 20:21 - 00083296 _____ C:\Users\Krystel\Downloads\pulsestylez DUBSTEP MASSACRE #1 CSS Frag Clip.mp4.sfk
2013-06-29 20:17 - 2013-06-29 20:18 - 21569004 _____ C:\Users\Krystel\Downloads\pulsestylez DUBSTEP MASSACRE #1 CSS Frag Clip.mp4
2013-06-29 20:12 - 2013-06-29 20:12 - 00903080 _____ (Oracle Corporation) C:\Users\Krystel\Downloads\chromeinstall-7u25.exe
2013-06-26 22:53 - 2013-07-14 01:36 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\vlc
2013-06-26 22:51 - 2013-06-26 22:51 - 00000000 ____D C:\Program Files\VideoLAN
2013-06-26 22:50 - 2013-06-26 22:50 - 23229256 _____ C:\Users\Krystel\Downloads\vlc-2.0.7-win64.exe
2013-06-26 22:17 - 2013-06-26 22:17 - 00284648 _____ C:\Users\Krystel\Downloads\Joywave - Tongues (feat Kopps) (RAC Remix).mp3.sfk
2013-06-26 22:17 - 2013-06-26 22:17 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Sony Creative Software Inc
2013-06-26 21:57 - 2013-06-26 22:15 - 00341776 _____ C:\Users\Krystel\Downloads\Chori Chori Video.mp3.sfk
2013-06-25 15:06 - 2013-06-25 15:15 - 681092659 _____ C:\Users\Krystel\Downloads\project-flyff.rar
2013-06-24 14:37 - 2013-06-24 14:53 - 972769591 _____ C:\Users\Krystel\Downloads\LightningGraveV3.7z
2013-06-23 23:06 - 2013-06-23 23:06 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\DivX
2013-06-23 23:01 - 2013-07-14 15:34 - 00000000 ____D C:\Program Files\DivX
2013-06-23 22:59 - 2013-07-14 15:34 - 00000000 ____D C:\ProgramData\DivX
2013-06-23 22:59 - 2013-06-23 22:59 - 00957248 _____ (DivX, LLC) C:\Users\Krystel\Downloads\DivXInstaller.exe
2013-06-23 22:53 - 2013-06-23 22:53 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-06-23 22:53 - 2013-05-27 15:07 - 00112640 _____ C:\Windows\SysWOW64\ff_vfw.dll
2013-06-23 22:52 - 2013-06-23 22:52 - 04730223 _____ (ffdshow                                                     ) C:\Users\Krystel\Downloads\ffdshow_rev4513_20130525_clsid (1).exe
2013-06-23 22:36 - 2013-06-23 22:36 - 01361419 _____ C:\Users\Krystel\Downloads\MatroskaSplitter.exe
2013-06-23 22:36 - 2013-06-23 22:36 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-06-23 22:36 - 2013-06-23 22:36 - 00000000 ____D C:\Program Files (x86)\Haali
2013-06-23 22:35 - 2013-06-23 22:35 - 04730223 _____ (ffdshow                                                     ) C:\Users\Krystel\Downloads\ffdshow_rev4513_20130525_clsid.exe
2013-06-23 22:33 - 2013-06-23 22:34 - 00000000 ____D C:\Users\Krystel\Desktop\idk
2013-06-23 22:33 - 2013-06-23 22:33 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2013-06-23 22:33 - 2013-06-23 22:33 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-06-23 22:32 - 2013-06-23 22:33 - 41754896 _____ C:\Users\Krystel\Downloads\RipBot264v1.17.4 (1).7z
2013-06-23 22:25 - 2013-06-23 22:28 - 221698044 _____ C:\Users\Krystel\Downloads\Cani.rar
2013-06-23 15:59 - 2013-06-23 15:59 - 00163288 _____ () C:\Users\Krystel\Downloads\BeautifulESvonSchriftartenFontsde_downloader_by_SchriftartenFontsde.exe
2013-06-23 15:59 - 2013-06-23 15:59 - 00043113 _____ C:\Users\Krystel\Downloads\beautiful_es.zip
2013-06-23 15:20 - 2013-06-23 15:20 - 00243280 _____ C:\Users\Krystel\Downloads\AchtVier - Du und wer noch  (16BARSTV PREMIERE).mp3.sfk
2013-06-22 22:51 - 2013-06-22 22:51 - 01924052 _____ C:\Users\Krystel\Downloads\aaleems 1.5k CC Pack!!! (1).rar
2013-06-22 22:47 - 2013-06-22 22:47 - 01924052 _____ C:\Users\Krystel\Downloads\aaleems 1.5k CC Pack!!!.rar

==================== One Month Modified Files and Folders =======

2013-07-21 04:08 - 2013-07-19 18:50 - 00000000 ____D C:\Users\Krystel\Desktop\board
2013-07-21 03:57 - 2013-07-21 01:52 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-21 03:57 - 2013-03-13 10:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-21 03:48 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-21 03:48 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-21 03:32 - 2013-02-04 14:38 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\TS3Client
2013-07-21 03:26 - 2013-02-03 17:27 - 02042701 _____ C:\Windows\WindowsUpdate.log
2013-07-21 02:01 - 2013-05-13 16:24 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\BoL
2013-07-21 01:57 - 2013-07-21 01:52 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-21 01:53 - 2013-07-21 01:53 - 00002031 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-21 01:53 - 2013-02-03 17:34 - 00000000 ____D C:\Users\Krystel\AppData\Local\Google
2013-07-21 01:52 - 2013-07-21 01:52 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-21 01:52 - 2013-07-21 01:52 - 00003856 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-21 01:52 - 2013-02-03 17:31 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-21 01:51 - 2013-07-21 01:51 - 00784888 _____ (Google Inc.) C:\Users\Krystel\Downloads\ChromeSetup.exe
2013-07-21 01:48 - 2013-07-07 05:59 - 00000378 _____ C:\Windows\Tasks\Lyrics-Pal Update.job
2013-07-21 01:48 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-21 01:48 - 2006-11-02 17:07 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-07-21 01:47 - 2013-07-15 13:06 - 00001864 _____ C:\Windows\PFRO.log
2013-07-20 22:51 - 2006-11-02 17:42 - 00032534 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-20 17:54 - 2013-07-20 17:54 - 00000177 _____ C:\zoek-results20.07.2013-1754.log
2013-07-20 17:54 - 2013-07-07 05:19 - 00001234 _____ C:\zoek-results.log
2013-07-20 15:56 - 2013-07-20 15:56 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-20 04:57 - 2013-07-20 04:57 - 00013027 _____ C:\Users\Krystel\Downloads\untargetable2.1.txt
2013-07-20 03:32 - 2013-05-07 19:18 - 00003706 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0F134943-7C99-49C6-907B-5B3836641A3D}
2013-07-19 21:46 - 2013-07-19 21:46 - 00002107 _____ C:\AdwCleaner[S5].txt
2013-07-19 21:46 - 2013-06-05 09:12 - 00001648 _____ C:\Windows\DeleteOnReboot.bat
2013-07-19 21:45 - 2013-07-19 21:45 - 00002033 _____ C:\AdwCleaner[R5].txt
2013-07-19 20:58 - 2013-02-14 07:02 - 00000000 ____D C:\Program Files (x86)\Steam
2013-07-19 19:55 - 2013-07-19 19:55 - 01778207 _____ (Farbar) C:\Users\Krystel\Desktop\FRST64.exe
2013-07-19 19:55 - 2013-07-19 19:55 - 00000000 ____D C:\FRST
2013-07-19 19:38 - 2013-07-19 19:38 - 00000072 _____ C:\Users\Krystel\Desktop\Wichtig Motor lackieren Anleitung.txt
2013-07-19 18:51 - 2013-07-19 18:51 - 00000000 _____ C:\Users\Krystel\defogger_reenable
2013-07-19 18:51 - 2013-02-03 17:32 - 00000000 ____D C:\Users\Krystel
2013-07-19 17:35 - 2013-07-19 17:35 - 00001797 _____ C:\Users\Krystel\Desktop\old.txt
2013-07-19 14:45 - 2013-07-19 14:45 - 00001989 _____ C:\AdwCleaner[S4].txt
2013-07-19 14:44 - 2013-07-19 14:44 - 00001915 _____ C:\AdwCleaner[R4].txt
2013-07-17 01:48 - 2013-07-07 00:14 - 00000000 ____D C:\Users\Krystel\Desktop\alex
2013-07-17 01:47 - 2013-03-03 18:46 - 00000000 ____D C:\Users\Krystel\Desktop\qmacro
2013-07-17 01:46 - 2013-02-03 18:27 - 00056320 _____ C:\Users\Krystel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-15 22:28 - 2013-07-15 22:27 - 00002424 _____ C:\AdwCleaner[S3].txt
2013-07-15 22:26 - 2013-07-15 22:26 - 00002249 _____ C:\AdwCleaner[R3].txt
2013-07-15 20:57 - 2013-07-15 20:57 - 00000000 ____D C:\Users\Krystel\AppData\Local\NVIDIA
2013-07-15 20:57 - 2013-02-03 18:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-07-15 13:11 - 2013-03-13 10:31 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-15 13:11 - 2013-03-13 10:31 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-15 13:11 - 2013-03-13 10:31 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-15 13:11 - 2013-02-14 06:55 - 00000000 ____D C:\Users\Krystel\AppData\Local\Adobe
2013-07-14 20:45 - 2013-06-15 21:26 - 00000000 ____D C:\Program Files (x86)\puush
2013-07-14 15:36 - 2013-02-04 10:17 - 00000000 ____D C:\Windows\Minidump
2013-07-14 15:34 - 2013-06-23 23:01 - 00000000 ____D C:\Program Files\DivX
2013-07-14 15:34 - 2013-06-23 22:59 - 00000000 ____D C:\ProgramData\DivX
2013-07-14 15:31 - 2013-06-11 16:50 - 00000000 ____D C:\Program Files (x86)\«öÁäºëÆF
2013-07-14 15:31 - 2013-02-20 09:07 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-07-14 15:31 - 2013-02-03 19:25 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-14 15:30 - 2013-02-24 17:15 - 00000000 ____D C:\Program Files (x86)\UltraISO
2013-07-14 15:30 - 2013-02-03 17:31 - 00000000 ____D C:\Program Files (x86)\Fujitsu Siemens Computers
2013-07-14 15:28 - 2013-07-14 15:28 - 00000776 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-07-14 15:28 - 2013-06-05 21:40 - 00000000 ____D C:\Program Files\CCleaner
2013-07-14 15:27 - 2013-07-14 15:27 - 04396440 _____ (Piriform Ltd) C:\Users\Krystel\Downloads\ccsetup403.exe
2013-07-14 05:57 - 2013-07-14 05:57 - 00000000 ____D C:\Users\Krystel\AppData\Local\master131
2013-07-14 05:55 - 2013-07-14 05:55 - 00417036 _____ C:\Users\Krystel\Downloads\hook.rar
2013-07-14 05:40 - 2013-07-14 05:40 - 00000000 ____D C:\Users\Krystel\AppData\Local\TrinityEntertainmentNetwo
2013-07-14 05:39 - 2013-07-14 05:39 - 00572128 _____ C:\Users\Krystel\Downloads\BlackDragonInjector.rar
2013-07-14 05:37 - 2013-06-10 21:13 - 00000000 ____D C:\Users\Krystel\Desktop\FlyFF
2013-07-14 05:20 - 2013-07-14 05:20 - 00374495 _____ C:\Users\Krystel\Downloads\FlyFF Infiltration Hack.zip
2013-07-14 05:20 - 2013-02-03 17:49 - 00000000 ____D C:\Users\Krystel\Desktop\Trash
2013-07-14 04:59 - 2013-07-14 04:59 - 02231481 _____ C:\Users\Krystel\Downloads\Twixtor for Vegas Pro 12.zip
2013-07-14 01:36 - 2013-06-26 22:53 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\vlc
2013-07-14 00:31 - 2013-07-14 00:27 - 00109904 _____ C:\Users\Krystel\Downloads\Afi-Prelude(Lyrics).mp3.sfk
2013-07-13 14:07 - 2013-07-13 14:06 - 00006790 _____ C:\AdwCleaner[S2].txt
2013-07-13 14:06 - 2013-07-13 14:06 - 00006753 _____ C:\AdwCleaner[R2].txt
2013-07-13 01:35 - 2013-07-13 01:35 - 00617312 _____ (www.download-sponsor.de) C:\Users\Krystel\Downloads\296.10__desktop_win7_winvista_64bit_universal_whql.exe
2013-07-12 14:00 - 2006-11-02 17:21 - 00282952 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 13:58 - 2006-11-02 17:07 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-07-12 13:58 - 2006-11-02 17:07 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-12 13:54 - 2006-11-02 14:35 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-07-11 23:45 - 2013-02-11 00:45 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Spotify
2013-07-11 23:43 - 2013-02-11 00:45 - 00000000 ____D C:\Users\Krystel\AppData\Local\Spotify
2013-07-11 21:43 - 2008-01-21 13:10 - 00006972 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-11 21:43 - 2008-01-21 13:09 - 02640946 _____ C:\Windows\system32\perfh007.dat
2013-07-11 21:43 - 2008-01-21 13:09 - 00778750 _____ C:\Windows\system32\perfc007.dat
2013-07-11 21:21 - 2013-02-03 18:27 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-11 21:20 - 2013-07-11 21:20 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-11 21:20 - 2009-01-26 12:49 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-11 21:10 - 2013-07-11 21:03 - 229594432 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\320.49-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-07-10 17:44 - 2013-07-10 17:44 - 00002294 _____ C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-07-10 17:26 - 2013-07-10 17:26 - 00000930 _____ C:\Users\Krystel\Desktop\Cheat Engine.lnk
2013-07-10 17:26 - 2013-07-10 17:26 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.2
2013-07-10 17:25 - 2013-07-10 17:25 - 07280088 _____ (Dark Byte                                                   ) C:\Users\Krystel\Downloads\CheatEngine62 (1).exe
2013-07-09 23:00 - 2013-07-09 22:53 - 00279464 _____ C:\Users\Krystel\Downloads\Margaret - Thank You Very Much.mp3.sfk
2013-07-09 18:43 - 2013-07-09 18:42 - 993908742 _____ C:\Users\Krystel\Downloads\Royal Revenge.rar
2013-07-09 16:57 - 2013-07-09 16:57 - 46185304 _____ C:\Users\Krystel\Downloads\Sexurlaub-EP_Klaus-Bukkake_MC-Baum_MekkroMye_www.meinrap.de-2.zip
2013-07-07 23:26 - 2013-02-03 17:33 - 00000000 ____D C:\Users\Krystel\AppData\Local\VirtualStore
2013-07-07 05:59 - 2013-07-07 05:59 - 00003030 _____ C:\Windows\System32\Tasks\Lyrics-Pal Update
2013-07-07 05:59 - 2013-07-07 05:59 - 00000000 ____D C:\Program Files (x86)\FoxyDeal
2013-07-07 05:59 - 2013-07-01 15:27 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-07-07 05:58 - 2013-07-07 05:58 - 00158168 _____ () C:\Users\Krystel\Downloads\CheatEngine62.exe
2013-07-07 05:46 - 2013-07-07 05:46 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2013-07-07 05:43 - 2013-07-11 18:06 - 00038505 _____ C:\zoek-results07.07.2013-0543.log
2013-07-07 05:43 - 2013-02-03 17:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-07 05:41 - 2013-07-07 05:41 - 00001513 _____ C:\Users\Public\Desktop\Flyff.lnk
2013-07-07 05:41 - 2013-07-07 05:41 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\PiccShare
2013-07-07 05:41 - 2013-07-07 05:41 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Common
2013-07-07 05:36 - 2013-07-07 05:36 - 00000000 ____D C:\Program Files\gPotato.eu
2013-07-07 05:19 - 2013-07-07 05:20 - 00000396 _____ C:\zoek-results07.07.2013-0519.log
2013-07-07 05:18 - 2013-07-07 05:12 - 00000000 ____D C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-07 05:14 - 2013-07-07 05:14 - 00695128 _____ C:\Users\Krystel\Downloads\Flyff_DE.exe
2013-07-07 05:13 - 2013-07-07 05:13 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-07 05:13 - 2013-07-07 05:13 - 00000000 _____ C:\autoexec.bat
2013-07-07 05:10 - 2013-07-07 05:10 - 00726464 _____ (Enigma Software Group USA, LLC.) C:\Users\Krystel\Downloads\SpyHunter-Installer.exe
2013-07-06 20:34 - 2013-07-06 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-06 18:14 - 2013-07-06 17:55 - 57125395 _____ C:\Users\Krystel\Downloads\persteasy_-_roughnecks_aufgepasst_ep.zip
2013-07-06 17:56 - 2013-07-06 17:56 - 00210432 _____ C:\Users\Krystel\Downloads\F-Tool (1).exe
2013-07-04 18:33 - 2013-07-04 18:33 - 01390098 _____ C:\Users\Krystel\Downloads\FTool Extended.zip
2013-07-04 18:32 - 2013-07-04 18:32 - 00593659 _____ C:\Users\Krystel\Downloads\Renewal-MSX (2).rar
2013-07-04 18:30 - 2013-07-04 18:30 - 00574243 _____ C:\Users\Krystel\Downloads\Renewal-MSX (1).rar
2013-07-04 18:29 - 2013-07-04 18:29 - 00574243 _____ C:\Users\Krystel\Downloads\Renewal-MSX.rar
2013-07-04 16:26 - 2013-07-04 16:26 - 01424839 _____ C:\Users\Krystel\Downloads\FTool Extended.rar
2013-07-04 16:21 - 2013-07-04 16:20 - 00210432 _____ C:\Users\Krystel\Downloads\F-Tool.exe
2013-07-04 00:10 - 2013-07-04 00:10 - 00017586 _____ C:\Users\Krystel\Downloads\Flyff-Bot 2.0.rar
2013-07-03 23:48 - 2013-07-03 23:48 - 00993561 _____ C:\Users\Krystel\Downloads\FlyFF Bot By Incaner.rar
2013-07-03 23:47 - 2013-07-03 23:32 - 00000377 _____ C:\Users\Krystel\SciTE.session
2013-07-03 23:26 - 2013-07-03 23:26 - 07377952 _____ (AutoIt Team) C:\Users\Krystel\Downloads\autoit-v3-setup.exe
2013-07-03 23:26 - 2013-07-03 23:26 - 00000000 ____D C:\Program Files (x86)\AutoIt3
2013-07-03 23:26 - 2006-11-02 17:07 - 00000000 ____D C:\Windows\ShellNew
2013-07-03 23:14 - 2013-07-03 23:14 - 00707662 _____ C:\Users\Krystel\Downloads\FlyffBotXenox3.rar
2013-07-02 23:26 - 2013-07-02 23:26 - 00413462 _____ C:\Users\Krystel\Downloads\PublicFlyffBot.rar
2013-07-02 13:39 - 2013-07-02 13:38 - 00002455 _____ C:\AdwCleaner[S1].txt
2013-07-02 13:38 - 2013-07-02 13:38 - 00002531 _____ C:\AdwCleaner[R1].txt
2013-07-01 18:15 - 2013-07-01 18:13 - 178075832 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\314.07-desktop-win8-win7-winvista-64bit-english-whql.exe
2013-07-01 18:05 - 2013-07-01 18:05 - 00000000 ____D C:\NVIDIA
2013-07-01 18:04 - 2013-07-01 18:02 - 179164720 _____ (NVIDIA Corporation) C:\Users\Krystel\Downloads\320.49-desktop-win8-win7-winvista-32bit-international-whql.exe
2013-07-01 15:27 - 2013-07-01 15:27 - 08062384 _____ (Cheat Engine                                                ) C:\Users\Krystel\Downloads\CheatEngine63.exe
2013-06-29 23:56 - 2013-06-29 23:56 - 08204850 _____ C:\Users\Krystel\Downloads\TwoWorlds.rar
2013-06-29 21:57 - 2013-06-29 21:56 - 00238856 _____ C:\Users\Krystel\Downloads\Thousand Foot Krutch - Phenomenon - 01 Phenomenon.mp3.sfk
2013-06-29 20:53 - 2013-06-29 20:48 - 01100656 _____ C:\Users\Krystel\Downloads\Epic Music Mix 4 (With Vocals).mp3.sfk
2013-06-29 20:21 - 2013-06-29 20:19 - 00083296 _____ C:\Users\Krystel\Downloads\pulsestylez DUBSTEP MASSACRE #1 CSS Frag Clip.mp4.sfk
2013-06-29 20:18 - 2013-06-29 20:17 - 21569004 _____ C:\Users\Krystel\Downloads\pulsestylez DUBSTEP MASSACRE #1 CSS Frag Clip.mp4
2013-06-29 20:14 - 2013-03-11 18:31 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-29 20:14 - 2013-03-11 18:31 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-29 20:12 - 2013-06-29 20:12 - 00903080 _____ (Oracle Corporation) C:\Users\Krystel\Downloads\chromeinstall-7u25.exe
2013-06-28 19:24 - 2013-03-13 10:50 - 00000000 ____D C:\Users\Krystel\AppData\Local\Akamai
2013-06-26 22:51 - 2013-06-26 22:51 - 00000000 ____D C:\Program Files\VideoLAN
2013-06-26 22:50 - 2013-06-26 22:50 - 23229256 _____ C:\Users\Krystel\Downloads\vlc-2.0.7-win64.exe
2013-06-26 22:17 - 2013-06-26 22:17 - 00284648 _____ C:\Users\Krystel\Downloads\Joywave - Tongues (feat Kopps) (RAC Remix).mp3.sfk
2013-06-26 22:17 - 2013-06-26 22:17 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Sony Creative Software Inc
2013-06-26 22:15 - 2013-06-26 21:57 - 00341776 _____ C:\Users\Krystel\Downloads\Chori Chori Video.mp3.sfk
2013-06-25 15:15 - 2013-06-25 15:06 - 681092659 _____ C:\Users\Krystel\Downloads\project-flyff.rar
2013-06-24 14:53 - 2013-06-24 14:37 - 972769591 _____ C:\Users\Krystel\Downloads\LightningGraveV3.7z
2013-06-23 23:07 - 2013-02-03 17:34 - 00066488 _____ C:\Users\Krystel\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-23 23:06 - 2013-06-23 23:06 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\DivX
2013-06-23 22:59 - 2013-06-23 22:59 - 00957248 _____ (DivX, LLC) C:\Users\Krystel\Downloads\DivXInstaller.exe
2013-06-23 22:53 - 2013-06-23 22:53 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-06-23 22:52 - 2013-06-23 22:52 - 04730223 _____ (ffdshow                                                     ) C:\Users\Krystel\Downloads\ffdshow_rev4513_20130525_clsid (1).exe
2013-06-23 22:36 - 2013-06-23 22:36 - 01361419 _____ C:\Users\Krystel\Downloads\MatroskaSplitter.exe
2013-06-23 22:36 - 2013-06-23 22:36 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-06-23 22:36 - 2013-06-23 22:36 - 00000000 ____D C:\Program Files (x86)\Haali
2013-06-23 22:35 - 2013-06-23 22:35 - 04730223 _____ (ffdshow                                                     ) C:\Users\Krystel\Downloads\ffdshow_rev4513_20130525_clsid.exe
2013-06-23 22:34 - 2013-06-23 22:33 - 00000000 ____D C:\Users\Krystel\Desktop\idk
2013-06-23 22:34 - 2013-05-06 01:26 - 00000000 ____D C:\Users\Krystel\Desktop\LoLZeug
2013-06-23 22:33 - 2013-06-23 22:33 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2013-06-23 22:33 - 2013-06-23 22:33 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-06-23 22:33 - 2013-06-23 22:32 - 41754896 _____ C:\Users\Krystel\Downloads\RipBot264v1.17.4 (1).7z
2013-06-23 22:28 - 2013-06-23 22:25 - 221698044 _____ C:\Users\Krystel\Downloads\Cani.rar
2013-06-23 15:59 - 2013-06-23 15:59 - 00163288 _____ () C:\Users\Krystel\Downloads\BeautifulESvonSchriftartenFontsde_downloader_by_SchriftartenFontsde.exe
2013-06-23 15:59 - 2013-06-23 15:59 - 00043113 _____ C:\Users\Krystel\Downloads\beautiful_es.zip
2013-06-23 15:20 - 2013-06-23 15:20 - 00243280 _____ C:\Users\Krystel\Downloads\AchtVier - Du und wer noch  (16BARSTV PREMIERE).mp3.sfk
2013-06-22 23:38 - 2013-03-03 00:42 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\Sony
2013-06-22 22:51 - 2013-06-22 22:51 - 01924052 _____ C:\Users\Krystel\Downloads\aaleems 1.5k CC Pack!!! (1).rar
2013-06-22 22:47 - 2013-06-22 22:47 - 01924052 _____ C:\Users\Krystel\Downloads\aaleems 1.5k CC Pack!!!.rar
2013-06-22 01:11 - 2013-06-11 17:59 - 00000000 ____D C:\Program Files (x86)\MacroGamer
2013-06-21 14:06 - 2013-07-11 21:16 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-06-21 14:06 - 2013-07-11 21:16 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-06-21 14:06 - 2013-07-11 21:16 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02597856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-06-21 14:06 - 2013-07-11 21:15 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-06-21 14:06 - 2013-07-01 18:18 - 00021578 _____ C:\Windows\system32\nvinfo.pb
2013-06-21 14:06 - 2013-02-03 18:24 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-06-21 14:06 - 2013-02-03 18:24 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-06-21 14:06 - 2009-01-26 11:37 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-06-21 14:06 - 2009-01-26 11:37 - 12427240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-21 14:06 - 2009-01-26 11:37 - 02936208 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-06-21 12:23 - 2013-02-03 18:26 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-06-21 12:23 - 2009-01-26 11:37 - 06496544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-06-21 12:23 - 2009-01-26 11:37 - 03514656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-06-21 12:23 - 2009-01-26 11:37 - 02555680 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-06-21 12:23 - 2009-01-26 11:37 - 00884512 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-06-21 12:23 - 2009-01-26 11:37 - 00237856 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-06-21 08:10 - 2013-05-06 18:53 - 00000000 ____D C:\Users\Krystel\AppData\Roaming\CorelHomeOffice

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-21 02:00

==================== End Of Log ============================
         

--- --- ---

--- --- ---

--- --- ---

Code: Alles auswählenAufklappen

ATTFilter

Chrome: 
=======
CHR RestoreOnStartup: "hxxp://websearch.mocaflix.com/", ""
         

...und da ist das Problem dann auch wieder.

Bevor ich es vergesse.
Ich habe unter Systemsteuerung ein Programm das Snap.Do Engine heißt und es mir nicht möglich dieses zu löschen.
Gibt es da eine Möglichkeit dazu?

Du hast aber alle Daten von Chrome gelöscht, also nichts behalten angeklickt?

Mach bitte folgendes:

Chrome deinstallieren


Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop.
SystemLook (64 bit)

• Doppelklicke auf die SystemLook_x64.exe, um das Tool zu starten.
• Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
  
  Code: Alles auswählenAufklappen

  ATTFilter

  :filefind
  *snap.do*
  *chrome*
  *websearch*
  :folderfind
  *snap.do*
  *chrome*
  *websearch*
  :regfind
  snap.do
  chrome
  websearch
           

• Klicke nun auf den Button Look, um den Scan zu starten.
• Der Suchlauf kann einige Zeit dauern.
• Wenn der Suchlauf beendet ist, wird sich Dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
• Die Ergebnisse werden auf dem Desktop als SystemLook.txt gespeichert.

Code: Alles auswählenAufklappen

ATTFilter

SystemLook 30.07.11 by jpshortstuff
Log created at 06:08 on 22/07/2013 by Krystel
Administrator - Elevation successful

========== filefind ==========

Searching for "*snap.do*"
No files found.

Searching for "*chrome*"
C:\Fraps\Screenshots\chrome 2013-04-30 20-41-48-17.bmp	--a---- 5318466 bytes	[18:41 30/04/2013]	[18:41 30/04/2013] C5FFF160BB4B9ADE44B06307EAC9C552
C:\Fraps\Screenshots\chrome 2013-06-16 17-24-48-71.bmp	--a---- 4023666 bytes	[15:24 16/06/2013]	[15:24 16/06/2013] F5C82421061030C02AFED5E8FB3E6FFC
C:\Fraps\Screenshots\chrome 2013-06-16 17-24-53-82.bmp	--a---- 4023666 bytes	[15:24 16/06/2013]	[15:24 16/06/2013] F5C82421061030C02AFED5E8FB3E6FFC
C:\JRT\chrome.bat	--a---- 15542 bytes	[00:19 09/06/2013]	[21:31 21/04/2013] 892B8347BAF133646A19D3B90928AE86
C:\Program Files (x86)\LooksBuilder\Looks\Monochromatic\Blue Chrome.MBLook	--a---- 44525 bytes	[10:41 16/06/2011]	[10:41 16/06/2011] D569AC330EB3FCB7F5FB62C0FD3BC038
C:\Program Files (x86)\Mozilla Firefox\browser\chrome.manifest	--a---- 40 bytes	[18:34 06/07/2013]	[21:19 26/05/2013] F9B700918938FEC0A3730CE8D29D01B3
C:\Program Files (x86)\Steam\bin\chromehtml.dll	--a---- 1114536 bytes	[05:03 14/02/2013]	[22:06 06/06/2013] C5C8C2BB002BCD580CDF3AA61D9AB6BF
C:\Program Files (x86)\Steam\resource\layout\gamespage_grid_chrome.layout	--a---- 4050 bytes	[05:04 14/02/2013]	[20:43 16/03/2010] CCFFEC30C8B774ED70285B70E1BC9175
C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\chromehtml.dll	--a---- 876032 bytes	[16:15 29/06/2013]	[16:19 29/06/2013] 2BBD6ACBC6637740BDC5B92FF1999105
C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\cstrike\download\materials\sprites\store\trails\googlechrome.vmt	--a---- 125 bytes	[02:44 20/05/2013]	[02:44 20/05/2013] 340560E0BFA6D2A72DE2BF31413A14C6
C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\cstrike\download\materials\sprites\store\trails\googlechrome.vtf	--a---- 11144 bytes	[02:44 20/05/2013]	[02:44 20/05/2013] 5D821BF3D113F872911D784A76FE7C70
C:\Users\Krystel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DSCH54ZI\chrome.min[1].css	--a---- 109022 bytes	[04:07 22/07/2013]	[04:07 22/07/2013] 54966FC3F2CB13D0E335C672F2415848
C:\Users\Krystel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DSCH54ZI\chrome_logo_2x[1].png	--a---- 3920 bytes	[04:07 22/07/2013]	[04:07 22/07/2013] 84EC0A4D89CB5E6D0A2C4A07C3114653
C:\Users\Krystel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RYX0VQ48\chrome.min[1].js	--a---- 122333 bytes	[04:07 22/07/2013]	[04:07 22/07/2013] E5DEE7A77D6D45DAA71C07AED93C70ED
C:\Users\Krystel\AppData\Local\Temp\chrome_installer.log	--a---- 13421 bytes	[20:13 21/07/2013]	[04:08 22/07/2013] 482F871BD4E50F4B68B4A481A2767235
C:\Users\Krystel\AppData\Local\Temp\jrt\chrome.bat	--a---- 14973 bytes	[19:50 19/07/2013]	[18:53 17/07/2013] 603595734D290C73FA40EDA1ACADF265
C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\extensions\{db2f991b-106f-477d-a712-c771073b6e79}\chrome.manifest	--a---- 955 bytes	[15:43 10/07/2013]	[15:21 29/05/2013] EAB9B7573EAFBDDDD6641A07E39D4ADC
C:\Users\Krystel\Desktop\alex\chrome 2013-07-17 01-46-36-99.avi	--a---- 29638088 bytes	[23:46 16/07/2013]	[23:46 16/07/2013] 9DA3EC72E2AACC54EB643E00EECA59A0
C:\Users\Krystel\Desktop\alex\chrome 2013-07-17 01-46-36-99.avi.sfk	--a---- 18064 bytes	[23:47 16/07/2013]	[23:48 16/07/2013] D4A57E049821C67FE87B74019F943647
C:\Users\Krystel\Desktop\idk\Render Program\chromeinstall-7u21.exe	--a---- 903072 bytes	[20:29 23/06/2013]	[16:54 13/06/2013] ED3EA1B50F976DEB41BE6C62997BDF6E
C:\Users\Krystel\Downloads\chromeinstall-7u21.exe	--a---- 903072 bytes	[22:34 15/06/2013]	[22:34 15/06/2013] ED3EA1B50F976DEB41BE6C62997BDF6E
C:\Users\Krystel\Downloads\chromeinstall-7u25.exe	--a---- 903080 bytes	[18:12 29/06/2013]	[18:12 29/06/2013] 0748E29E764BAC0E7F9E2567D4CECF94
C:\Users\Krystel\Downloads\ChromeSetup.exe	--a---- 784888 bytes	[23:51 20/07/2013]	[23:51 20/07/2013] BEA0BCD3DFE020F5D75E7A65D11C77C1
C:\Windows\Installer\$PatchCache$\Managed\26DDC2EC4210AC63483DF9D4FCC5B59D\3.5.30729\Chrome_jar.3643236F_FC70_11D3_A536_0090278A1BB8	-ra---- 29500 bytes	[17:28 30/05/2008]	[17:28 30/05/2008] E4A1F93E2DCEC1FDFF473D429D20373D
C:\Windows\Installer\$PatchCache$\Managed\26DDC2EC4210AC63483DF9D4FCC5B59D\3.5.30729\Chrome_manifest.3643236F_FC70_11D3_A536_0090278A1BB8	-ra---- 1880 bytes	[12:00 29/05/2008]	[12:00 29/05/2008] 7ECCABD395D6116AC38152F395D68771
C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\chrome.manifest	--a---- 1762 bytes	[11:48 23/01/2009]	[11:48 23/01/2009] C85089B86D79730B9E6A2185EAA96A72
C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\chrome\chrome.jar	--a---- 10010 bytes	[13:40 18/03/2009]	[13:40 18/03/2009] 7B8018A8E2B62C35748420DE18F60661
C:\Windows\Microsoft.NET\Framework\v4.0.30319\Config\Browsers\chrome.browser	--a---- 2107 bytes	[03:59 28/03/2012]	[03:59 28/03/2012] 8C54E6C4F9E0CC3274EA6D04AAE9436B
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\Browsers\chrome.browser	--a---- 2107 bytes	[01:59 28/03/2012]	[01:59 28/03/2012] 8C54E6C4F9E0CC3274EA6D04AAE9436B
C:\Windows\Prefetch\CHROME.EXE-AF029D6A.pf	--a---- 104544 bytes	[21:03 02/03/2013]	[23:49 20/07/2013] 28909621142EAED68924287DB86ED30E
C:\Windows\Prefetch\CHROME.EXE-D999B1BA.pf	--a---- 47622 bytes	[11:53 21/07/2013]	[04:07 22/07/2013] 4C9428B54D44DD18529465579EBF6159

Searching for "*websearch*"
No files found.

========== folderfind ==========

Searching for "*snap.do*"
No folders found.

Searching for "*chrome*"
C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\extensions\{db2f991b-106f-477d-a712-c771073b6e79}\chrome	d------	[14:45 12/07/2013]
C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D}\chrome	d------	[03:59 07/07/2013]
C:\Users\Krystel\AppData\Roaming\Mozilla\Firefox\Profiles\8zu5s3ea.default\indexedDB\chrome	d------	[21:01 06/07/2013]
C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\chrome	d------	[23:14 04/02/2013]

Searching for "*websearch*"
No folders found.

========== regfind ==========

Searching for "snap.do"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{939d5956-f9bb-438a-9df7-a457f5a95992}]
"DisplayName"="Snap.Do Engine"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\{939d5956-f9bb-438a-9df7-a457f5a95992}]
"DisplayName"="Snap.Do Engine"

Searching for "chrome"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\LyricsPal]
"ia"="IE,FF,Chrome"
[HKEY_CURRENT_USER\Software\GNU\ffdshow]
"whitelist"="3wPlayer.exe;ACDSee10.exe;ACDSee11.exe;ACDSee5.exe;ACDSee6.exe;ACDSee7.exe;ACDSee8.exe;ACDSee8Pro.exe;ACDSee9.exe;ACDSeePro2.exe;ACDSeePro25.exe;acdseepro3.exe;aegisub.exe;afreecaplayer.exe;afreecastudio.exe;AfterFX.exe;aim6.exe;ALLPlayer.exe;allradio.exe;AlltoaviV4.exe;ALShow.exe;ALSong.exe;AltDVB.exe;amcap.exe;amf_slv.exe;amvtransform.exe;Apollo DivX to DVD Creator.exe;Apollo3GPVideoConverter.exe;Ares.exe;AsfTools.exe;ass_help3r.exe;ASUSDVD.exe;Audition.exe;AutoGK.exe;autorun.exe;avant.exe;AVerTV.exe;Avi2Dvd.exe;avi2mpg.exe;avicodec.exe;avipreview.exe;aviutl.exe;avs2avi.exe;avs2yuv.exe;Badak.exe;BearShare.exe;BePipe.exe;bestplayer.exe;bestplayer1.0.exe;bestpl~1.exe;BitComet.exe;BlazeDVD.exe;BoonPlayer.exe;bplay.exe;bsplay.exe;bsplayer.exe;BTVD3DShell.exe;CamRecorder.exe;CamtasiaStudio.exe;carom.exe;CEC_MAIN.exe;christv.exe;chrome.exe;cinemaplayer.exe;CinergyDVR.exe;CodecInstaller.exe;ConvertXtoDvd.exe;coolpro2.exe;CorePlayer.exe;Crystal.exe;crystalfree.
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE51D39520000CE9D0]
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE51D39520000CE9D0]
"Name"="CHROME.EXE"
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE51E03646000CE9D0]
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE51E03646000CE9D0]
"Name"="CHROME.EXE"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\1ca01de5_0]
@="{0.0.0.00000000}.{c85f5b3c-e760-4c13-aa4e-9cbd059e4007}|\Device\HarddiskVolume2\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\6216e723_0]
@="{0.0.0.00000000}.{18447432-b43f-4b7b-abbd-af522e44cd58}|\Device\HarddiskVolume2\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\68ae22ab_0]
@="{0.0.0.00000000}.{18447432-b43f-4b7b-abbd-af522e44cd58}|\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\f495b76d_0]
@="{0.0.0.00000000}.{c85f5b3c-e760-4c13-aa4e-9cbd059e4007}|\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Player\RecentFileList]
"File0"="C:\Users\Krystel\Desktop\alex\chrome 2013-07-17 01-46-36-99.avi"
[HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Player\RecentFileList]
"File1"="C:\Users\Krystel\Desktop\alex\chrome 2013-07-17 01-46-35-02.avi"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.13\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.1exe\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.7z\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
"Progid"="ChromeHTML"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
"Progid"="ChromeHTML"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inc\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\OpenWithList]
"c"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lrf\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\OpenWithList]
"b"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pdf\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rar\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
"Progid"="ChromeHTML"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swf\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithList]
"b"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\OpenWithList]
"b"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
"Progid"="ChromeHTML"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
"Progid"="ChromeHTML"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\PhotoPrintingWizard\EPSON SX110 Series (Kopie 1)]
"PrintCapabilites"="<?xml version="1.0"?>
<psf:PrintCapabilities xmlns:psf="hxxp://schemas.microsoft.com/windows/2003/08/printing/printschemaframework" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema" xmlns:epns200="hxxp://schema.epson.net/printschema/inkjet/v200" xmlns:psk="hxxp://schemas.microsoft.com/windows/2003/08/printing/printschemakeywords" xmlns:bpe="hxxp://www.adobe.com/schemas/2006/01/bpeschema" version="1"><psf:ParameterDef name="epns200:PageDevmodeSnapshot"><psf:Property name="psf:DataType"><psf:Value xsi:type="xsd:QName">xsd:string</psf:Value></psf:Property><psf:Property name="psf:UnitType"><psf:Value xsi:type="xsd:string">base64</psf:Value></psf:Property><psf:Property name="psf:DefaultValue"><psf:Value xsi:type="xsd:string">RQBQAFMATwBOACAAUwBYADEAMQAwACAAUwBlAHIAaQBlAHMAIAAoAEsAbwBwAGkAZQAgADEAKQAAAGUAcwAAAAEEEAXcABwDD5uABwE
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\ftp\UserChoice]
"Progid"="ChromeHTML"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice]
"Progid"="ChromeHTML"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https\UserChoice]
"Progid"="ChromeHTML"
[HKEY_CURRENT_USER\Software\Piriform\CCleaner]
"MSG_WARNCHROMECACHE"="False"
[HKEY_CURRENT_USER\Software\TeamViewer\Version8]
"Buddy_QuickPresExclusions"="Neverwinter.exe chrome.exe devenv.exe mediamonkey.exe msnmsgr.exe opera.exe psr.exe super.exe wlmail.exe wlxphotogallery.exe"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe"="Google Chrome"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Krystel\Downloads\chromeinstall-7u21.exe"="Java(TM) Platform SE binary"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Krystel\Downloads\chromeinstall-7u25.exe"="Java(TM) Platform SE binary"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"="Google Chrome"
[HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe"="Google Chrome"
[HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Krystel\Downloads\chromeinstall-7u21.exe"="Java(TM) Platform SE binary"
[HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Krystel\Downloads\chromeinstall-7u25.exe"="Java(TM) Platform SE binary"
[HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"="Google Chrome"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\chrome.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\chrome\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B0BD1890CAD3A1E4D96E77A45D17EA40]
"26DDC2EC4210AC63483DF9D4FCC5B59D"="C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\chrome\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Update]
"LastInstallerSuccessLaunchCmdLine"=""C:\Program Files (x86)\Google\Chrome\Application\chrome.exe""
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\AppDataLow\Software\LyricsPal]
"ia"="IE,FF,Chrome"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\GNU\ffdshow]
"whitelist"="3wPlayer.exe;ACDSee10.exe;ACDSee11.exe;ACDSee5.exe;ACDSee6.exe;ACDSee7.exe;ACDSee8.exe;ACDSee8Pro.exe;ACDSee9.exe;ACDSeePro2.exe;ACDSeePro25.exe;acdseepro3.exe;aegisub.exe;afreecaplayer.exe;afreecastudio.exe;AfterFX.exe;aim6.exe;ALLPlayer.exe;allradio.exe;AlltoaviV4.exe;ALShow.exe;ALSong.exe;AltDVB.exe;amcap.exe;amf_slv.exe;amvtransform.exe;Apollo DivX to DVD Creator.exe;Apollo3GPVideoConverter.exe;Ares.exe;AsfTools.exe;ass_help3r.exe;ASUSDVD.exe;Audition.exe;AutoGK.exe;autorun.exe;avant.exe;AVerTV.exe;Avi2Dvd.exe;avi2mpg.exe;avicodec.exe;avipreview.exe;aviutl.exe;avs2avi.exe;avs2yuv.exe;Badak.exe;BearShare.exe;BePipe.exe;bestplayer.exe;bestplayer1.0.exe;bestpl~1.exe;BitComet.exe;BlazeDVD.exe;BoonPlayer.exe;bplay.exe;bsplay.exe;bsplayer.exe;BTVD3DShell.exe;CamRecorder.exe;CamtasiaStudio.exe;carom.exe;CEC_MAIN.exe;christv.exe;chrome.exe;cinemaplayer.exe;CinergyDVR.exe;CodecInstaller.exe;ConvertXtoDvd.exe;coolpro2.exe
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\DirectInput\CHROME.EXE51D39520000CE9D0]
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\DirectInput\CHROME.EXE51D39520000CE9D0]
"Name"="CHROME.EXE"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\DirectInput\CHROME.EXE51E03646000CE9D0]
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\DirectInput\CHROME.EXE51E03646000CE9D0]
"Name"="CHROME.EXE"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\1ca01de5_0]
@="{0.0.0.00000000}.{c85f5b3c-e760-4c13-aa4e-9cbd059e4007}|\Device\HarddiskVolume2\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\6216e723_0]
@="{0.0.0.00000000}.{18447432-b43f-4b7b-abbd-af522e44cd58}|\Device\HarddiskVolume2\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\68ae22ab_0]
@="{0.0.0.00000000}.{18447432-b43f-4b7b-abbd-af522e44cd58}|\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\f495b76d_0]
@="{0.0.0.00000000}.{c85f5b3c-e760-4c13-aa4e-9cbd059e4007}|\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\MediaPlayer\Player\RecentFileList]
"File0"="C:\Users\Krystel\Desktop\alex\chrome 2013-07-17 01-46-36-99.avi"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\MediaPlayer\Player\RecentFileList]
"File1"="C:\Users\Krystel\Desktop\alex\chrome 2013-07-17 01-46-35-02.avi"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.13\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.1exe\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.7z\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
"Progid"="ChromeHTML"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
"Progid"="ChromeHTML"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inc\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\OpenWithList]
"c"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lrf\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\OpenWithList]
"b"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pdf\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rar\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
"Progid"="ChromeHTML"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swf\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithList]
"b"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\OpenWithList]
"b"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
"Progid"="ChromeHTML"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
"Progid"="ChromeHTML"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\PhotoPrintingWizard\EPSON SX110 Series (Kopie 1)]
"PrintCapabilites"="<?xml version="1.0"?>
<psf:PrintCapabilities xmlns:psf="hxxp://schemas.microsoft.com/windows/2003/08/printing/printschemaframework" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema" xmlns:epns200="hxxp://schema.epson.net/printschema/inkjet/v200" xmlns:psk="hxxp://schemas.microsoft.com/windows/2003/08/printing/printschemakeywords" xmlns:bpe="hxxp://www.adobe.com/schemas/2006/01/bpeschema" version="1"><psf:ParameterDef name="epns200:PageDevmodeSnapshot"><psf:Property name="psf:DataType"><psf:Value xsi:type="xsd:QName">xsd:string</psf:Value></psf:Property><psf:Property name="psf:UnitType"><psf:Value xsi:type="xsd:string">base64</psf:Value></psf:Property><psf:Property name="psf:DefaultValue"><psf:Value xsi:type="xsd:string">RQBQAFMATwBOACAAUwBYADEAMQAwACAAUwBlAHIAaQBlAHMAIAAoAEsAbwBwAGk
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\ftp\UserChoice]
"Progid"="ChromeHTML"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice]
"Progid"="ChromeHTML"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https\UserChoice]
"Progid"="ChromeHTML"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Piriform\CCleaner]
"MSG_WARNCHROMECACHE"="False"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\TeamViewer\Version8]
"Buddy_QuickPresExclusions"="Neverwinter.exe chrome.exe devenv.exe mediamonkey.exe msnmsgr.exe opera.exe psr.exe super.exe wlmail.exe wlxphotogallery.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe"="Google Chrome"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Krystel\Downloads\chromeinstall-7u21.exe"="Java(TM) Platform SE binary"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Krystel\Downloads\chromeinstall-7u25.exe"="Java(TM) Platform SE binary"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"="Google Chrome"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Classes\Wow6432Node\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe"="Google Chrome"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Classes\Wow6432Node\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Krystel\Downloads\chromeinstall-7u21.exe"="Java(TM) Platform SE binary"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Classes\Wow6432Node\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Krystel\Downloads\chromeinstall-7u25.exe"="Java(TM) Platform SE binary"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Classes\Wow6432Node\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"="Google Chrome"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe"="Google Chrome"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Krystel\Downloads\chromeinstall-7u21.exe"="Java(TM) Platform SE binary"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Krystel\Downloads\chromeinstall-7u25.exe"="Java(TM) Platform SE binary"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"="Google Chrome"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000_Classes\Wow6432Node\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Krystel\AppData\Local\Google\Chrome\Application\chrome.exe"="Google Chrome"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000_Classes\Wow6432Node\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Krystel\Downloads\chromeinstall-7u21.exe"="Java(TM) Platform SE binary"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000_Classes\Wow6432Node\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Krystel\Downloads\chromeinstall-7u25.exe"="Java(TM) Platform SE binary"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000_Classes\Wow6432Node\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"="Google Chrome"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001\Software\Microsoft\Direct3D\MostRecentApplication]
"Name"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Google Chrome]
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
"Progid"="ChromeHTML.WH4Z4YUIFPG32HKJS2UOICFTJY"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
"Progid"="ChromeHTML.WH4Z4YUIFPG32HKJS2UOICFTJY"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
"Progid"="ChromeHTML.WH4Z4YUIFPG32HKJS2UOICFTJY"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
"Progid"="ChromeHTML.WH4Z4YUIFPG32HKJS2UOICFTJY"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
"Progid"="ChromeHTML.WH4Z4YUIFPG32HKJS2UOICFTJY"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]
"DisplayName"="Google Chrome"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]
"UninstallString"=""C:\Users\Krystel\AppData\Local\Google\Chrome\Application\24.0.1312.57\Installer\setup.exe" --uninstall --multi-install --chrome --verbose-logging"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]
"InstallLocation"="C:\Users\UpdatusUser\AppData\Local\Google\Chrome\Application"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]
"DisplayIcon"="C:\Users\UpdatusUser\AppData\Local\Google\Chrome\Application\chrome.exe,0"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\ftp\UserChoice]
"Progid"="ChromeHTML.WH4Z4YUIFPG32HKJS2UOICFTJY"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice]
"Progid"="ChromeHTML.WH4Z4YUIFPG32HKJS2UOICFTJY"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https\UserChoice]
"Progid"="ChromeHTML.WH4Z4YUIFPG32HKJS2UOICFTJY"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001\Software\Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\LocalServer32]
@=""C:\Users\Krystel\AppData\Local\Google\Chrome\Application\24.0.1312.57\delegate_execute.exe""
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001\Software\Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\LocalServer32]
"ServerExecutable"="C:\Users\UpdatusUser\AppData\Local\Google\Chrome\Application\24.0.1312.57\delegate_execute.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001\Software\Classes\Wow6432Node\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\LocalServer32]
@=""C:\Users\Krystel\AppData\Local\Google\Chrome\Application\24.0.1312.57\delegate_execute.exe""
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001\Software\Classes\Wow6432Node\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\LocalServer32]
"ServerExecutable"="C:\Users\UpdatusUser\AppData\Local\Google\Chrome\Application\24.0.1312.57\delegate_execute.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\LocalServer32]
@=""C:\Users\Krystel\AppData\Local\Google\Chrome\Application\24.0.1312.57\delegate_execute.exe""
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\LocalServer32]
"ServerExecutable"="C:\Users\UpdatusUser\AppData\Local\Google\Chrome\Application\24.0.1312.57\delegate_execute.exe"
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001_Classes\Wow6432Node\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\LocalServer32]
@=""C:\Users\Krystel\AppData\Local\Google\Chrome\Application\24.0.1312.57\delegate_execute.exe""
[HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1001_Classes\Wow6432Node\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\LocalServer32]
"ServerExecutable"="C:\Users\UpdatusUser\AppData\Local\Google\Chrome\Application\24.0.1312.57\delegate_execute.exe"

Searching for "websearch"
No data found.

-= EOF =-
         

OTL laden wenn nicht vorhanden:

Fixen mit OTL

• Starte bitte die OTL.exe.
• Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code: Alles auswählenAufklappen

ATTFilter

:files
C:\Fraps\Screenshots\chrome
C:\Program Files (x86)\LooksBuilder
:reg
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{939d5956-f9bb-438a-9df7-a457f5a95992}]
[-HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\{939d5956-f9bb-438a-9df7-a457f5a95992}]
:Commands
[emptytemp]
         

• Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
• Schließe bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
  ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
  Kopiere nun den Inhalt hier in Deinen Thread

Chrome wieder installieren.

Ich habe ein Problem.
Wenn ich den Fix einfüge und auf "Fix" drücke, lädt es nur für einen Moment und danach zeigt das Programm "Keine Rückmeldung" mehr an.

Zitat:

Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.

Da ich das hier nicht getan habe, sollte ich den Fix 1:1 kopieren, oder nicht?

genau. Lass mal den Teil mit

:Commands

weg.

log

Zitat:

========== FILES ==========
File\Folder C:\Fraps\Screenshots\chrome not found.
File\Folder C:\Program Files (x86)\LooksBuilder not found.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{939d5956-f9bb-438a-9df7-a457f5a95992}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{939d5956-f9bb-438a-9df7-a457f5a95992}\ not found.
Registry key HKEY_USERS\S-1-5-21-3029538542-3273361527-2256941593-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\{939d5956-f9bb-438a-9df7-a457f5a95992}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{939d5956-f9bb-438a-9df7-a457f5a95992}\ not found.

OTL by OldTimer - Version 3.2.69.0 log created on 07222013_193235

Ich glaube da hilft echt nur noch den Rechner mal zu formatieren.