Viren oder Trojaner

Sakurako137 · 15.11.2013, 14:01

Ich habe das Problem immer wenn ich im Internet was mache öffnet sich ein Fenster mit Werbung und das sagt mir mein Computer ist in Gefahr ich habe auch mit Malwarebytes Bedrohungen gefunden und diese entfernt. Aber es ist immer noch nicht behoben und nun habe ich auch mal FRST durchlaufen lassen und dann kam das:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-11-2013
Ran by Paddy (administrator) on PADDY-PC on 15-11-2013 13:50:32
Running from C:\Users\Paddy\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Users\Paddy\AppData\Local\Temp\OCS\Downloads\3fb4024f7caf3a01809ef819569822ba\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe
() C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Akamai Technologies, Inc.) C:\Users\Paddy\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Paddy\AppData\Local\Akamai\netsession_win.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Users\Paddy\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
() C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_152_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [1278064 2013-03-13] (McAfee, Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Aeria Ignite] - C:\Program Files\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM\...\Run: [Ocs_SM] - C:\Users\Paddy\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2013-11-11] (OCS)
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Paddy\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-05] ()
HKCU\...\Run: [Overwolf] - C:\Program Files\Overwolf\Overwolf.exe [35256 2013-10-23] (Overwolf)
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-11-15] (Google Inc.)
HKCU\...\Winlogon: [Shell] explorer.exe <==== ATTENTION
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
MountPoints2: {ecdf1629-9089-11e1-82eb-806e6f6e6963} - F:\Start.exe
AppInit_DLLs: c:\progra~2\browse~1\261339~1.144\{c16c1~1\browse~1.dll [ ] ()
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://facebook.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8061B8F4A024CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.delta-search.com/?affID=121561&tt=190313_wo3&babsrc=HP_ss&mntrId=E8A590E6BA4ED462
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=E8A590E6BA4ED462&affID=120695&tsp=4932
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=ds&from=adks&uid=SAMSUNGXHD103UJ_S13PJ90SA07309&ts=1383847196&type=default&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=ds&from=adks&uid=SAMSUNGXHD103UJ_S13PJ90SA07309&ts=1383847196&type=default&q={searchTerms}
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - (No Name) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - No File
URLSearchHook: HKCU - (No Name) - {990af1c2-5a27-4460-8149-ecc6bc122af3} - No File
URLSearchHook: HKCU - (No Name) - {78e516ef-11de-47a1-8364-a99b917ec5ee} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.dosearches.com/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=sc&from=adks&uid=SAMSUNGXHD103UJ_S13PJ90SA07309&ts=1383847196
SearchScopes: HKLM - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKCU - BrowserMngrDefaultScope {7863768C-0074-4B11-98DF-DA393E04CCD4}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D4945313053 52&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&k=0
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKCU - {1F562031-5F86-46EF-A1D2-98607796E6B7} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {6356B883-415D-4F82-9643-99AF5C1FCE6B} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {65020ABE-AC86-40B3-BA30-3820AE7B74C2} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {6A52F208-563B-4165-AEB6-BB12B3524B8C} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {71AEEF32-6DE9-4786-ADC5-DA4B44B7AFD9} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKCU - {871940BA-AE5A-4D6E-BD33-2EC2F0339F69} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {DEFFDD02-590A-4A0A-95E1-8F8ECEEACFC6} URL = hxxp://de.search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F64652E7365617263682E7961686F6F2E636F6D2F7365617263683F703D7B7365617263685465726D737D2666723D76635F7472616E735F3831343026747970 653D686F727573&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&k=0
BHO: OKitSpace - {3543619C-D563-43f7-95EA-4DA7E1CC396A} - C:\Users\Paddy\AppData\Roaming\okitspace\IE\OkitSpace.dll ()
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20120706161054.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: af0.Adblock.BHO - {90EFF544-3981-4d46-85C9-C0361D0931D6} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll ()
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No File
Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} - No File
Toolbar: HKCU - No Name - {990AF1C2-5A27-4460-8149-ECC6BC122AF3} - No File
Toolbar: HKCU - No Name - {78E516EF-11DE-47A1-8364-A99B917EC5EE} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @mcafee.com/MVT - C:\Program Files\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF Plugin: @mcafee.com/SAFFPlugin - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Paddy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Paddy\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\aed6677c-c927-4858-ba8c-7a232a32db49.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\badoo.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\{0622CC76-C099-4CF2-83D2-FB3CA5749E96}.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\{0B91852B-50A2-49DA-B502-59A213B0F745}.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\{65EB0022-4F2F-4871-8717-6F344E5E7CEB}.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\{86522860-BD94-45C7-A318-7604BC80793A}.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\{A0ACA1A1-184F-4F0A-86A0-DB5B1088C2B8}.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\{DE0A6B44-B277-4D90-AB49-99E52589A06F}.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions
FF Extension: OneClickDownloader - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\user.js.orig
FF Extension: DealPly Shopping - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\addon@dealplyshopping.com
FF Extension: Amazon-Icon - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\amazon-icon@winload.de
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\staged
FF Extension: PriceGong - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
FF Extension: Bitdefender QuickScan - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF Extension: pricepeep - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\pricepeep@getpricepeep.com.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor
FF HKLM\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files\Common Files\McAfee\SystemCore
FF Extension: McAfee ScriptScan for Firefox - C:\Program Files\Common Files\McAfee\SystemCore
FF HKLM\...\Firefox\Extensions: [OKitSpace@Vittalia.es] - C:\Users\Paddy\AppData\Roaming\okitspace\Firefox
FF Extension: OKitSpace - C:\Users\Paddy\AppData\Roaming\okitspace\Firefox
FF HKLM\...\Firefox\Extensions: [OKitSpace@OKitSpace.es] - C:\Users\Paddy\AppData\Roaming\okitSpace\Firefox
FF Extension: OKitSpace - C:\Users\Paddy\AppData\Roaming\okitSpace\Firefox
FF HKLM\...\Firefox\Extensions: [dnshelp@dnshelp.com] - C:\Users\Paddy\AppData\Roaming\Helper
FF Extension: Helper - C:\Users\Paddy\AppData\Roaming\Helper
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR Extension: () - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\background.html
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM\...\Chrome\Extension: [hifnddafpdkmjljallgdlkjiiieidmec] - C:\Users\Paddy\AppData\Roaming\okitSpace\Chrome\OKitSpace.crx
CHR HKLM\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\Paddy\AppData\Local\Wajam\Chrome\wajam.crx
CHR HKLM\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Paddy\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx

========================== Services (Whitelisted) =================

R2 AddonsHelper; C:\Users\Paddy\AppData\Local\Temp\OCS\Downloads\3fb4024f7caf3a01809ef819569822ba\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe [896512 2013-11-11] ()
R2 FreemiumSystemStoreService; C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.exe [7244800 2012-09-13] ()
S3 Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [135584 2011-12-09] (Futuremark Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [279048 2012-11-16] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [203840 2013-02-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169320 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [172416 2013-02-19] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
S3 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [18360 2013-10-23] (Overwolf Ltd)
R2 SearchAnonymizer; C:\Users\Paddy\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2013-11-11] ()
S2 srvPlgProtect; C:\Users\Paddy\AppData\Roaming\okitspace\protect\PluginProtect.exe [90112 2013-11-13] ()
S2 SrvUpdater; C:\Program Files\SoftwareUpdater\UpdaterService.exe [32768 2013-10-23] ()
R2 SystemStore; C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe [14848 2012-04-24] ()
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [x]

==================== Drivers (Whitelisted) ====================

S3 apf003; C:\Windows\system32\apf003.sys [13232 2013-11-03] ()
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2013-06-01] (Wondershare)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [60920 2013-02-19] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [146872 2012-04-20] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 McPvDrv; C:\Windows\System32\drivers\McPvDrv.sys [64832 2012-09-14] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [133416 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [235264 2013-02-19] (McAfee, Inc.)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [65928 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [363080 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [565888 2013-02-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [92632 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [210608 2013-02-19] (McAfee, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 nusbhost; C:\Windows\System32\DRIVERS\nusbhst.sys [13824 2006-12-29] (SC)
R3 NUSBHUB; C:\Windows\System32\DRIVERS\nusbhub.sys [35840 2006-12-29] (SC)
R2 persg; C:\Windows\System32\DRIVERS\persg.sys [25176 2012-04-19] ()
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)
S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39016 2012-04-20] (RapidSolution Software AG)
U3 mfeavfk01; No ImagePath

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-15 13:50 - 2013-11-15 13:51 - 00025417 ____C C:\Users\Paddy\Desktop\FRST.txt
2013-11-15 13:50 - 2013-11-15 13:50 - 00000000 ___DC C:\FRST
2013-11-15 13:49 - 2013-11-15 13:49 - 01090529 ____C (Farbar) C:\Users\Paddy\Desktop\FRST.exe
2013-11-15 12:04 - 2013-11-15 12:04 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Google
2013-11-15 11:38 - 2013-11-15 11:39 - 00000000 ___DC C:\ProgramData\Google
2013-11-14 23:45 - 2013-11-15 11:36 - 00000168 _____ C:\Windows\setupact.log
2013-11-14 23:45 - 2013-11-14 23:45 - 00000000 _____ C:\Windows\setuperr.log
2013-11-14 23:44 - 2013-11-14 23:44 - 00000768 _____ C:\Windows\PFRO.log
2013-11-14 13:14 - 2013-10-12 08:04 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-14 13:14 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 13:14 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-14 13:14 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-14 13:14 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-14 03:56 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 03:56 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 03:56 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 03:56 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 03:56 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 03:56 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 03:56 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 03:56 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 03:56 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 03:56 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 03:56 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 03:56 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 03:56 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 03:56 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 03:56 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 03:56 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 03:56 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 03:56 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-14 01:26 - 2013-11-14 01:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Vast Studios
2013-11-14 01:23 - 2013-11-14 01:23 - 00002210 _____ C:\Users\Public\Desktop\Spiel Nightfall Mysteries - Die Ashburg Verschwoerung.lnk
2013-11-14 01:23 - 2013-11-14 01:23 - 00001907 _____ C:\Users\Public\Desktop\Spiel Atlantis Quest.lnk
2013-11-14 01:23 - 2013-11-14 01:23 - 00001234 _____ C:\Users\Public\Desktop\Weitere fantastische Spiele.lnk
2013-11-14 01:23 - 2013-11-14 01:23 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nightfall Mysteries - Die Ashburg Verschwoerung
2013-11-14 01:23 - 2013-11-14 01:23 - 00000000 ___DC C:\Program Files\Nightfall Mysteries - Die Ashburg Verschwoerung
2013-11-14 01:23 - 2013-11-14 01:23 - 00000000 ___DC C:\Program Files\Atlantis Quest
2013-11-14 01:19 - 2013-11-14 01:20 - 00000000 ___DC C:\Program Files\bfgclient
2013-11-13 13:13 - 2013-11-13 13:13 - 08405609 ____C C:\Users\Paddy\Desktop\Evanescence-My Immortal lyrics.mp4
2013-11-12 12:07 - 2013-11-12 12:07 - 00782336 _____ C:\Windows\system32\config\default.rhk
2013-11-12 12:07 - 2013-11-12 12:07 - 00024576 _____ C:\Windows\system32\config\security.rhk
2013-11-12 12:07 - 2013-11-12 12:07 - 00024576 _____ C:\Windows\system32\config\sam.rhk
2013-11-12 12:06 - 2013-11-12 12:07 - 43806720 _____ C:\Windows\system32\config\software.rhk
2013-11-12 12:03 - 2013-11-15 13:34 - 01311762 _____ C:\Windows\WindowsUpdate.log
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Samsung
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Samsung
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ____D C:\Users\Paddy\Documents\samsung
2013-11-12 01:07 - 2013-11-12 01:08 - 00000000 ___DC C:\ProgramData\Samsung
2013-11-12 01:07 - 2013-11-12 01:08 - 00000000 ___DC C:\Program Files\Samsung
2013-11-12 01:07 - 2013-10-30 12:13 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\system32\Redemption.dll
2013-11-12 01:07 - 2013-10-30 12:06 - 00821824 _____ (Devguru Co., Ltd.) C:\Windows\system32\dgderapi.dll
2013-11-12 01:04 - 2013-11-12 01:04 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Downloaded Installations
2013-11-11 12:56 - 2013-11-11 12:56 - 00000442 _____ C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job
2013-11-11 12:46 - 2013-11-11 12:50 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Wise Registry Cleaner
2013-11-11 12:46 - 2013-11-11 12:46 - 00001456 _____ C:\Users\UpdatusUser\Desktop\Amazon.lnk
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Helper
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\DesktopIconForAmazon
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\ProgramData\DNSErrorHelper
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\Program Files\Wise
2013-11-11 12:45 - 2013-11-11 12:45 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\OCS
2013-11-04 21:10 - 2013-11-04 21:10 - 00016384 ____C C:\Users\Paddy\Desktop\Laura.xls
2013-11-04 17:21 - 2013-11-04 17:21 - 00001678 ____C C:\Users\Paddy\Desktop\Shaiya-DE.lnk
2013-11-04 17:20 - 2013-11-04 17:20 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portal of Etain
2013-11-04 17:20 - 2013-11-04 17:20 - 00000000 ___DC C:\Program Files\Overwolf
2013-11-04 17:20 - 2013-11-04 17:20 - 00000000 ___DC C:\Program Files\Common Files\Overwolf
2013-11-04 17:08 - 2013-11-15 11:36 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Overwolf
2013-11-04 16:38 - 2013-11-04 16:45 - 00000000 ___DC C:\Program Files\Free Window Registry Repair
2013-11-04 16:38 - 2013-11-04 16:38 - 00001001 _____ C:\Users\UpdatusUser\Desktop\Free Window Registry Repair.lnk
2013-11-04 16:38 - 2013-11-04 16:38 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
2013-11-03 21:02 - 2013-11-03 21:02 - 00016304 ____N C:\Windows\system32\apl003.sys
2013-11-03 21:02 - 2013-11-03 21:02 - 00013232 ____N C:\Windows\system32\apf003.sys
2013-11-03 20:39 - 2013-11-03 20:39 - 00000000 ___DC C:\Program Files\Aeria Games
2013-10-31 00:16 - 2010-10-13 06:42 - 02369456 _____ (Codejock Software) C:\Windows\system32\Codejock.CommandBars.v13.4.2.ocx
2013-10-31 00:16 - 2010-06-01 14:45 - 01005088 _____ (Bennet-Tec Information Systems, Inc) C:\Windows\system32\TList8.ocx
2013-10-31 00:16 - 2008-01-29 07:57 - 00450560 _____ (LogicNP Software (hxxp://www.ssware.com)) C:\Windows\system32\fldrvw90.ocx
2013-10-31 00:15 - 2010-08-20 21:53 - 00086016 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtSplitter.ocx
2013-10-31 00:15 - 2010-06-11 10:50 - 00089888 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtFrame.ocx
2013-10-31 00:15 - 2010-03-25 10:33 - 00171752 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtRTF2.ocx
2013-10-31 00:15 - 2009-10-13 00:02 - 00044736 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtSubclass.dll
2013-10-31 00:15 - 2009-10-13 00:01 - 00077504 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtScrollContainer.ocx
2013-10-31 00:14 - 2013-11-10 21:13 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\AllDup
2013-10-31 00:14 - 2013-10-31 00:16 - 00000000 ___DC C:\ProgramData\AllDup
2013-10-31 00:14 - 2013-10-31 00:16 - 00000000 ___DC C:\Program Files\AllDup
2013-10-30 12:24 - 2013-11-07 19:00 - 00000000 ___DC C:\Program Files\Flash Player Pro
2013-10-30 12:24 - 2013-10-30 12:24 - 00000000 ____D C:\Users\Paddy\Documents\Flash Player Pro
2013-10-30 12:07 - 2013-10-30 12:07 - 00330240 _____ ((주)마크애니) C:\Windows\MASetupCaller.dll
2013-10-30 12:07 - 2013-10-30 12:07 - 00090112 _____ ((주)마크애니) C:\Windows\MAMCityDownload.ocx
2013-10-30 12:07 - 2013-10-30 12:07 - 00030568 _____ () C:\Windows\MusiccityDownload.exe
2013-10-30 12:06 - 2013-10-30 12:06 - 00974848 _____ C:\Windows\system32\cis-2.4.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00569344 _____ ((c) MusicCity) C:\Windows\system32\muzdecode.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00491520 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzapp.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00352256 _____ (Sample Corporation) C:\Windows\system32\MSLUR71.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00258048 _____ ((c) PeeringPortal) C:\Windows\system32\muzoggsp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00245760 _____ (Teruten Inc.) C:\Windows\system32\MSCLib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00200704 _____ ( (c) MusicCity) C:\Windows\system32\muzwmts.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00172032 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzapp.exe
2013-10-30 12:06 - 2013-10-30 12:06 - 00155648 _____ (Teruten Inc.) C:\Windows\system32\MSFLib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00143360 _____ C:\Windows\system32\3DAudio.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00135168 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzaf1.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00131072 _____ ((c) MusicCity) C:\Windows\system32\muzmpgsp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00122880 _____ ((c) MUSICCITY) C:\Windows\system32\muzeffect.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00118784 _____ ((주)마크애니) C:\Windows\system32\MaDRM.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00110592 _____ ((c) MusicCity) C:\Windows\system32\muzmp4sp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00081920 _____ C:\Windows\system32\issacapi_bs-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00065536 _____ C:\Windows\system32\issacapi_pe-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ C:\Windows\system32\issacapi_se-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ (Marktek) C:\Windows\system32\MK_Lyric.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ (Marktek Inc.) C:\Windows\system32\MTXSYNCICON.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00049152 _____ ((주) 마크애니) C:\Windows\system32\MaJGUILib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045320 _____ (MARKANY) C:\Windows\system32\MAMACExtract.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045056 _____ ((주) 마크애니) C:\Windows\system32\MaXMLProto.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045056 _____ ((주) 마크애니) C:\Windows\system32\MACXMLProto.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00040960 _____ (Telechips Inc.,) C:\Windows\system32\MTTELECHIP.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00024576 _____ ((주)마크애니) C:\Windows\system32\MASetupCleaner.exe
2013-10-23 21:42 - 2013-10-23 21:42 - 00000079 _____ C:\Windows\wininit.ini
2013-10-21 20:26 - 2013-11-02 00:13 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\IMVU
2013-10-21 20:26 - 2013-10-21 20:26 - 00001875 ____C C:\Users\Paddy\Desktop\IMVU.lnk
2013-10-21 20:26 - 2013-10-21 20:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU
2013-10-21 20:26 - 2013-10-21 20:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\IMVUClient
2013-10-21 19:06 - 2013-10-21 19:06 - 00000000 ____D C:\Users\Paddy\Documents\ProcAlyzer Dumps
2013-10-21 15:36 - 2013-10-21 15:36 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-21 15:36 - 2013-10-21 15:36 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-21 15:36 - 2013-10-21 15:36 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-21 15:36 - 2013-10-21 15:36 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-10-21 15:36 - 2013-10-21 15:36 - 00000000 ___DC C:\ProgramData\Oracle
2013-10-21 15:36 - 2013-10-21 15:36 - 00000000 ___DC C:\Program Files\Java
2013-10-20 10:32 - 2013-10-20 10:32 - 00000000 ____D C:\Users\Paddy\Documents\Gothic3ForsakenGods
2013-10-20 01:04 - 2013-10-20 01:04 - 00000000 ___DC C:\ProgramData\Preventon
2013-10-20 01:00 - 2013-10-20 01:00 - 00001160 _____ C:\Users\Public\Desktop\Gothic 2 Gold Spielen!.lnk
2013-10-20 00:55 - 2013-10-21 15:56 - 00000000 ___DC C:\Program Files\JoWood
2013-10-19 13:01 - 2013-10-22 19:07 - 00001866 _____ C:\Users\Public\Desktop\Gothic.lnk
2013-10-19 01:38 - 2013-10-31 20:17 - 00000000 ___DC C:\ProgramData\clp
2013-10-19 01:37 - 2013-11-04 16:50 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Fighters
2013-10-19 01:36 - 2013-10-19 01:36 - 00000000 ___DC C:\ProgramData\Common Toolkit Suite
2013-10-19 01:35 - 2013-11-04 16:50 - 00000000 ___DC C:\ProgramData\Fighters
2013-10-19 00:52 - 2013-10-23 16:29 - 00000000 ____D C:\Windows\865537E164904193A4B6669C62711852.TMP
2013-10-19 00:52 - 2013-10-19 00:52 - 00000000 ___DC C:\Program Files\Common Files\Wise Installation Wizard
2013-10-19 00:46 - 2013-10-19 00:46 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\net1-wfds
2013-10-19 00:46 - 2013-10-19 00:46 - 00000000 ___DC C:\Program Files\net1-wfds
2013-10-18 12:10 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-18 12:10 - 2013-07-03 05:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-18 12:10 - 2013-07-03 04:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-18 12:10 - 2013-07-03 04:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys

==================== One Month Modified Files and Folders =======

2013-11-15 13:51 - 2013-11-15 13:50 - 00025417 ____C C:\Users\Paddy\Desktop\FRST.txt
2013-11-15 13:50 - 2013-11-15 13:50 - 00000000 ___DC C:\FRST
2013-11-15 13:49 - 2013-11-15 13:49 - 01090529 ____C (Farbar) C:\Users\Paddy\Desktop\FRST.exe
2013-11-15 13:34 - 2013-11-12 12:03 - 01311762 _____ C:\Windows\WindowsUpdate.log
2013-11-15 12:07 - 2012-06-03 16:18 - 00000000 ___DC C:\Users\Paddy\AppData\Local\PMB Files
2013-11-15 12:05 - 2012-11-24 00:18 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Google
2013-11-15 12:04 - 2013-11-15 12:04 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Google
2013-11-15 12:04 - 2012-12-01 12:57 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Adobe
2013-11-15 11:44 - 2009-07-14 05:34 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-15 11:44 - 2009-07-14 05:34 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-15 11:39 - 2013-11-15 11:38 - 00000000 ___DC C:\ProgramData\Google
2013-11-15 11:39 - 2013-02-21 16:45 - 00000000 ___DC C:\Program Files\Google
2013-11-15 11:38 - 2012-04-27 19:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-11-15 11:36 - 2013-11-14 23:45 - 00000168 _____ C:\Windows\setupact.log
2013-11-15 11:36 - 2013-11-04 17:08 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Overwolf
2013-11-15 11:36 - 2012-04-27 18:16 - 00000000 ___DC C:\ProgramData\NVIDIA
2013-11-14 23:45 - 2013-11-14 23:45 - 00000000 _____ C:\Windows\setuperr.log
2013-11-14 23:45 - 2012-04-27 18:55 - 00000000 ____D C:\Windows\Panther
2013-11-14 23:44 - 2013-11-14 23:44 - 00000768 _____ C:\Windows\PFRO.log
2013-11-14 23:44 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-11-14 13:16 - 2009-07-14 03:04 - 00000499 _____ C:\Windows\win.ini
2013-11-14 13:14 - 2013-08-15 02:30 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 13:11 - 2012-05-02 10:03 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-14 01:26 - 2013-11-14 01:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Vast Studios
2013-11-14 01:25 - 2013-08-22 18:28 - 00000000 ___DC C:\BigFishCache
2013-11-14 01:23 - 2013-11-14 01:23 - 00002210 _____ C:\Users\Public\Desktop\Spiel Nightfall Mysteries - Die Ashburg Verschwoerung.lnk
2013-11-14 01:23 - 2013-11-14 01:23 - 00001907 _____ C:\Users\Public\Desktop\Spiel Atlantis Quest.lnk
2013-11-14 01:23 - 2013-11-14 01:23 - 00001234 _____ C:\Users\Public\Desktop\Weitere fantastische Spiele.lnk
2013-11-14 01:23 - 2013-11-14 01:23 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nightfall Mysteries - Die Ashburg Verschwoerung
2013-11-14 01:23 - 2013-11-14 01:23 - 00000000 ___DC C:\Program Files\Nightfall Mysteries - Die Ashburg Verschwoerung
2013-11-14 01:23 - 2013-11-14 01:23 - 00000000 ___DC C:\Program Files\Atlantis Quest
2013-11-14 01:20 - 2013-11-14 01:19 - 00000000 ___DC C:\Program Files\bfgclient
2013-11-14 01:19 - 2013-08-22 18:30 - 00000000 ___DC C:\ProgramData\Big Fish
2013-11-13 13:13 - 2013-11-13 13:13 - 08405609 ____C C:\Users\Paddy\Desktop\Evanescence-My Immortal lyrics.mp4
2013-11-13 13:11 - 2012-04-27 18:13 - 00365334 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-12 12:07 - 2013-11-12 12:07 - 00782336 _____ C:\Windows\system32\config\default.rhk
2013-11-12 12:07 - 2013-11-12 12:07 - 00024576 _____ C:\Windows\system32\config\security.rhk
2013-11-12 12:07 - 2013-11-12 12:07 - 00024576 _____ C:\Windows\system32\config\sam.rhk
2013-11-12 12:07 - 2013-11-12 12:06 - 43806720 _____ C:\Windows\system32\config\software.rhk
2013-11-12 02:03 - 2012-07-09 13:38 - 00000000 ___DC C:\Users\Paddy\Desktop\Programme
2013-11-12 01:11 - 2013-09-11 16:48 - 00000000 ___DC C:\Users\Paddy\Desktop\Handy
2013-11-12 01:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Samsung
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Samsung
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ____D C:\Users\Paddy\Documents\samsung
2013-11-12 01:08 - 2013-11-12 01:07 - 00000000 ___DC C:\ProgramData\Samsung
2013-11-12 01:08 - 2013-11-12 01:07 - 00000000 ___DC C:\Program Files\Samsung
2013-11-12 01:07 - 2012-04-27 19:45 - 00000000 __HDC C:\Program Files\InstallShield Installation Information
2013-11-12 01:04 - 2013-11-12 01:04 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Downloaded Installations
2013-11-11 12:56 - 2013-11-11 12:56 - 00000442 _____ C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job
2013-11-11 12:50 - 2013-11-11 12:46 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Wise Registry Cleaner
2013-11-11 12:46 - 2013-11-11 12:46 - 00001456 _____ C:\Users\UpdatusUser\Desktop\Amazon.lnk
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Helper
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\DesktopIconForAmazon
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\ProgramData\DNSErrorHelper
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\Program Files\Wise
2013-11-11 12:45 - 2013-11-11 12:45 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\OCS
2013-11-11 12:45 - 2013-03-21 00:07 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Opera
2013-11-11 12:27 - 2012-04-27 18:38 - 00000000 ___DC C:\Program Files\McAfee
2013-11-10 21:13 - 2013-10-31 00:14 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\AllDup
2013-11-07 19:00 - 2013-10-30 12:24 - 00000000 ___DC C:\Program Files\Flash Player Pro
2013-11-07 18:59 - 2012-04-27 18:11 - 00001701 ____C C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-04 21:10 - 2013-11-04 21:10 - 00016384 ____C C:\Users\Paddy\Desktop\Laura.xls
2013-11-04 21:10 - 2013-09-21 20:00 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-04 20:56 - 2012-04-27 19:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-04 18:18 - 2013-08-28 17:13 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-437763861-1864287327-3057929401-1000UA.job
2013-11-04 18:18 - 2013-08-28 17:13 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-437763861-1864287327-3057929401-1000Core.job
2013-11-04 17:21 - 2013-11-04 17:21 - 00001678 ____C C:\Users\Paddy\Desktop\Shaiya-DE.lnk
2013-11-04 17:20 - 2013-11-04 17:20 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portal of Etain
2013-11-04 17:20 - 2013-11-04 17:20 - 00000000 ___DC C:\Program Files\Overwolf
2013-11-04 17:20 - 2013-11-04 17:20 - 00000000 ___DC C:\Program Files\Common Files\Overwolf
2013-11-04 17:06 - 2013-01-10 13:09 - 00000000 ___DC C:\AeriaGames
2013-11-04 17:06 - 2012-05-26 20:59 - 00000000 _SHDC C:\AI_RecycleBin
2013-11-04 17:06 - 2012-05-04 20:55 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2013-11-04 16:50 - 2013-10-19 01:37 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Fighters
2013-11-04 16:50 - 2013-10-19 01:35 - 00000000 ___DC C:\ProgramData\Fighters
2013-11-04 16:46 - 2012-06-22 15:24 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Apps\2.0
2013-11-04 16:45 - 2013-11-04 16:38 - 00000000 ___DC C:\Program Files\Free Window Registry Repair
2013-11-04 16:38 - 2013-11-04 16:38 - 00001001 _____ C:\Users\UpdatusUser\Desktop\Free Window Registry Repair.lnk
2013-11-04 16:38 - 2013-11-04 16:38 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
2013-11-04 15:37 - 2013-09-17 09:04 - 00000000 ___DC C:\Program Files\SoftwareUpdater
2013-11-04 15:31 - 2013-09-21 20:00 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-04 15:31 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-03 21:02 - 2013-11-03 21:02 - 00016304 ____N C:\Windows\system32\apl003.sys
2013-11-03 21:02 - 2013-11-03 21:02 - 00013232 ____N C:\Windows\system32\apf003.sys
2013-11-03 20:42 - 2012-08-04 22:51 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-11-03 20:42 - 2012-05-17 15:40 - 00000000 ____D C:\Windows\system32\directx
2013-11-03 20:39 - 2013-11-03 20:39 - 00000000 ___DC C:\Program Files\Aeria Games
2013-11-02 14:27 - 2012-08-16 18:22 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Unity
2013-11-02 00:53 - 2012-04-28 16:59 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\vlc
2013-11-02 00:13 - 2013-10-21 20:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\IMVU
2013-11-01 20:22 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\security
2013-11-01 00:37 - 2012-12-01 12:50 - 00000000 ___DC C:\ProgramData\CanonIJPLM
2013-10-31 21:51 - 2012-05-16 20:37 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-10-31 21:49 - 2012-05-04 20:43 - 00000000 ___DC C:\Users\Paddy\AppData\Local\RapidSolution
2013-10-31 21:36 - 2013-03-16 15:31 - 00000000 ___DC C:\Users\Paddy\Desktop\Musik
2013-10-31 21:36 - 2012-05-04 23:28 - 00000000 ____D C:\Users\Paddy\Documents\FFOutput
2013-10-31 20:17 - 2013-10-19 01:38 - 00000000 ___DC C:\ProgramData\clp
2013-10-31 02:26 - 2013-03-10 17:14 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Skype
2013-10-31 00:16 - 2013-10-31 00:14 - 00000000 ___DC C:\ProgramData\AllDup
2013-10-31 00:16 - 2013-10-31 00:14 - 00000000 ___DC C:\Program Files\AllDup
2013-10-30 12:24 - 2013-10-30 12:24 - 00000000 ____D C:\Users\Paddy\Documents\Flash Player Pro
2013-10-30 12:13 - 2013-11-12 01:07 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\system32\Redemption.dll
2013-10-30 12:07 - 2013-10-30 12:07 - 00330240 _____ ((주)마크애니) C:\Windows\MASetupCaller.dll
2013-10-30 12:07 - 2013-10-30 12:07 - 00090112 _____ ((주)마크애니) C:\Windows\MAMCityDownload.ocx
2013-10-30 12:07 - 2013-10-30 12:07 - 00030568 _____ () C:\Windows\MusiccityDownload.exe
2013-10-30 12:06 - 2013-11-12 01:07 - 00821824 _____ (Devguru Co., Ltd.) C:\Windows\system32\dgderapi.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00974848 _____ C:\Windows\system32\cis-2.4.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00569344 _____ ((c) MusicCity) C:\Windows\system32\muzdecode.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00491520 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzapp.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00352256 _____ (Sample Corporation) C:\Windows\system32\MSLUR71.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00258048 _____ ((c) PeeringPortal) C:\Windows\system32\muzoggsp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00245760 _____ (Teruten Inc.) C:\Windows\system32\MSCLib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00200704 _____ ( (c) MusicCity) C:\Windows\system32\muzwmts.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00172032 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzapp.exe
2013-10-30 12:06 - 2013-10-30 12:06 - 00155648 _____ (Teruten Inc.) C:\Windows\system32\MSFLib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00143360 _____ C:\Windows\system32\3DAudio.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00135168 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzaf1.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00131072 _____ ((c) MusicCity) C:\Windows\system32\muzmpgsp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00122880 _____ ((c) MUSICCITY) C:\Windows\system32\muzeffect.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00118784 _____ ((주)마크애니) C:\Windows\system32\MaDRM.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00110592 _____ ((c) MusicCity) C:\Windows\system32\muzmp4sp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00081920 _____ C:\Windows\system32\issacapi_bs-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00065536 _____ C:\Windows\system32\issacapi_pe-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ C:\Windows\system32\issacapi_se-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ (Marktek) C:\Windows\system32\MK_Lyric.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ (Marktek Inc.) C:\Windows\system32\MTXSYNCICON.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00049152 _____ ((주) 마크애니) C:\Windows\system32\MaJGUILib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045320 _____ (MARKANY) C:\Windows\system32\MAMACExtract.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045056 _____ ((주) 마크애니) C:\Windows\system32\MaXMLProto.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045056 _____ ((주) 마크애니) C:\Windows\system32\MACXMLProto.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00040960 _____ (Telechips Inc.,) C:\Windows\system32\MTTELECHIP.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00024576 _____ ((주)마크애니) C:\Windows\system32\MASetupCleaner.exe
2013-10-30 02:45 - 2013-02-23 22:28 - 00000000 ___DC C:\FFOutput
2013-10-30 01:49 - 2013-10-02 01:15 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\okitspace
2013-10-27 23:09 - 2013-03-10 15:14 - 00000000 ___DC C:\Users\Paddy\Desktop\Spiele
2013-10-23 21:43 - 2013-07-11 20:37 - 00000000 ___DC C:\ProgramData\Spybot - Search & Destroy
2013-10-23 21:42 - 2013-10-23 21:42 - 00000079 _____ C:\Windows\wininit.ini
2013-10-23 16:29 - 2013-10-19 00:52 - 00000000 ____D C:\Windows\865537E164904193A4B6669C62711852.TMP
2013-10-22 19:07 - 2013-10-19 13:01 - 00001866 _____ C:\Users\Public\Desktop\Gothic.lnk
2013-10-21 20:26 - 2013-10-21 20:26 - 00001875 ____C C:\Users\Paddy\Desktop\IMVU.lnk
2013-10-21 20:26 - 2013-10-21 20:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU
2013-10-21 20:26 - 2013-10-21 20:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\IMVUClient
2013-10-21 19:06 - 2013-10-21 19:06 - 00000000 ____D C:\Users\Paddy\Documents\ProcAlyzer Dumps
2013-10-21 15:56 - 2013-10-20 00:55 - 00000000 ___DC C:\Program Files\JoWood
2013-10-21 15:36 - 2013-10-21 15:36 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-21 15:36 - 2013-10-21 15:36 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-21 15:36 - 2013-10-21 15:36 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-21 15:36 - 2013-10-21 15:36 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-10-21 15:36 - 2013-10-21 15:36 - 00000000 ___DC C:\ProgramData\Oracle
2013-10-21 15:36 - 2013-10-21 15:36 - 00000000 ___DC C:\Program Files\Java
2013-10-20 10:32 - 2013-10-20 10:32 - 00000000 ____D C:\Users\Paddy\Documents\Gothic3ForsakenGods
2013-10-20 01:04 - 2013-10-20 01:04 - 00000000 ___DC C:\ProgramData\Preventon
2013-10-20 01:00 - 2013-10-20 01:00 - 00001160 _____ C:\Users\Public\Desktop\Gothic 2 Gold Spielen!.lnk
2013-10-19 02:36 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-10-19 01:36 - 2013-10-19 01:36 - 00000000 ___DC C:\ProgramData\Common Toolkit Suite
2013-10-19 01:14 - 2013-09-03 00:41 - 00001609 _____ C:\Users\Public\Desktop\Play League of Legends.lnk
2013-10-19 00:52 - 2013-10-19 00:52 - 00000000 ___DC C:\Program Files\Common Files\Wise Installation Wizard
2013-10-19 00:47 - 2012-04-27 18:11 - 00000000 ___DC C:\Users\Paddy\AppData\Local\VirtualStore
2013-10-19 00:46 - 2013-10-19 00:46 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\net1-wfds
2013-10-19 00:46 - 2013-10-19 00:46 - 00000000 ___DC C:\Program Files\net1-wfds
2013-10-19 00:37 - 2012-06-22 15:24 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Deployment
2013-10-18 12:58 - 2009-07-14 09:57 - 00000000 ____D C:\Windows\ShellNew
2013-10-18 12:58 - 2009-07-14 09:56 - 00000000 ___DC C:\Program Files\Windows Journal
2013-10-18 12:58 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2013-10-18 12:58 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\de
2013-10-18 12:58 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\de-DE
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ___DC C:\Program Files\Windows Sidebar
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ___DC C:\Program Files\Windows Portable Devices
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ___DC C:\Program Files\Windows Photo Viewer
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ___DC C:\Program Files\Windows Defender
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ___DC C:\Program Files\DVD Maker
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\twain_32
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\Offline Web Pages
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\addins
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 __RSD C:\Windows\Media
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Public\Libraries
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 __RDC C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 __RDC C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 __RDC C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 __RDC C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ___DC C:\Program Files\Common Files\System
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ___DC C:\Program Files\Common Files\Services
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\TAPI
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\zh-TW
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\zh-HK
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\zh-CN
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\wfp
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\uk-UA
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\tr-TR
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\th-TH
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\sv-SE
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\sr-Latn-CS
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\sl-SI
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\sk-SK
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\ru-RU
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\ro-RO
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\ras
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\pt-PT
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\pt-BR
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\pl-PL
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\nl-NL
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\nb-NO
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\lv-LV
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\lt-LT
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\ko-KR
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\ja-JP
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\it-IT
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\icsxml
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\ias
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\hu-HU
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\hr-HR
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\he-IL
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\fr-FR
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\fi-FI
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\et-EE
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\el-GR
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\com
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\bg-BG
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\ar-SA
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\L2Schemas
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\IME
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Cursors
2013-10-18 12:56 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-10-18 12:56 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\winrm
2013-10-18 12:56 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\WCN
2013-10-18 12:55 - 2012-05-02 10:05 - 00000000 ____D C:\Windows\system32\SPReview
2013-10-18 12:55 - 2012-05-02 10:04 - 00000000 ____D C:\Windows\system32\EventProviders
2013-10-18 12:55 - 2012-04-27 19:15 - 00000000 ____D C:\Windows\system32\Macromed
2013-10-18 12:55 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\slmgr
2013-10-18 12:55 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-10-18 12:55 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\system32\restore
2013-10-18 12:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\spp
2013-10-18 12:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\Speech
2013-10-18 12:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\SMI
2013-10-18 12:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NetworkList
2013-10-18 12:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\MUI
2013-10-18 12:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\Msdtc
2013-10-18 12:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\IME
2013-10-18 12:54 - 2013-10-15 21:37 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2013-10-18 12:54 - 2013-08-28 17:13 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2013-10-18 12:54 - 2013-06-24 17:25 - 00000000 ____D C:\Windows\de
2013-10-18 12:54 - 2013-06-20 12:31 - 00000000 ___DC C:\Users\Paddy\Desktop\Baphometsfluch 2
2013-10-18 12:54 - 2013-06-19 20:57 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\ScummVM
2013-10-18 12:54 - 2013-06-01 18:44 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2013-10-18 12:54 - 2013-05-17 23:39 - 00000000 ___DC C:\Users\Paddy\Desktop\Chat
2013-10-18 12:54 - 2013-05-12 15:23 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Die Polizei 2013
2013-10-18 12:54 - 2013-05-12 15:10 - 00000000 ____D C:\Users\Paddy\Documents\UK Truck Simulator
2013-10-18 12:54 - 2013-03-31 16:11 - 00000000 ____D C:\Users\Paddy\Documents\18 WoS Extreme Trucker
2013-10-18 12:54 - 2013-03-30 16:57 - 00000000 ____D C:\Users\Paddy\Documents\Dungeon Siege
2013-10-18 12:54 - 2013-02-24 20:56 - 00000000 ____D C:\Users\Paddy\Documents\Euro Truck Simulator 2
2013-10-18 12:54 - 2013-01-20 13:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-10-18 12:54 - 2012-11-24 00:35 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\OpenCandy
2013-10-18 12:54 - 2012-11-23 21:15 - 00000000 ____D C:\Users\Paddy\Documents\Euro Truck Simulator
2013-10-18 12:54 - 2012-10-31 21:10 - 00000000 ____D C:\Users\Paddy\Documents\German Truck Simulator
2013-10-18 12:54 - 2012-09-22 15:00 - 00000000 ____D C:\Windows\pss
2013-10-18 12:54 - 2012-09-13 17:01 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\XXXDownloader
2013-10-18 12:54 - 2012-08-15 17:44 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2013-10-18 12:54 - 2012-07-12 20:42 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-18 12:54 - 2012-07-12 20:42 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-18 12:54 - 2012-06-23 16:16 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Mozilla
2013-10-18 12:54 - 2012-04-30 21:05 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Youtube Downloader HD
2013-10-18 12:54 - 2012-04-27 20:07 - 00000000 ___HD C:\Users\Paddy\Documents\Runes of Magic
2013-10-18 12:54 - 2012-04-27 18:39 - 00000000 __RSD C:\Users\Paddy\Documents\McAfee-Depots
2013-10-18 12:54 - 2012-04-27 18:11 - 00000000 __RDC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-18 12:54 - 2012-04-27 18:11 - 00000000 __RDC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-18 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Speech
2013-10-18 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\schemas
2013-10-18 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Resources
2013-10-18 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\PLA
2013-10-18 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Help
2013-10-18 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Globalization
2013-10-18 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Branding
2013-10-18 12:53 - 2013-09-03 00:41 - 00000000 ___DC C:\Riot Games
2013-10-18 12:53 - 2013-07-26 15:56 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Temp3a72a5afdf6945ddef865b2e9ccf6174
2013-10-18 12:53 - 2013-06-24 17:23 - 00000000 ___DC C:\Program Files\Windows Live
2013-10-18 12:53 - 2013-06-19 20:57 - 00000000 ___DC C:\Program Files\ScummVM
2013-10-18 12:53 - 2013-06-13 22:59 - 00000000 ___DC C:\Program Files\Microsoft Silverlight
2013-10-18 12:53 - 2013-06-01 18:44 - 00000000 ___DC C:\Users\Paddy\AppData\Local\TeamSpeak 3 Client
2013-10-18 12:53 - 2013-05-18 17:57 - 00000000 ___DC C:\Program Files\TheKlub17
2013-10-18 12:53 - 2013-05-12 15:09 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\GoforFiles
2013-10-18 12:53 - 2013-04-29 11:25 - 00000000 ___DC C:\Program Files\DVDVideoSoft
2013-10-18 12:53 - 2013-03-30 15:41 - 00000000 ___DC C:\ProgramData\DAEMON Tools Lite
2013-10-18 12:53 - 2013-03-29 20:25 - 00000000 ___DC C:\Program Files\Malwarebytes' Anti-Malware
2013-10-18 12:53 - 2013-03-10 17:14 - 00000000 __RDC C:\Program Files\Skype
2013-10-18 12:53 - 2013-03-02 14:21 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\DVDVideoSoft
2013-10-18 12:53 - 2013-01-10 13:09 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Akamai
2013-10-18 12:53 - 2013-01-09 20:07 - 00000000 ___DC C:\Program Files\Visions
2013-10-18 12:53 - 2013-01-09 16:15 - 00000000 __HDC C:\ProgramData\CanonIJEGV
2013-10-18 12:53 - 2013-01-03 21:03 - 00000000 ___DC C:\Program Files\TeamSpeak 3 Client
2013-10-18 12:53 - 2012-12-29 14:36 - 00000000 ___DC C:\ProgramData\Ulead Systems
2013-10-18 12:53 - 2012-12-08 20:40 - 00000000 ___DC C:\Program Files\Mozilla Firefox
2013-10-18 12:53 - 2012-12-02 14:14 - 00000000 ___DC C:\ProgramData\PWD
2013-10-18 12:53 - 2012-12-01 12:50 - 00000000 __HDC C:\ProgramData\CanonIJScan
2013-10-18 12:53 - 2012-12-01 12:50 - 00000000 ___DC C:\ProgramData\CanonIJ
2013-10-18 12:53 - 2012-11-24 20:06 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Cuttermaran
2013-10-18 12:53 - 2012-11-24 19:51 - 00000000 ___DC C:\ProgramData\Microsoft SkyDrive
2013-10-18 12:53 - 2012-11-24 19:51 - 00000000 ___DC C:\Program Files\Microsoft SkyDrive
2013-10-18 12:53 - 2012-11-24 00:00 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\KastorAllVideoDownloader
2013-10-18 12:53 - 2012-11-23 14:49 - 00000000 ___DC C:\Program Files\Steam
2013-10-18 12:53 - 2012-11-16 17:50 - 00000000 ___DC C:\Program Files\GameforgeLive
2013-10-18 12:53 - 2012-10-01 23:11 - 00000000 ___DC C:\Program Files\WinPcap
2013-10-18 12:53 - 2012-10-01 22:54 - 00000000 ___DC C:\Users\Paddy\AppData\Local\DownTango
2013-10-18 12:53 - 2012-09-07 16:18 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\eType
2013-10-18 12:53 - 2012-08-14 18:47 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\dvdcss
2013-10-18 12:53 - 2012-07-12 20:41 - 00000000 ___DC C:\ProgramData\NVIDIA Corporation
2013-10-18 12:53 - 2012-07-12 20:40 - 00000000 ___DC C:\Program Files\NVIDIA Corporation
2013-10-18 12:53 - 2012-06-03 16:18 - 00000000 ___DC C:\ProgramData\PMB Files
2013-10-18 12:53 - 2012-05-11 17:59 - 00000000 ___DC C:\Program Files\Freemium
2013-10-18 12:53 - 2012-04-30 21:20 - 00000000 ___DC C:\Program Files\SystemStore
2013-10-18 12:53 - 2012-04-28 17:56 - 00000000 ___DC C:\Users\Paddy\AppData\Local\IM
2013-10-18 12:53 - 2012-04-27 19:44 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Conduit
2013-10-18 12:53 - 2012-04-27 19:18 - 00000000 ___DC C:\Program Files\WinRAR
2013-10-18 12:53 - 2012-04-27 19:09 - 00000000 ___DC C:\Program Files\Microsoft.NET
2013-10-18 12:53 - 2012-04-27 19:09 - 00000000 ___DC C:\Program Files\Microsoft Office
2013-10-18 12:53 - 2012-04-27 19:01 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Hama Web
2013-10-18 12:53 - 2012-04-27 18:32 - 00000000 ___DC C:\ProgramData\McAfee
2013-10-18 12:53 - 2009-07-14 05:52 - 00000000 ___DC C:\Program Files\Microsoft Games
2013-10-18 12:53 - 2009-07-14 03:37 - 00000000 ___DC C:\Program Files\Windows NT
2013-10-18 12:52 - 2013-05-10 15:14 - 00000000 ___DC C:\Program Files\Common Files\Skype
2013-10-18 12:52 - 2013-04-29 11:25 - 00000000 ___DC C:\Program Files\Common Files\DVDVideoSoft
2013-10-18 12:52 - 2013-03-23 22:18 - 00000000 ___DC C:\Program Files\Common Files\PocketSoft
2013-10-18 12:52 - 2013-02-04 17:46 - 00000000 ___DC C:\Program Files\Adobe Download Assistant
2013-10-18 12:52 - 2012-11-30 15:32 - 00000000 ___DC C:\Program Files\Canon
2013-10-18 12:52 - 2012-11-23 14:49 - 00000000 ___DC C:\Program Files\Common Files\Steam
2013-10-18 12:52 - 2012-09-13 20:24 - 00000000 ___DC C:\Program Files\CCleaner
2013-10-18 12:52 - 2012-07-09 13:14 - 00000000 ___DC C:\Program Files\Common Files\PX Storage Engine
2013-10-18 12:52 - 2012-07-09 13:13 - 00000000 ___DC C:\Program Files\DivX
2013-10-18 12:52 - 2012-07-06 19:51 - 00000000 ___DC C:\Program Files\Common Files\SWF Studio
2013-10-18 12:52 - 2012-06-22 09:43 - 00000000 ___DC C:\Program Files\Common Files\Blizzard Entertainment
2013-10-18 12:52 - 2012-04-30 22:04 - 00000000 ___DC C:\ab3e352107b70ccdc8f63da9
2013-10-18 12:52 - 2012-04-29 22:30 - 00000000 ___DC C:\Program Files\Common Files\InstallShield
2013-10-18 12:52 - 2012-04-27 19:10 - 00000000 ___DC C:\Program Files\Common Files\DESIGNER
2013-10-18 12:52 - 2012-04-27 18:38 - 00000000 ___DC C:\Program Files\Common Files\Mcafee
2013-10-18 12:52 - 2009-07-14 03:37 - 00000000 ___DC C:\Program Files\Common Files\microsoft shared
2013-10-18 12:50 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2013-10-18 12:26 - 2013-03-10 17:14 - 00000000 ___DC C:\ProgramData\Skype
2013-10-18 12:08 - 2013-03-23 22:15 - 00000000 ___DC C:\Program Files\Atari
2013-10-18 12:05 - 2012-04-27 18:11 - 00000000 ___DC C:\Users\Paddy
2013-10-18 01:19 - 2012-10-03 14:49 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Malwarebytes

Files to move or delete:
====================
C:\Users\Paddy\AppData\Roaming\skype.ini
C:\ProgramData\dsgsdgdsgdsgw.pad

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-10-31 11:04

schrauber · 15.11.2013, 14:09

hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Sakurako137 · 15.11.2013, 14:52

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-11-2013
Ran by Paddy (administrator) on PADDY-PC on 15-11-2013 13:50:32
Running from C:\Users\Paddy\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) ===================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Users\Paddy\AppData\Local\Temp\OCS\Downloads\3fb4024f7caf3a01809ef819569822ba\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe
() C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Akamai Technologies, Inc.) C:\Users\Paddy\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Paddy\AppData\Local\Akamai\netsession_win.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Users\Paddy\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
() C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_152_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [1278064 2013-03-13] (McAfee, Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Aeria Ignite] - C:\Program Files\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM\...\Run: [Ocs_SM] - C:\Users\Paddy\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2013-11-11] (OCS)
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Paddy\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-05] ()
HKCU\...\Run: [Overwolf] - C:\Program Files\Overwolf\Overwolf.exe [35256 2013-10-23] (Overwolf)
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-11-15] (Google Inc.)
HKCU\...\Winlogon: [Shell] explorer.exe <==== ATTENTION 
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
MountPoints2: {ecdf1629-9089-11e1-82eb-806e6f6e6963} - F:\Start.exe
AppInit_DLLs: c:\progra~2\browse~1\261339~1.144\{c16c1~1\browse~1.dll [ ] ()
BootExecute: autocheck autochk * sdnclean.exe
 
==================== Internet (Whitelisted) ====================
 
ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://facebook.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8061B8F4A024CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.delta-search.com/?affID=121561&tt=190313_wo3&babsrc=HP_ss&mntrId=E8A590E6BA4ED462
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=E8A590E6BA4ED462&affID=120695&tsp=4932
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=ds&from=adks&uid=SAMSUNGXHD103UJ_S13PJ90SA07309&ts=1383847196&type=default&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=ds&from=adks&uid=SAMSUNGXHD103UJ_S13PJ90SA07309&ts=1383847196&type=default&q={searchTerms}
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - (No Name) - {40c3cc16-7269-4b32-9531-17f2950fb06f} -  No File
URLSearchHook: HKCU - (No Name) - {990af1c2-5a27-4460-8149-ecc6bc122af3} -  No File
URLSearchHook: HKCU - (No Name) - {78e516ef-11de-47a1-8364-a99b917ec5ee} -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.dosearches.com/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=sc&from=adks&uid=SAMSUNGXHD103UJ_S13PJ90SA07309&ts=1383847196
SearchScopes: HKLM - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKCU - BrowserMngrDefaultScope {7863768C-0074-4B11-98DF-DA393E04CCD4}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494531305352&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&k=0
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKCU - {1F562031-5F86-46EF-A1D2-98607796E6B7} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {6356B883-415D-4F82-9643-99AF5C1FCE6B} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {65020ABE-AC86-40B3-BA30-3820AE7B74C2} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {6A52F208-563B-4165-AEB6-BB12B3524B8C} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {71AEEF32-6DE9-4786-ADC5-DA4B44B7AFD9} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKCU - {871940BA-AE5A-4D6E-BD33-2EC2F0339F69} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {DEFFDD02-590A-4A0A-95E1-8F8ECEEACFC6} URL = hxxp://de.search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F64652E7365617263682E7961686F6F2E636F6D2F7365617263683F703D7B7365617263685465726D737D2666723D76635F7472616E735F3831343026747970653D686F727573&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&k=0
BHO: OKitSpace - {3543619C-D563-43f7-95EA-4DA7E1CC396A} - C:\Users\Paddy\AppData\Roaming\okitspace\IE\OkitSpace.dll ()
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20120706161054.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: af0.Adblock.BHO - {90EFF544-3981-4d46-85C9-C0361D0931D6} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll ()
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} -  No File
Toolbar: HKCU - No Name - {990AF1C2-5A27-4460-8149-ECC6BC122AF3} -  No File
Toolbar: HKCU - No Name - {78E516EF-11DE-47A1-8364-A99B917EC5EE} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 
FireFox:
========
FF ProfilePath: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @mcafee.com/MVT - C:\Program Files\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF Plugin: @mcafee.com/SAFFPlugin - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Paddy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Paddy\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\aed6677c-c927-4858-ba8c-7a232a32db49.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\badoo.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\{0622CC76-C099-4CF2-83D2-FB3CA5749E96}.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\{0B91852B-50A2-49DA-B502-59A213B0F745}.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\{65EB0022-4F2F-4871-8717-6F344E5E7CEB}.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\{86522860-BD94-45C7-A318-7604BC80793A}.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\{A0ACA1A1-184F-4F0A-86A0-DB5B1088C2B8}.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\{DE0A6B44-B277-4D90-AB49-99E52589A06F}.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions
FF Extension: OneClickDownloader - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\user.js.orig
FF Extension: DealPly  Shopping - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\addon@dealplyshopping.com
FF Extension: Amazon-Icon - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\amazon-icon@winload.de
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\staged
FF Extension: PriceGong - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
FF Extension: Bitdefender QuickScan - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF Extension: pricepeep - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\pricepeep@getpricepeep.com.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor
FF HKLM\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files\Common Files\McAfee\SystemCore
FF Extension: McAfee ScriptScan for Firefox - C:\Program Files\Common Files\McAfee\SystemCore
FF HKLM\...\Firefox\Extensions: [OKitSpace@Vittalia.es] - C:\Users\Paddy\AppData\Roaming\okitspace\Firefox
FF Extension: OKitSpace - C:\Users\Paddy\AppData\Roaming\okitspace\Firefox
FF HKLM\...\Firefox\Extensions: [OKitSpace@OKitSpace.es] - C:\Users\Paddy\AppData\Roaming\okitSpace\Firefox
FF Extension: OKitSpace - C:\Users\Paddy\AppData\Roaming\okitSpace\Firefox
FF HKLM\...\Firefox\Extensions: [dnshelp@dnshelp.com] - C:\Users\Paddy\AppData\Roaming\Helper
FF Extension: Helper - C:\Users\Paddy\AppData\Roaming\Helper
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK
 
Chrome: 
=======
CHR Extension: () - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\background.html
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM\...\Chrome\Extension: [hifnddafpdkmjljallgdlkjiiieidmec] - C:\Users\Paddy\AppData\Roaming\okitSpace\Chrome\OKitSpace.crx
CHR HKLM\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\Paddy\AppData\Local\Wajam\Chrome\wajam.crx
CHR HKLM\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Paddy\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx
 
========================== Services (Whitelisted) =================
 
R2 AddonsHelper; C:\Users\Paddy\AppData\Local\Temp\OCS\Downloads\3fb4024f7caf3a01809ef819569822ba\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe [896512 2013-11-11] ()
R2 FreemiumSystemStoreService; C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.exe [7244800 2012-09-13] ()
S3 Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [135584 2011-12-09] (Futuremark Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [279048 2012-11-16] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [203840 2013-02-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169320 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [172416 2013-02-19] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
S3 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [18360 2013-10-23] (Overwolf Ltd)
R2 SearchAnonymizer; C:\Users\Paddy\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2013-11-11] ()
S2 srvPlgProtect; C:\Users\Paddy\AppData\Roaming\okitspace\protect\PluginProtect.exe [90112 2013-11-13] ()
S2 SrvUpdater; C:\Program Files\SoftwareUpdater\UpdaterService.exe [32768 2013-10-23] ()
R2 SystemStore; C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe [14848 2012-04-24] ()
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [x]
 
==================== Drivers (Whitelisted) ====================
 
S3 apf003; C:\Windows\system32\apf003.sys [13232 2013-11-03] ()
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2013-06-01] (Wondershare)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [60920 2013-02-19] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [146872 2012-04-20] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 McPvDrv; C:\Windows\System32\drivers\McPvDrv.sys [64832 2012-09-14] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [133416 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [235264 2013-02-19] (McAfee, Inc.)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [65928 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [363080 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [565888 2013-02-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [92632 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [210608 2013-02-19] (McAfee, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 nusbhost; C:\Windows\System32\DRIVERS\nusbhst.sys [13824 2006-12-29] (SC)
R3 NUSBHUB; C:\Windows\System32\DRIVERS\nusbhub.sys [35840 2006-12-29] (SC)
R2 persg; C:\Windows\System32\DRIVERS\persg.sys [25176 2012-04-19] ()
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)
S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39016 2012-04-20] (RapidSolution Software AG)
U3 mfeavfk01; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-11-15 13:50 - 2013-11-15 13:51 - 00025417 ____C C:\Users\Paddy\Desktop\FRST.txt
2013-11-15 13:50 - 2013-11-15 13:50 - 00000000 ___DC C:\FRST
2013-11-15 13:49 - 2013-11-15 13:49 - 01090529 ____C (Farbar) C:\Users\Paddy\Desktop\FRST.exe
2013-11-15 12:04 - 2013-11-15 12:04 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Google
2013-11-15 11:38 - 2013-11-15 11:39 - 00000000 ___DC C:\ProgramData\Google
2013-11-14 23:45 - 2013-11-15 11:36 - 00000168 _____ C:\Windows\setupact.log
2013-11-14 23:45 - 2013-11-14 23:45 - 00000000 _____ C:\Windows\setuperr.log
2013-11-14 23:44 - 2013-11-14 23:44 - 00000768 _____ C:\Windows\PFRO.log
2013-11-14 13:14 - 2013-10-12 08:04 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-14 13:14 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 13:14 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-14 13:14 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-14 13:14 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-14 03:56 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 03:56 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 03:56 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 03:56 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 03:56 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 03:56 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 03:56 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 03:56 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 03:56 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 03:56 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 03:56 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 03:56 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 03:56 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 03:56 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 03:56 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 03:56 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 03:56 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 03:56 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-14 01:26 - 2013-11-14 01:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Vast Studios
2013-11-14 01:23 - 2013-11-14 01:23 - 00002210 _____ C:\Users\Public\Desktop\Spiel Nightfall Mysteries - Die Ashburg Verschwoerung.lnk
2013-11-14 01:23 - 2013-11-14 01:23 - 00001907 _____ C:\Users\Public\Desktop\Spiel Atlantis Quest.lnk
2013-11-14 01:23 - 2013-11-14 01:23 - 00001234 _____ C:\Users\Public\Desktop\Weitere fantastische Spiele.lnk
2013-11-14 01:23 - 2013-11-14 01:23 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nightfall Mysteries - Die Ashburg Verschwoerung
2013-11-14 01:23 - 2013-11-14 01:23 - 00000000 ___DC C:\Program Files\Nightfall Mysteries - Die Ashburg Verschwoerung
2013-11-14 01:23 - 2013-11-14 01:23 - 00000000 ___DC C:\Program Files\Atlantis Quest
2013-11-14 01:19 - 2013-11-14 01:20 - 00000000 ___DC C:\Program Files\bfgclient
2013-11-13 13:13 - 2013-11-13 13:13 - 08405609 ____C C:\Users\Paddy\Desktop\Evanescence-My Immortal lyrics.mp4
2013-11-12 12:07 - 2013-11-12 12:07 - 00782336 _____ C:\Windows\system32\config\default.rhk
2013-11-12 12:07 - 2013-11-12 12:07 - 00024576 _____ C:\Windows\system32\config\security.rhk
2013-11-12 12:07 - 2013-11-12 12:07 - 00024576 _____ C:\Windows\system32\config\sam.rhk
2013-11-12 12:06 - 2013-11-12 12:07 - 43806720 _____ C:\Windows\system32\config\software.rhk
2013-11-12 12:03 - 2013-11-15 13:34 - 01311762 _____ C:\Windows\WindowsUpdate.log
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Samsung
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Samsung
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ____D C:\Users\Paddy\Documents\samsung
2013-11-12 01:07 - 2013-11-12 01:08 - 00000000 ___DC C:\ProgramData\Samsung
2013-11-12 01:07 - 2013-11-12 01:08 - 00000000 ___DC C:\Program Files\Samsung
2013-11-12 01:07 - 2013-10-30 12:13 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\system32\Redemption.dll
2013-11-12 01:07 - 2013-10-30 12:06 - 00821824 _____ (Devguru Co., Ltd.) C:\Windows\system32\dgderapi.dll
2013-11-12 01:04 - 2013-11-12 01:04 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Downloaded Installations
2013-11-11 12:56 - 2013-11-11 12:56 - 00000442 _____ C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job
2013-11-11 12:46 - 2013-11-11 12:50 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Wise Registry Cleaner
2013-11-11 12:46 - 2013-11-11 12:46 - 00001456 _____ C:\Users\UpdatusUser\Desktop\Amazon.lnk
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Helper
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\DesktopIconForAmazon
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\ProgramData\DNSErrorHelper
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\Program Files\Wise
2013-11-11 12:45 - 2013-11-11 12:45 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\OCS
2013-11-04 21:10 - 2013-11-04 21:10 - 00016384 ____C C:\Users\Paddy\Desktop\Laura.xls
2013-11-04 17:21 - 2013-11-04 17:21 - 00001678 ____C C:\Users\Paddy\Desktop\Shaiya-DE.lnk
2013-11-04 17:20 - 2013-11-04 17:20 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portal of Etain
2013-11-04 17:20 - 2013-11-04 17:20 - 00000000 ___DC C:\Program Files\Overwolf
2013-11-04 17:20 - 2013-11-04 17:20 - 00000000 ___DC C:\Program Files\Common Files\Overwolf
2013-11-04 17:08 - 2013-11-15 11:36 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Overwolf
2013-11-04 16:38 - 2013-11-04 16:45 - 00000000 ___DC C:\Program Files\Free Window Registry Repair
2013-11-04 16:38 - 2013-11-04 16:38 - 00001001 _____ C:\Users\UpdatusUser\Desktop\Free Window Registry Repair.lnk
2013-11-04 16:38 - 2013-11-04 16:38 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
2013-11-03 21:02 - 2013-11-03 21:02 - 00016304 ____N C:\Windows\system32\apl003.sys
2013-11-03 21:02 - 2013-11-03 21:02 - 00013232 ____N C:\Windows\system32\apf003.sys
2013-11-03 20:39 - 2013-11-03 20:39 - 00000000 ___DC C:\Program Files\Aeria Games
2013-10-31 00:16 - 2010-10-13 06:42 - 02369456 _____ (Codejock Software) C:\Windows\system32\Codejock.CommandBars.v13.4.2.ocx
2013-10-31 00:16 - 2010-06-01 14:45 - 01005088 _____ (Bennet-Tec Information Systems, Inc) C:\Windows\system32\TList8.ocx
2013-10-31 00:16 - 2008-01-29 07:57 - 00450560 _____ (LogicNP Software (hxxp://www.ssware.com)) C:\Windows\system32\fldrvw90.ocx
2013-10-31 00:15 - 2010-08-20 21:53 - 00086016 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtSplitter.ocx
2013-10-31 00:15 - 2010-06-11 10:50 - 00089888 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtFrame.ocx
2013-10-31 00:15 - 2010-03-25 10:33 - 00171752 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtRTF2.ocx
2013-10-31 00:15 - 2009-10-13 00:02 - 00044736 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtSubclass.dll
2013-10-31 00:15 - 2009-10-13 00:01 - 00077504 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtScrollContainer.ocx
2013-10-31 00:14 - 2013-11-10 21:13 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\AllDup
2013-10-31 00:14 - 2013-10-31 00:16 - 00000000 ___DC C:\ProgramData\AllDup
2013-10-31 00:14 - 2013-10-31 00:16 - 00000000 ___DC C:\Program Files\AllDup
2013-10-30 12:24 - 2013-11-07 19:00 - 00000000 ___DC C:\Program Files\Flash Player Pro
2013-10-30 12:24 - 2013-10-30 12:24 - 00000000 ____D C:\Users\Paddy\Documents\Flash Player Pro
2013-10-30 12:07 - 2013-10-30 12:07 - 00330240 _____ ((주)마크애니) C:\Windows\MASetupCaller.dll
2013-10-30 12:07 - 2013-10-30 12:07 - 00090112 _____ ((주)마크애니) C:\Windows\MAMCityDownload.ocx
2013-10-30 12:07 - 2013-10-30 12:07 - 00030568 _____ () C:\Windows\MusiccityDownload.exe
2013-10-30 12:06 - 2013-10-30 12:06 - 00974848 _____ C:\Windows\system32\cis-2.4.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00569344 _____ ((c) MusicCity) C:\Windows\system32\muzdecode.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00491520 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzapp.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00352256 _____ (Sample Corporation) C:\Windows\system32\MSLUR71.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00258048 _____ ((c) PeeringPortal) C:\Windows\system32\muzoggsp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00245760 _____ (Teruten Inc.) C:\Windows\system32\MSCLib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00200704 _____ ( (c) MusicCity) C:\Windows\system32\muzwmts.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00172032 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzapp.exe
2013-10-30 12:06 - 2013-10-30 12:06 - 00155648 _____ (Teruten Inc.) C:\Windows\system32\MSFLib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00143360 _____ C:\Windows\system32\3DAudio.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00135168 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzaf1.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00131072 _____ ((c) MusicCity) C:\Windows\system32\muzmpgsp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00122880 _____ ((c) MUSICCITY) C:\Windows\system32\muzeffect.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00118784 _____ ((주)마크애니) C:\Windows\system32\MaDRM.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00110592 _____ ((c) MusicCity) C:\Windows\system32\muzmp4sp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00081920 _____ C:\Windows\system32\issacapi_bs-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00065536 _____ C:\Windows\system32\issacapi_pe-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ C:\Windows\system32\issacapi_se-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ (Marktek) C:\Windows\system32\MK_Lyric.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ (Marktek Inc.) C:\Windows\system32\MTXSYNCICON.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00049152 _____ ((주) 마크애니) C:\Windows\system32\MaJGUILib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045320 _____ (MARKANY) C:\Windows\system32\MAMACExtract.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045056 _____ ((주) 마크애니) C:\Windows\system32\MaXMLProto.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045056 _____ ((주) 마크애니) C:\Windows\system32\MACXMLProto.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00040960 _____ (Telechips Inc.,) C:\Windows\system32\MTTELECHIP.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00024576 _____ ((주)마크애니) C:\Windows\system32\MASetupCleaner.exe
2013-10-23 21:42 - 2013-10-23 21:42 - 00000079 _____ C:\Windows\wininit.ini
2013-10-21 20:26 - 2013-11-02 00:13 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\IMVU
2013-10-21 20:26 - 2013-10-21 20:26 - 00001875 ____C C:\Users\Paddy\Desktop\IMVU.lnk
2013-10-21 20:26 - 2013-10-21 20:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU
2013-10-21 20:26 - 2013-10-21 20:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\IMVUClient
2013-10-21 19:06 - 2013-10-21 19:06 - 00000000 ____D C:\Users\Paddy\Documents\ProcAlyzer Dumps
2013-10-21 15:36 - 2013-10-21 15:36 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-21 15:36 - 2013-10-21 15:36 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-21 15:36 - 2013-10-21 15:36 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-21 15:36 - 2013-10-21 15:36 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-10-21 15:36 - 2013-10-21 15:36 - 00000000 ___DC C:\ProgramData\Oracle
2013-10-21 15:36 - 2013-10-21 15:36 - 00000000 ___DC C:\Program Files\Java
2013-10-20 10:32 - 2013-10-20 10:32 - 00000000 ____D C:\Users\Paddy\Documents\Gothic3ForsakenGods
2013-10-20 01:04 - 2013-10-20 01:04 - 00000000 ___DC C:\ProgramData\Preventon
2013-10-20 01:00 - 2013-10-20 01:00 - 00001160 _____ C:\Users\Public\Desktop\Gothic 2 Gold Spielen!.lnk
2013-10-20 00:55 - 2013-10-21 15:56 - 00000000 ___DC C:\Program Files\JoWood
2013-10-19 13:01 - 2013-10-22 19:07 - 00001866 _____ C:\Users\Public\Desktop\Gothic.lnk
2013-10-19 01:38 - 2013-10-31 20:17 - 00000000 ___DC C:\ProgramData\clp
2013-10-19 01:37 - 2013-11-04 16:50 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Fighters
2013-10-19 01:36 - 2013-10-19 01:36 - 00000000 ___DC C:\ProgramData\Common Toolkit Suite
2013-10-19 01:35 - 2013-11-04 16:50 - 00000000 ___DC C:\ProgramData\Fighters
2013-10-19 00:52 - 2013-10-23 16:29 - 00000000 ____D C:\Windows\865537E164904193A4B6669C62711852.TMP
2013-10-19 00:52 - 2013-10-19 00:52 - 00000000 ___DC C:\Program Files\Common Files\Wise Installation Wizard
2013-10-19 00:46 - 2013-10-19 00:46 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\net1-wfds
2013-10-19 00:46 - 2013-10-19 00:46 - 00000000 ___DC C:\Program Files\net1-wfds
2013-10-18 12:10 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-18 12:10 - 2013-07-03 05:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-18 12:10 - 2013-07-03 04:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-18 12:10 - 2013-07-03 04:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
 
==================== One Month Modified Files and Folders =======
 
2013-11-15 13:51 - 2013-11-15 13:50 - 00025417 ____C C:\Users\Paddy\Desktop\FRST.txt
2013-11-15 13:50 - 2013-11-15 13:50 - 00000000 ___DC C:\FRST
2013-11-15 13:49 - 2013-11-15 13:49 - 01090529 ____C (Farbar) C:\Users\Paddy\Desktop\FRST.exe
2013-11-15 13:34 - 2013-11-12 12:03 - 01311762 _____ C:\Windows\WindowsUpdate.log
2013-11-15 12:07 - 2012-06-03 16:18 - 00000000 ___DC C:\Users\Paddy\AppData\Local\PMB Files
2013-11-15 12:05 - 2012-11-24 00:18 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Google
2013-11-15 12:04 - 2013-11-15 12:04 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Google
2013-11-15 12:04 - 2012-12-01 12:57 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Adobe
2013-11-15 11:44 - 2009-07-14 05:34 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-15 11:44 - 2009-07-14 05:34 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-15 11:39 - 2013-11-15 11:38 - 00000000 ___DC C:\ProgramData\Google
2013-11-15 11:39 - 2013-02-21 16:45 - 00000000 ___DC C:\Program Files\Google
2013-11-15 11:38 - 2012-04-27 19:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-11-15 11:36 - 2013-11-14 23:45 - 00000168 _____ C:\Windows\setupact.log
2013-11-15 11:36 - 2013-11-04 17:08 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Overwolf
2013-11-15 11:36 - 2012-04-27 18:16 - 00000000 ___DC C:\ProgramData\NVIDIA
2013-11-14 23:45 - 2013-11-14 23:45 - 00000000 _____ C:\Windows\setuperr.log
2013-11-14 23:45 - 2012-04-27 18:55 - 00000000 ____D C:\Windows\Panther
2013-11-14 23:44 - 2013-11-14 23:44 - 00000768 _____ C:\Windows\PFRO.log
2013-11-14 23:44 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-11-14 13:16 - 2009-07-14 03:04 - 00000499 _____ C:\Windows\win.ini
2013-11-14 13:14 - 2013-08-15 02:30 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 13:11 - 2012-05-02 10:03 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-14 01:26 - 2013-11-14 01:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Vast Studios
2013-11-14 01:25 - 2013-08-22 18:28 - 00000000 ___DC C:\BigFishCache
2013-11-14 01:23 - 2013-11-14 01:23 - 00002210 _____ C:\Users\Public\Desktop\Spiel Nightfall Mysteries - Die Ashburg Verschwoerung.lnk
2013-11-14 01:23 - 2013-11-14 01:23 - 00001907 _____ C:\Users\Public\Desktop\Spiel Atlantis Quest.lnk
2013-11-14 01:23 - 2013-11-14 01:23 - 00001234 _____ C:\Users\Public\Desktop\Weitere fantastische Spiele.lnk
2013-11-14 01:23 - 2013-11-14 01:23 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nightfall Mysteries - Die Ashburg Verschwoerung
2013-11-14 01:23 - 2013-11-14 01:23 - 00000000 ___DC C:\Program Files\Nightfall Mysteries - Die Ashburg Verschwoerung
2013-11-14 01:23 - 2013-11-14 01:23 - 00000000 ___DC C:\Program Files\Atlantis Quest
2013-11-14 01:20 - 2013-11-14 01:19 - 00000000 ___DC C:\Program Files\bfgclient
2013-11-14 01:19 - 2013-08-22 18:30 - 00000000 ___DC C:\ProgramData\Big Fish
2013-11-13 13:13 - 2013-11-13 13:13 - 08405609 ____C C:\Users\Paddy\Desktop\Evanescence-My Immortal lyrics.mp4
2013-11-13 13:11 - 2012-04-27 18:13 - 00365334 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-12 12:07 - 2013-11-12 12:07 - 00782336 _____ C:\Windows\system32\config\default.rhk
2013-11-12 12:07 - 2013-11-12 12:07 - 00024576 _____ C:\Windows\system32\config\security.rhk
2013-11-12 12:07 - 2013-11-12 12:07 - 00024576 _____ C:\Windows\system32\config\sam.rhk
2013-11-12 12:07 - 2013-11-12 12:06 - 43806720 _____ C:\Windows\system32\config\software.rhk
2013-11-12 02:03 - 2012-07-09 13:38 - 00000000 ___DC C:\Users\Paddy\Desktop\Programme
2013-11-12 01:11 - 2013-09-11 16:48 - 00000000 ___DC C:\Users\Paddy\Desktop\Handy
2013-11-12 01:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Samsung
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Samsung
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ____D C:\Users\Paddy\Documents\samsung
2013-11-12 01:08 - 2013-11-12 01:07 - 00000000 ___DC C:\ProgramData\Samsung
2013-11-12 01:08 - 2013-11-12 01:07 - 00000000 ___DC C:\Program Files\Samsung
2013-11-12 01:07 - 2012-04-27 19:45 - 00000000 __HDC C:\Program Files\InstallShield Installation Information
2013-11-12 01:04 - 2013-11-12 01:04 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Downloaded Installations
2013-11-11 12:56 - 2013-11-11 12:56 - 00000442 _____ C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job
2013-11-11 12:50 - 2013-11-11 12:46 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Wise Registry Cleaner
2013-11-11 12:46 - 2013-11-11 12:46 - 00001456 _____ C:\Users\UpdatusUser\Desktop\Amazon.lnk
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Helper
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\DesktopIconForAmazon
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\ProgramData\DNSErrorHelper
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\Program Files\Wise
2013-11-11 12:45 - 2013-11-11 12:45 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\OCS
2013-11-11 12:45 - 2013-03-21 00:07 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Opera
2013-11-11 12:27 - 2012-04-27 18:38 - 00000000 ___DC C:\Program Files\McAfee
2013-11-10 21:13 - 2013-10-31 00:14 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\AllDup
2013-11-07 19:00 - 2013-10-30 12:24 - 00000000 ___DC C:\Program Files\Flash Player Pro
2013-11-07 18:59 - 2012-04-27 18:11 - 00001701 ____C C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-04 21:10 - 2013-11-04 21:10 - 00016384 ____C C:\Users\Paddy\Desktop\Laura.xls
2013-11-04 21:10 - 2013-09-21 20:00 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-04 20:56 - 2012-04-27 19:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-04 18:18 - 2013-08-28 17:13 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-437763861-1864287327-3057929401-1000UA.job
2013-11-04 18:18 - 2013-08-28 17:13 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-437763861-1864287327-3057929401-1000Core.job
2013-11-04 17:21 - 2013-11-04 17:21 - 00001678 ____C C:\Users\Paddy\Desktop\Shaiya-DE.lnk
2013-11-04 17:20 - 2013-11-04 17:20 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portal of Etain
2013-11-04 17:20 - 2013-11-04 17:20 - 00000000 ___DC C:\Program Files\Overwolf
2013-11-04 17:20 - 2013-11-04 17:20 - 00000000 ___DC C:\Program Files\Common Files\Overwolf
2013-11-04 17:06 - 2013-01-10 13:09 - 00000000 ___DC C:\AeriaGames
2013-11-04 17:06 - 2012-05-26 20:59 - 00000000 _SHDC C:\AI_RecycleBin
2013-11-04 17:06 - 2012-05-04 20:55 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2013-11-04 16:50 - 2013-10-19 01:37 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Fighters
2013-11-04 16:50 - 2013-10-19 01:35 - 00000000 ___DC C:\ProgramData\Fighters
2013-11-04 16:46 - 2012-06-22 15:24 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Apps\2.0
2013-11-04 16:45 - 2013-11-04 16:38 - 00000000 ___DC C:\Program Files\Free Window Registry Repair
2013-11-04 16:38 - 2013-11-04 16:38 - 00001001 _____ C:\Users\UpdatusUser\Desktop\Free Window Registry Repair.lnk
2013-11-04 16:38 - 2013-11-04 16:38 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
2013-11-04 15:37 - 2013-09-17 09:04 - 00000000 ___DC C:\Program Files\SoftwareUpdater
2013-11-04 15:31 - 2013-09-21 20:00 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-04 15:31 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-03 21:02 - 2013-11-03 21:02 - 00016304 ____N C:\Windows\system32\apl003.sys
2013-11-03 21:02 - 2013-11-03 21:02 - 00013232 ____N C:\Windows\system32\apf003.sys
2013-11-03 20:42 - 2012-08-04 22:51 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-11-03 20:42 - 2012-05-17 15:40 - 00000000 ____D C:\Windows\system32\directx
2013-11-03 20:39 - 2013-11-03 20:39 - 00000000 ___DC C:\Program Files\Aeria Games
2013-11-02 14:27 - 2012-08-16 18:22 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Unity
2013-11-02 00:53 - 2012-04-28 16:59 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\vlc
2013-11-02 00:13 - 2013-10-21 20:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\IMVU
2013-11-01 20:22 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\security
2013-11-01 00:37 - 2012-12-01 12:50 - 00000000 ___DC C:\ProgramData\CanonIJPLM
2013-10-31 21:51 - 2012-05-16 20:37 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-10-31 21:49 - 2012-05-04 20:43 - 00000000 ___DC C:\Users\Paddy\AppData\Local\RapidSolution
2013-10-31 21:36 - 2013-03-16 15:31 - 00000000 ___DC C:\Users\Paddy\Desktop\Musik
2013-10-31 21:36 - 2012-05-04 23:28 - 00000000 ____D C:\Users\Paddy\Documents\FFOutput
2013-10-31 20:17 - 2013-10-19 01:38 - 00000000 ___DC C:\ProgramData\clp
2013-10-31 02:26 - 2013-03-10 17:14 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Skype
2013-10-31 00:16 - 2013-10-31 00:14 - 00000000 ___DC C:\ProgramData\AllDup
2013-10-31 00:16 - 2013-10-31 00:14 - 00000000 ___DC C:\Program Files\AllDup
2013-10-30 12:24 - 2013-10-30 12:24 - 00000000 ____D C:\Users\Paddy\Documents\Flash Player Pro
2013-10-30 12:13 - 2013-11-12 01:07 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\system32\Redemption.dll
2013-10-30 12:07 - 2013-10-30 12:07 - 00330240 _____ ((주)마크애니) C:\Windows\MASetupCaller.dll
2013-10-30 12:07 - 2013-10-30 12:07 - 00090112 _____ ((주)마크애니) C:\Windows\MAMCityDownload.ocx
2013-10-30 12:07 - 2013-10-30 12:07 - 00030568 _____ () C:\Windows\MusiccityDownload.exe
2013-10-30 12:06 - 2013-11-12 01:07 - 00821824 _____ (Devguru Co., Ltd.) C:\Windows\system32\dgderapi.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00974848 _____ C:\Windows\system32\cis-2.4.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00569344 _____ ((c) MusicCity) C:\Windows\system32\muzdecode.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00491520 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzapp.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00352256 _____ (Sample Corporation) C:\Windows\system32\MSLUR71.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00258048 _____ ((c) PeeringPortal) C:\Windows\system32\muzoggsp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00245760 _____ (Teruten Inc.) C:\Windows\system32\MSCLib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00200704 _____ ( (c) MusicCity) C:\Windows\system32\muzwmts.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00172032 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzapp.exe
2013-10-30 12:06 - 2013-10-30 12:06 - 00155648 _____ (Teruten Inc.) C:\Windows\system32\MSFLib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00143360 _____ C:\Windows\system32\3DAudio.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00135168 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzaf1.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00131072 _____ ((c) MusicCity) C:\Windows\system32\muzmpgsp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00122880 _____ ((c) MUSICCITY) C:\Windows\system32\muzeffect.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00118784 _____ ((주)마크애니) C:\Windows\system32\MaDRM.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00110592 _____ ((c) MusicCity) C:\Windows\system32\muzmp4sp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00081920 _____ C:\Windows\system32\issacapi_bs-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00065536 _____ C:\Windows\system32\issacapi_pe-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ C:\Windows\system32\issacapi_se-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ (Marktek) C:\Windows\system32\MK_Lyric.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ (Marktek Inc.) C:\Windows\system32\MTXSYNCICON.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00049152 _____ ((주) 마크애니) C:\Windows\system32\MaJGUILib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045320 _____ (MARKANY) C:\Windows\system32\MAMACExtract.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045056 _____ ((주) 마크애니) C:\Windows\system32\MaXMLProto.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045056 _____ ((주) 마크애니) C:\Windows\system32\MACXMLProto.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00040960 _____ (Telechips Inc.,) C:\Windows\system32\MTTELECHIP.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00024576 _____ ((주)마크애니) C:\Windows\system32\MASetupCleaner.exe
2013-10-30 02:45 - 2013-02-23 22:28 - 00000000 ___DC C:\FFOutput
2013-10-30 01:49 - 2013-10-02 01:15 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\okitspace
2013-10-27 23:09 - 2013-03-10 15:14 - 00000000 ___DC C:\Users\Paddy\Desktop\Spiele
2013-10-23 21:43 - 2013-07-11 20:37 - 00000000 ___DC C:\ProgramData\Spybot - Search & Destroy
2013-10-23 21:42 - 2013-10-23 21:42 - 00000079 _____ C:\Windows\wininit.ini
2013-10-23 16:29 - 2013-10-19 00:52 - 00000000 ____D C:\Windows\865537E164904193A4B6669C62711852.TMP
2013-10-22 19:07 - 2013-10-19 13:01 - 00001866 _____ C:\Users\Public\Desktop\Gothic.lnk
2013-10-21 20:26 - 2013-10-21 20:26 - 00001875 ____C C:\Users\Paddy\Desktop\IMVU.lnk
2013-10-21 20:26 - 2013-10-21 20:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU
2013-10-21 20:26 - 2013-10-21 20:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\IMVUClient
2013-10-21 19:06 - 2013-10-21 19:06 - 00000000 ____D C:\Users\Paddy\Documents\ProcAlyzer Dumps
2013-10-21 15:56 - 2013-10-20 00:55 - 00000000 ___DC C:\Program Files\JoWood
2013-10-21 15:36 - 2013-10-21 15:36 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-21 15:36 - 2013-10-21 15:36 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-21 15:36 - 2013-10-21 15:36 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-21 15:36 - 2013-10-21 15:36 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-10-21 15:36 - 2013-10-21 15:36 - 00000000 ___DC C:\ProgramData\Oracle
2013-10-21 15:36 - 2013-10-21 15:36 - 00000000 ___DC C:\Program Files\Java
2013-10-20 10:32 - 2013-10-20 10:32 - 00000000 ____D C:\Users\Paddy\Documents\Gothic3ForsakenGods
2013-10-20 01:04 - 2013-10-20 01:04 - 00000000 ___DC C:\ProgramData\Preventon
2013-10-20 01:00 - 2013-10-20 01:00 - 00001160 _____ C:\Users\Public\Desktop\Gothic 2 Gold Spielen!.lnk
2013-10-19 02:36 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-10-19 01:36 - 2013-10-19 01:36 - 00000000 ___DC C:\ProgramData\Common Toolkit Suite
2013-10-19 01:14 - 2013-09-03 00:41 - 00001609 _____ C:\Users\Public\Desktop\Play League of Legends.lnk
2013-10-19 00:52 - 2013-10-19 00:52 - 00000000 ___DC C:\Program Files\Common Files\Wise Installation Wizard
2013-10-19 00:47 - 2012-04-27 18:11 - 00000000 ___DC C:\Users\Paddy\AppData\Local\VirtualStore
2013-10-19 00:46 - 2013-10-19 00:46 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\net1-wfds
2013-10-19 00:46 - 2013-10-19 00:46 - 00000000 ___DC C:\Program Files\net1-wfds
2013-10-19 00:37 - 2012-06-22 15:24 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Deployment
2013-10-18 12:58 - 2009-07-14 09:57 - 00000000 ____D C:\Windows\ShellNew
2013-10-18 12:58 - 2009-07-14 09:56 - 00000000 ___DC C:\Program Files\Windows Journal
2013-10-18 12:58 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2013-10-18 12:58 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\de
2013-10-18 12:58 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\de-DE
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ___DC C:\Program Files\Windows Sidebar
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ___DC C:\Program Files\Windows Portable Devices
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ___DC C:\Program Files\Windows Photo Viewer
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ___DC C:\Program Files\Windows Defender
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ___DC C:\Program Files\DVD Maker
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\twain_32
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\Offline Web Pages
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\addins
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 __RSD C:\Windows\Media
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Public\Libraries
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 __RDC C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 __RDC C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 __RDC C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 __RDC C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ___DC C:\Program Files\Common Files\System
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ___DC C:\Program Files\Common Files\Services
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\TAPI
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\zh-TW
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\zh-HK
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\zh-CN
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\wfp
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\uk-UA
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\tr-TR
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\th-TH
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\sv-SE
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\sr-Latn-CS
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\sl-SI
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\sk-SK
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\ru-RU
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\ro-RO
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\ras
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\pt-PT
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\pt-BR
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\pl-PL
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\nl-NL
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\nb-NO
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\lv-LV
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\lt-LT
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\ko-KR
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\ja-JP
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\it-IT
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\icsxml
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\ias
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\hu-HU
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\hr-HR
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\he-IL
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\fr-FR
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\fi-FI
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\et-EE
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\el-GR
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\com
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\bg-BG
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\ar-SA
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\L2Schemas
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\IME
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Cursors
2013-10-18 12:56 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-10-18 12:56 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\winrm
2013-10-18 12:56 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\WCN
2013-10-18 12:55 - 2012-05-02 10:05 - 00000000 ____D C:\Windows\system32\SPReview
2013-10-18 12:55 - 2012-05-02 10:04 - 00000000 ____D C:\Windows\system32\EventProviders
2013-10-18 12:55 - 2012-04-27 19:15 - 00000000 ____D C:\Windows\system32\Macromed
2013-10-18 12:55 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\slmgr
2013-10-18 12:55 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-10-18 12:55 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\system32\restore
2013-10-18 12:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\spp
2013-10-18 12:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\Speech
2013-10-18 12:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\SMI
2013-10-18 12:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NetworkList
2013-10-18 12:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\MUI
2013-10-18 12:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\Msdtc
2013-10-18 12:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\IME
2013-10-18 12:54 - 2013-10-15 21:37 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2013-10-18 12:54 - 2013-08-28 17:13 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2013-10-18 12:54 - 2013-06-24 17:25 - 00000000 ____D C:\Windows\de
2013-10-18 12:54 - 2013-06-20 12:31 - 00000000 ___DC C:\Users\Paddy\Desktop\Baphometsfluch 2
2013-10-18 12:54 - 2013-06-19 20:57 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\ScummVM
2013-10-18 12:54 - 2013-06-01 18:44 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2013-10-18 12:54 - 2013-05-17 23:39 - 00000000 ___DC C:\Users\Paddy\Desktop\Chat
2013-10-18 12:54 - 2013-05-12 15:23 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Die Polizei 2013
2013-10-18 12:54 - 2013-05-12 15:10 - 00000000 ____D C:\Users\Paddy\Documents\UK Truck Simulator
2013-10-18 12:54 - 2013-03-31 16:11 - 00000000 ____D C:\Users\Paddy\Documents\18 WoS Extreme Trucker
2013-10-18 12:54 - 2013-03-30 16:57 - 00000000 ____D C:\Users\Paddy\Documents\Dungeon Siege
2013-10-18 12:54 - 2013-02-24 20:56 - 00000000 ____D C:\Users\Paddy\Documents\Euro Truck Simulator 2
2013-10-18 12:54 - 2013-01-20 13:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-10-18 12:54 - 2012-11-24 00:35 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\OpenCandy
2013-10-18 12:54 - 2012-11-23 21:15 - 00000000 ____D C:\Users\Paddy\Documents\Euro Truck Simulator
2013-10-18 12:54 - 2012-10-31 21:10 - 00000000 ____D C:\Users\Paddy\Documents\German Truck Simulator
2013-10-18 12:54 - 2012-09-22 15:00 - 00000000 ____D C:\Windows\pss
2013-10-18 12:54 - 2012-09-13 17:01 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\XXXDownloader
2013-10-18 12:54 - 2012-08-15 17:44 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2013-10-18 12:54 - 2012-07-12 20:42 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-18 12:54 - 2012-07-12 20:42 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-18 12:54 - 2012-06-23 16:16 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Mozilla
2013-10-18 12:54 - 2012-04-30 21:05 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Youtube Downloader HD
2013-10-18 12:54 - 2012-04-27 20:07 - 00000000 ___HD C:\Users\Paddy\Documents\Runes of Magic
2013-10-18 12:54 - 2012-04-27 18:39 - 00000000 __RSD C:\Users\Paddy\Documents\McAfee-Depots
2013-10-18 12:54 - 2012-04-27 18:11 - 00000000 __RDC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-18 12:54 - 2012-04-27 18:11 - 00000000 __RDC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-18 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Speech
2013-10-18 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\schemas
2013-10-18 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Resources
2013-10-18 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\PLA
2013-10-18 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Help
2013-10-18 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Globalization
2013-10-18 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Branding
2013-10-18 12:53 - 2013-09-03 00:41 - 00000000 ___DC C:\Riot Games
2013-10-18 12:53 - 2013-07-26 15:56 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Temp3a72a5afdf6945ddef865b2e9ccf6174
2013-10-18 12:53 - 2013-06-24 17:23 - 00000000 ___DC C:\Program Files\Windows Live
2013-10-18 12:53 - 2013-06-19 20:57 - 00000000 ___DC C:\Program Files\ScummVM
2013-10-18 12:53 - 2013-06-13 22:59 - 00000000 ___DC C:\Program Files\Microsoft Silverlight
2013-10-18 12:53 - 2013-06-01 18:44 - 00000000 ___DC C:\Users\Paddy\AppData\Local\TeamSpeak 3 Client
2013-10-18 12:53 - 2013-05-18 17:57 - 00000000 ___DC C:\Program Files\TheKlub17
2013-10-18 12:53 - 2013-05-12 15:09 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\GoforFiles
2013-10-18 12:53 - 2013-04-29 11:25 - 00000000 ___DC C:\Program Files\DVDVideoSoft
2013-10-18 12:53 - 2013-03-30 15:41 - 00000000 ___DC C:\ProgramData\DAEMON Tools Lite
2013-10-18 12:53 - 2013-03-29 20:25 - 00000000 ___DC C:\Program Files\Malwarebytes' Anti-Malware
2013-10-18 12:53 - 2013-03-10 17:14 - 00000000 __RDC C:\Program Files\Skype
2013-10-18 12:53 - 2013-03-02 14:21 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\DVDVideoSoft
2013-10-18 12:53 - 2013-01-10 13:09 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Akamai
2013-10-18 12:53 - 2013-01-09 20:07 - 00000000 ___DC C:\Program Files\Visions
2013-10-18 12:53 - 2013-01-09 16:15 - 00000000 __HDC C:\ProgramData\CanonIJEGV
2013-10-18 12:53 - 2013-01-03 21:03 - 00000000 ___DC C:\Program Files\TeamSpeak 3 Client
2013-10-18 12:53 - 2012-12-29 14:36 - 00000000 ___DC C:\ProgramData\Ulead Systems
2013-10-18 12:53 - 2012-12-08 20:40 - 00000000 ___DC C:\Program Files\Mozilla Firefox
2013-10-18 12:53 - 2012-12-02 14:14 - 00000000 ___DC C:\ProgramData\PWD
2013-10-18 12:53 - 2012-12-01 12:50 - 00000000 __HDC C:\ProgramData\CanonIJScan
2013-10-18 12:53 - 2012-12-01 12:50 - 00000000 ___DC C:\ProgramData\CanonIJ
2013-10-18 12:53 - 2012-11-24 20:06 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Cuttermaran
2013-10-18 12:53 - 2012-11-24 19:51 - 00000000 ___DC C:\ProgramData\Microsoft SkyDrive
2013-10-18 12:53 - 2012-11-24 19:51 - 00000000 ___DC C:\Program Files\Microsoft SkyDrive
2013-10-18 12:53 - 2012-11-24 00:00 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\KastorAllVideoDownloader
2013-10-18 12:53 - 2012-11-23 14:49 - 00000000 ___DC C:\Program Files\Steam
2013-10-18 12:53 - 2012-11-16 17:50 - 00000000 ___DC C:\Program Files\GameforgeLive
2013-10-18 12:53 - 2012-10-01 23:11 - 00000000 ___DC C:\Program Files\WinPcap
2013-10-18 12:53 - 2012-10-01 22:54 - 00000000 ___DC C:\Users\Paddy\AppData\Local\DownTango
2013-10-18 12:53 - 2012-09-07 16:18 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\eType
2013-10-18 12:53 - 2012-08-14 18:47 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\dvdcss
2013-10-18 12:53 - 2012-07-12 20:41 - 00000000 ___DC C:\ProgramData\NVIDIA Corporation
2013-10-18 12:53 - 2012-07-12 20:40 - 00000000 ___DC C:\Program Files\NVIDIA Corporation
2013-10-18 12:53 - 2012-06-03 16:18 - 00000000 ___DC C:\ProgramData\PMB Files
2013-10-18 12:53 - 2012-05-11 17:59 - 00000000 ___DC C:\Program Files\Freemium
2013-10-18 12:53 - 2012-04-30 21:20 - 00000000 ___DC C:\Program Files\SystemStore
2013-10-18 12:53 - 2012-04-28 17:56 - 00000000 ___DC C:\Users\Paddy\AppData\Local\IM
2013-10-18 12:53 - 2012-04-27 19:44 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Conduit
2013-10-18 12:53 - 2012-04-27 19:18 - 00000000 ___DC C:\Program Files\WinRAR
2013-10-18 12:53 - 2012-04-27 19:09 - 00000000 ___DC C:\Program Files\Microsoft.NET
2013-10-18 12:53 - 2012-04-27 19:09 - 00000000 ___DC C:\Program Files\Microsoft Office
2013-10-18 12:53 - 2012-04-27 19:01 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Hama Web
2013-10-18 12:53 - 2012-04-27 18:32 - 00000000 ___DC C:\ProgramData\McAfee
2013-10-18 12:53 - 2009-07-14 05:52 - 00000000 ___DC C:\Program Files\Microsoft Games
2013-10-18 12:53 - 2009-07-14 03:37 - 00000000 ___DC C:\Program Files\Windows NT
2013-10-18 12:52 - 2013-05-10 15:14 - 00000000 ___DC C:\Program Files\Common Files\Skype
2013-10-18 12:52 - 2013-04-29 11:25 - 00000000 ___DC C:\Program Files\Common Files\DVDVideoSoft
2013-10-18 12:52 - 2013-03-23 22:18 - 00000000 ___DC C:\Program Files\Common Files\PocketSoft
2013-10-18 12:52 - 2013-02-04 17:46 - 00000000 ___DC C:\Program Files\Adobe Download Assistant
2013-10-18 12:52 - 2012-11-30 15:32 - 00000000 ___DC C:\Program Files\Canon
2013-10-18 12:52 - 2012-11-23 14:49 - 00000000 ___DC C:\Program Files\Common Files\Steam
2013-10-18 12:52 - 2012-09-13 20:24 - 00000000 ___DC C:\Program Files\CCleaner
2013-10-18 12:52 - 2012-07-09 13:14 - 00000000 ___DC C:\Program Files\Common Files\PX Storage Engine
2013-10-18 12:52 - 2012-07-09 13:13 - 00000000 ___DC C:\Program Files\DivX
2013-10-18 12:52 - 2012-07-06 19:51 - 00000000 ___DC C:\Program Files\Common Files\SWF Studio
2013-10-18 12:52 - 2012-06-22 09:43 - 00000000 ___DC C:\Program Files\Common Files\Blizzard Entertainment
2013-10-18 12:52 - 2012-04-30 22:04 - 00000000 ___DC C:\ab3e352107b70ccdc8f63da9
2013-10-18 12:52 - 2012-04-29 22:30 - 00000000 ___DC C:\Program Files\Common Files\InstallShield
2013-10-18 12:52 - 2012-04-27 19:10 - 00000000 ___DC C:\Program Files\Common Files\DESIGNER
2013-10-18 12:52 - 2012-04-27 18:38 - 00000000 ___DC C:\Program Files\Common Files\Mcafee
2013-10-18 12:52 - 2009-07-14 03:37 - 00000000 ___DC C:\Program Files\Common Files\microsoft shared
2013-10-18 12:50 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2013-10-18 12:26 - 2013-03-10 17:14 - 00000000 ___DC C:\ProgramData\Skype
2013-10-18 12:08 - 2013-03-23 22:15 - 00000000 ___DC C:\Program Files\Atari
2013-10-18 12:05 - 2012-04-27 18:11 - 00000000 ___DC C:\Users\Paddy
2013-10-18 01:19 - 2012-10-03 14:49 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Malwarebytes
 
Files to move or delete:
====================
C:\Users\Paddy\AppData\Roaming\skype.ini
C:\ProgramData\dsgsdgdsgdsgw.pad
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-10-31 11:04
 
==================== End Of Log ============================

--- --- ---

Sakurako137 · 15.11.2013, 15:00

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-11-2013
Ran by Paddy (administrator) on PADDY-PC on 15-11-2013 13:50:32
Running from C:\Users\Paddy\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) ===================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Users\Paddy\AppData\Local\Temp\OCS\Downloads\3fb4024f7caf3a01809ef819569822ba\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe
() C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Akamai Technologies, Inc.) C:\Users\Paddy\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Paddy\AppData\Local\Akamai\netsession_win.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Users\Paddy\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
() C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_152_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [1278064 2013-03-13] (McAfee, Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Aeria Ignite] - C:\Program Files\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM\...\Run: [Ocs_SM] - C:\Users\Paddy\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2013-11-11] (OCS)
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Paddy\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-05] ()
HKCU\...\Run: [Overwolf] - C:\Program Files\Overwolf\Overwolf.exe [35256 2013-10-23] (Overwolf)
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-11-15] (Google Inc.)
HKCU\...\Winlogon: [Shell] explorer.exe <==== ATTENTION 
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
MountPoints2: {ecdf1629-9089-11e1-82eb-806e6f6e6963} - F:\Start.exe
AppInit_DLLs: c:\progra~2\browse~1\261339~1.144\{c16c1~1\browse~1.dll [ ] ()
BootExecute: autocheck autochk * sdnclean.exe
 
==================== Internet (Whitelisted) ====================
 
ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://facebook.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8061B8F4A024CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.delta-search.com/?affID=121561&tt=190313_wo3&babsrc=HP_ss&mntrId=E8A590E6BA4ED462
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=E8A590E6BA4ED462&affID=120695&tsp=4932
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=ds&from=adks&uid=SAMSUNGXHD103UJ_S13PJ90SA07309&ts=1383847196&type=default&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=ds&from=adks&uid=SAMSUNGXHD103UJ_S13PJ90SA07309&ts=1383847196&type=default&q={searchTerms}
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - (No Name) - {40c3cc16-7269-4b32-9531-17f2950fb06f} -  No File
URLSearchHook: HKCU - (No Name) - {990af1c2-5a27-4460-8149-ecc6bc122af3} -  No File
URLSearchHook: HKCU - (No Name) - {78e516ef-11de-47a1-8364-a99b917ec5ee} -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.dosearches.com/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=sc&from=adks&uid=SAMSUNGXHD103UJ_S13PJ90SA07309&ts=1383847196
SearchScopes: HKLM - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKCU - BrowserMngrDefaultScope {7863768C-0074-4B11-98DF-DA393E04CCD4}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494531305352&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&k=0
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKCU - {1F562031-5F86-46EF-A1D2-98607796E6B7} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {6356B883-415D-4F82-9643-99AF5C1FCE6B} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {65020ABE-AC86-40B3-BA30-3820AE7B74C2} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {6A52F208-563B-4165-AEB6-BB12B3524B8C} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {71AEEF32-6DE9-4786-ADC5-DA4B44B7AFD9} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKCU - {871940BA-AE5A-4D6E-BD33-2EC2F0339F69} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {DEFFDD02-590A-4A0A-95E1-8F8ECEEACFC6} URL = hxxp://de.search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F64652E7365617263682E7961686F6F2E636F6D2F7365617263683F703D7B7365617263685465726D737D2666723D76635F7472616E735F3831343026747970653D686F727573&st={searchTerms}&clid=e8493c52-caab-4c35-ad8a-14bd997046f7&pid=dcude&k=0
BHO: OKitSpace - {3543619C-D563-43f7-95EA-4DA7E1CC396A} - C:\Users\Paddy\AppData\Roaming\okitspace\IE\OkitSpace.dll ()
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20120706161054.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: af0.Adblock.BHO - {90EFF544-3981-4d46-85C9-C0361D0931D6} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll ()
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} -  No File
Toolbar: HKCU - No Name - {990AF1C2-5A27-4460-8149-ECC6BC122AF3} -  No File
Toolbar: HKCU - No Name - {78E516EF-11DE-47A1-8364-A99B917EC5EE} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 
FireFox:
========
FF ProfilePath: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @mcafee.com/MVT - C:\Program Files\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF Plugin: @mcafee.com/SAFFPlugin - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Paddy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Paddy\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\aed6677c-c927-4858-ba8c-7a232a32db49.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\badoo.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\{0622CC76-C099-4CF2-83D2-FB3CA5749E96}.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\{0B91852B-50A2-49DA-B502-59A213B0F745}.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\{65EB0022-4F2F-4871-8717-6F344E5E7CEB}.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\{86522860-BD94-45C7-A318-7604BC80793A}.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\{A0ACA1A1-184F-4F0A-86A0-DB5B1088C2B8}.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\{DE0A6B44-B277-4D90-AB49-99E52589A06F}.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions
FF Extension: OneClickDownloader - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\user.js.orig
FF Extension: DealPly  Shopping - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\addon@dealplyshopping.com
FF Extension: Amazon-Icon - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\amazon-icon@winload.de
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\staged
FF Extension: PriceGong - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
FF Extension: Bitdefender QuickScan - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF Extension: pricepeep - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\pricepeep@getpricepeep.com.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor
FF HKLM\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files\Common Files\McAfee\SystemCore
FF Extension: McAfee ScriptScan for Firefox - C:\Program Files\Common Files\McAfee\SystemCore
FF HKLM\...\Firefox\Extensions: [OKitSpace@Vittalia.es] - C:\Users\Paddy\AppData\Roaming\okitspace\Firefox
FF Extension: OKitSpace - C:\Users\Paddy\AppData\Roaming\okitspace\Firefox
FF HKLM\...\Firefox\Extensions: [OKitSpace@OKitSpace.es] - C:\Users\Paddy\AppData\Roaming\okitSpace\Firefox
FF Extension: OKitSpace - C:\Users\Paddy\AppData\Roaming\okitSpace\Firefox
FF HKLM\...\Firefox\Extensions: [dnshelp@dnshelp.com] - C:\Users\Paddy\AppData\Roaming\Helper
FF Extension: Helper - C:\Users\Paddy\AppData\Roaming\Helper
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK
 
Chrome: 
=======
CHR Extension: () - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\background.html
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM\...\Chrome\Extension: [hifnddafpdkmjljallgdlkjiiieidmec] - C:\Users\Paddy\AppData\Roaming\okitSpace\Chrome\OKitSpace.crx
CHR HKLM\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\Paddy\AppData\Local\Wajam\Chrome\wajam.crx
CHR HKLM\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Paddy\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx
 
========================== Services (Whitelisted) =================
 
R2 AddonsHelper; C:\Users\Paddy\AppData\Local\Temp\OCS\Downloads\3fb4024f7caf3a01809ef819569822ba\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe [896512 2013-11-11] ()
R2 FreemiumSystemStoreService; C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.exe [7244800 2012-09-13] ()
S3 Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [135584 2011-12-09] (Futuremark Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [279048 2012-11-16] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [203840 2013-02-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169320 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [172416 2013-02-19] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
S3 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [18360 2013-10-23] (Overwolf Ltd)
R2 SearchAnonymizer; C:\Users\Paddy\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2013-11-11] ()
S2 srvPlgProtect; C:\Users\Paddy\AppData\Roaming\okitspace\protect\PluginProtect.exe [90112 2013-11-13] ()
S2 SrvUpdater; C:\Program Files\SoftwareUpdater\UpdaterService.exe [32768 2013-10-23] ()
R2 SystemStore; C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe [14848 2012-04-24] ()
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [x]
 
==================== Drivers (Whitelisted) ====================
 
S3 apf003; C:\Windows\system32\apf003.sys [13232 2013-11-03] ()
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2013-06-01] (Wondershare)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [60920 2013-02-19] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [146872 2012-04-20] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 McPvDrv; C:\Windows\System32\drivers\McPvDrv.sys [64832 2012-09-14] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [133416 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [235264 2013-02-19] (McAfee, Inc.)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [65928 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [363080 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [565888 2013-02-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [92632 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [210608 2013-02-19] (McAfee, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 nusbhost; C:\Windows\System32\DRIVERS\nusbhst.sys [13824 2006-12-29] (SC)
R3 NUSBHUB; C:\Windows\System32\DRIVERS\nusbhub.sys [35840 2006-12-29] (SC)
R2 persg; C:\Windows\System32\DRIVERS\persg.sys [25176 2012-04-19] ()
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)
S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39016 2012-04-20] (RapidSolution Software AG)
U3 mfeavfk01; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-11-15 13:50 - 2013-11-15 13:51 - 00025417 ____C C:\Users\Paddy\Desktop\FRST.txt
2013-11-15 13:50 - 2013-11-15 13:50 - 00000000 ___DC C:\FRST
2013-11-15 13:49 - 2013-11-15 13:49 - 01090529 ____C (Farbar) C:\Users\Paddy\Desktop\FRST.exe
2013-11-15 12:04 - 2013-11-15 12:04 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Google
2013-11-15 11:38 - 2013-11-15 11:39 - 00000000 ___DC C:\ProgramData\Google
2013-11-14 23:45 - 2013-11-15 11:36 - 00000168 _____ C:\Windows\setupact.log
2013-11-14 23:45 - 2013-11-14 23:45 - 00000000 _____ C:\Windows\setuperr.log
2013-11-14 23:44 - 2013-11-14 23:44 - 00000768 _____ C:\Windows\PFRO.log
2013-11-14 13:14 - 2013-10-12 08:04 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-14 13:14 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 13:14 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-14 13:14 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-14 13:14 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-14 13:14 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-14 03:56 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 03:56 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 03:56 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 03:56 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 03:56 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 03:56 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 03:56 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 03:56 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 03:56 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 03:56 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 03:56 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 03:56 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 03:56 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 03:56 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 03:56 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 03:56 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 03:56 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 03:56 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-14 01:26 - 2013-11-14 01:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Vast Studios
2013-11-14 01:23 - 2013-11-14 01:23 - 00002210 _____ C:\Users\Public\Desktop\Spiel Nightfall Mysteries - Die Ashburg Verschwoerung.lnk
2013-11-14 01:23 - 2013-11-14 01:23 - 00001907 _____ C:\Users\Public\Desktop\Spiel Atlantis Quest.lnk
2013-11-14 01:23 - 2013-11-14 01:23 - 00001234 _____ C:\Users\Public\Desktop\Weitere fantastische Spiele.lnk
2013-11-14 01:23 - 2013-11-14 01:23 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nightfall Mysteries - Die Ashburg Verschwoerung
2013-11-14 01:23 - 2013-11-14 01:23 - 00000000 ___DC C:\Program Files\Nightfall Mysteries - Die Ashburg Verschwoerung
2013-11-14 01:23 - 2013-11-14 01:23 - 00000000 ___DC C:\Program Files\Atlantis Quest
2013-11-14 01:19 - 2013-11-14 01:20 - 00000000 ___DC C:\Program Files\bfgclient
2013-11-13 13:13 - 2013-11-13 13:13 - 08405609 ____C C:\Users\Paddy\Desktop\Evanescence-My Immortal lyrics.mp4
2013-11-12 12:07 - 2013-11-12 12:07 - 00782336 _____ C:\Windows\system32\config\default.rhk
2013-11-12 12:07 - 2013-11-12 12:07 - 00024576 _____ C:\Windows\system32\config\security.rhk
2013-11-12 12:07 - 2013-11-12 12:07 - 00024576 _____ C:\Windows\system32\config\sam.rhk
2013-11-12 12:06 - 2013-11-12 12:07 - 43806720 _____ C:\Windows\system32\config\software.rhk
2013-11-12 12:03 - 2013-11-15 13:34 - 01311762 _____ C:\Windows\WindowsUpdate.log
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Samsung
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Samsung
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ____D C:\Users\Paddy\Documents\samsung
2013-11-12 01:07 - 2013-11-12 01:08 - 00000000 ___DC C:\ProgramData\Samsung
2013-11-12 01:07 - 2013-11-12 01:08 - 00000000 ___DC C:\Program Files\Samsung
2013-11-12 01:07 - 2013-10-30 12:13 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\system32\Redemption.dll
2013-11-12 01:07 - 2013-10-30 12:06 - 00821824 _____ (Devguru Co., Ltd.) C:\Windows\system32\dgderapi.dll
2013-11-12 01:04 - 2013-11-12 01:04 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Downloaded Installations
2013-11-11 12:56 - 2013-11-11 12:56 - 00000442 _____ C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job
2013-11-11 12:46 - 2013-11-11 12:50 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Wise Registry Cleaner
2013-11-11 12:46 - 2013-11-11 12:46 - 00001456 _____ C:\Users\UpdatusUser\Desktop\Amazon.lnk
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Helper
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\DesktopIconForAmazon
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\ProgramData\DNSErrorHelper
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\Program Files\Wise
2013-11-11 12:45 - 2013-11-11 12:45 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\OCS
2013-11-04 21:10 - 2013-11-04 21:10 - 00016384 ____C C:\Users\Paddy\Desktop\Laura.xls
2013-11-04 17:21 - 2013-11-04 17:21 - 00001678 ____C C:\Users\Paddy\Desktop\Shaiya-DE.lnk
2013-11-04 17:20 - 2013-11-04 17:20 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portal of Etain
2013-11-04 17:20 - 2013-11-04 17:20 - 00000000 ___DC C:\Program Files\Overwolf
2013-11-04 17:20 - 2013-11-04 17:20 - 00000000 ___DC C:\Program Files\Common Files\Overwolf
2013-11-04 17:08 - 2013-11-15 11:36 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Overwolf
2013-11-04 16:38 - 2013-11-04 16:45 - 00000000 ___DC C:\Program Files\Free Window Registry Repair
2013-11-04 16:38 - 2013-11-04 16:38 - 00001001 _____ C:\Users\UpdatusUser\Desktop\Free Window Registry Repair.lnk
2013-11-04 16:38 - 2013-11-04 16:38 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
2013-11-03 21:02 - 2013-11-03 21:02 - 00016304 ____N C:\Windows\system32\apl003.sys
2013-11-03 21:02 - 2013-11-03 21:02 - 00013232 ____N C:\Windows\system32\apf003.sys
2013-11-03 20:39 - 2013-11-03 20:39 - 00000000 ___DC C:\Program Files\Aeria Games
2013-10-31 00:16 - 2010-10-13 06:42 - 02369456 _____ (Codejock Software) C:\Windows\system32\Codejock.CommandBars.v13.4.2.ocx
2013-10-31 00:16 - 2010-06-01 14:45 - 01005088 _____ (Bennet-Tec Information Systems, Inc) C:\Windows\system32\TList8.ocx
2013-10-31 00:16 - 2008-01-29 07:57 - 00450560 _____ (LogicNP Software (hxxp://www.ssware.com)) C:\Windows\system32\fldrvw90.ocx
2013-10-31 00:15 - 2010-08-20 21:53 - 00086016 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtSplitter.ocx
2013-10-31 00:15 - 2010-06-11 10:50 - 00089888 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtFrame.ocx
2013-10-31 00:15 - 2010-03-25 10:33 - 00171752 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtRTF2.ocx
2013-10-31 00:15 - 2009-10-13 00:02 - 00044736 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtSubclass.dll
2013-10-31 00:15 - 2009-10-13 00:01 - 00077504 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtScrollContainer.ocx
2013-10-31 00:14 - 2013-11-10 21:13 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\AllDup
2013-10-31 00:14 - 2013-10-31 00:16 - 00000000 ___DC C:\ProgramData\AllDup
2013-10-31 00:14 - 2013-10-31 00:16 - 00000000 ___DC C:\Program Files\AllDup
2013-10-30 12:24 - 2013-11-07 19:00 - 00000000 ___DC C:\Program Files\Flash Player Pro
2013-10-30 12:24 - 2013-10-30 12:24 - 00000000 ____D C:\Users\Paddy\Documents\Flash Player Pro
2013-10-30 12:07 - 2013-10-30 12:07 - 00330240 _____ ((주)마크애니) C:\Windows\MASetupCaller.dll
2013-10-30 12:07 - 2013-10-30 12:07 - 00090112 _____ ((주)마크애니) C:\Windows\MAMCityDownload.ocx
2013-10-30 12:07 - 2013-10-30 12:07 - 00030568 _____ () C:\Windows\MusiccityDownload.exe
2013-10-30 12:06 - 2013-10-30 12:06 - 00974848 _____ C:\Windows\system32\cis-2.4.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00569344 _____ ((c) MusicCity) C:\Windows\system32\muzdecode.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00491520 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzapp.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00352256 _____ (Sample Corporation) C:\Windows\system32\MSLUR71.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00258048 _____ ((c) PeeringPortal) C:\Windows\system32\muzoggsp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00245760 _____ (Teruten Inc.) C:\Windows\system32\MSCLib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00200704 _____ ( (c) MusicCity) C:\Windows\system32\muzwmts.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00172032 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzapp.exe
2013-10-30 12:06 - 2013-10-30 12:06 - 00155648 _____ (Teruten Inc.) C:\Windows\system32\MSFLib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00143360 _____ C:\Windows\system32\3DAudio.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00135168 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzaf1.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00131072 _____ ((c) MusicCity) C:\Windows\system32\muzmpgsp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00122880 _____ ((c) MUSICCITY) C:\Windows\system32\muzeffect.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00118784 _____ ((주)마크애니) C:\Windows\system32\MaDRM.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00110592 _____ ((c) MusicCity) C:\Windows\system32\muzmp4sp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00081920 _____ C:\Windows\system32\issacapi_bs-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00065536 _____ C:\Windows\system32\issacapi_pe-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ C:\Windows\system32\issacapi_se-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ (Marktek) C:\Windows\system32\MK_Lyric.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ (Marktek Inc.) C:\Windows\system32\MTXSYNCICON.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00049152 _____ ((주) 마크애니) C:\Windows\system32\MaJGUILib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045320 _____ (MARKANY) C:\Windows\system32\MAMACExtract.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045056 _____ ((주) 마크애니) C:\Windows\system32\MaXMLProto.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045056 _____ ((주) 마크애니) C:\Windows\system32\MACXMLProto.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00040960 _____ (Telechips Inc.,) C:\Windows\system32\MTTELECHIP.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00024576 _____ ((주)마크애니) C:\Windows\system32\MASetupCleaner.exe
2013-10-23 21:42 - 2013-10-23 21:42 - 00000079 _____ C:\Windows\wininit.ini
2013-10-21 20:26 - 2013-11-02 00:13 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\IMVU
2013-10-21 20:26 - 2013-10-21 20:26 - 00001875 ____C C:\Users\Paddy\Desktop\IMVU.lnk
2013-10-21 20:26 - 2013-10-21 20:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU
2013-10-21 20:26 - 2013-10-21 20:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\IMVUClient
2013-10-21 19:06 - 2013-10-21 19:06 - 00000000 ____D C:\Users\Paddy\Documents\ProcAlyzer Dumps
2013-10-21 15:36 - 2013-10-21 15:36 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-21 15:36 - 2013-10-21 15:36 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-21 15:36 - 2013-10-21 15:36 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-21 15:36 - 2013-10-21 15:36 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-10-21 15:36 - 2013-10-21 15:36 - 00000000 ___DC C:\ProgramData\Oracle
2013-10-21 15:36 - 2013-10-21 15:36 - 00000000 ___DC C:\Program Files\Java
2013-10-20 10:32 - 2013-10-20 10:32 - 00000000 ____D C:\Users\Paddy\Documents\Gothic3ForsakenGods
2013-10-20 01:04 - 2013-10-20 01:04 - 00000000 ___DC C:\ProgramData\Preventon
2013-10-20 01:00 - 2013-10-20 01:00 - 00001160 _____ C:\Users\Public\Desktop\Gothic 2 Gold Spielen!.lnk
2013-10-20 00:55 - 2013-10-21 15:56 - 00000000 ___DC C:\Program Files\JoWood
2013-10-19 13:01 - 2013-10-22 19:07 - 00001866 _____ C:\Users\Public\Desktop\Gothic.lnk
2013-10-19 01:38 - 2013-10-31 20:17 - 00000000 ___DC C:\ProgramData\clp
2013-10-19 01:37 - 2013-11-04 16:50 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Fighters
2013-10-19 01:36 - 2013-10-19 01:36 - 00000000 ___DC C:\ProgramData\Common Toolkit Suite
2013-10-19 01:35 - 2013-11-04 16:50 - 00000000 ___DC C:\ProgramData\Fighters
2013-10-19 00:52 - 2013-10-23 16:29 - 00000000 ____D C:\Windows\865537E164904193A4B6669C62711852.TMP
2013-10-19 00:52 - 2013-10-19 00:52 - 00000000 ___DC C:\Program Files\Common Files\Wise Installation Wizard
2013-10-19 00:46 - 2013-10-19 00:46 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\net1-wfds
2013-10-19 00:46 - 2013-10-19 00:46 - 00000000 ___DC C:\Program Files\net1-wfds
2013-10-18 12:10 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-18 12:10 - 2013-07-03 05:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-18 12:10 - 2013-07-03 04:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-18 12:10 - 2013-07-03 04:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
 
==================== One Month Modified Files and Folders =======
 
2013-11-15 13:51 - 2013-11-15 13:50 - 00025417 ____C C:\Users\Paddy\Desktop\FRST.txt
2013-11-15 13:50 - 2013-11-15 13:50 - 00000000 ___DC C:\FRST
2013-11-15 13:49 - 2013-11-15 13:49 - 01090529 ____C (Farbar) C:\Users\Paddy\Desktop\FRST.exe
2013-11-15 13:34 - 2013-11-12 12:03 - 01311762 _____ C:\Windows\WindowsUpdate.log
2013-11-15 12:07 - 2012-06-03 16:18 - 00000000 ___DC C:\Users\Paddy\AppData\Local\PMB Files
2013-11-15 12:05 - 2012-11-24 00:18 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Google
2013-11-15 12:04 - 2013-11-15 12:04 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Google
2013-11-15 12:04 - 2012-12-01 12:57 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Adobe
2013-11-15 11:44 - 2009-07-14 05:34 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-15 11:44 - 2009-07-14 05:34 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-15 11:39 - 2013-11-15 11:38 - 00000000 ___DC C:\ProgramData\Google
2013-11-15 11:39 - 2013-02-21 16:45 - 00000000 ___DC C:\Program Files\Google
2013-11-15 11:38 - 2012-04-27 19:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-11-15 11:36 - 2013-11-14 23:45 - 00000168 _____ C:\Windows\setupact.log
2013-11-15 11:36 - 2013-11-04 17:08 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Overwolf
2013-11-15 11:36 - 2012-04-27 18:16 - 00000000 ___DC C:\ProgramData\NVIDIA
2013-11-14 23:45 - 2013-11-14 23:45 - 00000000 _____ C:\Windows\setuperr.log
2013-11-14 23:45 - 2012-04-27 18:55 - 00000000 ____D C:\Windows\Panther
2013-11-14 23:44 - 2013-11-14 23:44 - 00000768 _____ C:\Windows\PFRO.log
2013-11-14 23:44 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-11-14 13:16 - 2009-07-14 03:04 - 00000499 _____ C:\Windows\win.ini
2013-11-14 13:14 - 2013-08-15 02:30 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 13:11 - 2012-05-02 10:03 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-14 01:26 - 2013-11-14 01:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Vast Studios
2013-11-14 01:25 - 2013-08-22 18:28 - 00000000 ___DC C:\BigFishCache
2013-11-14 01:23 - 2013-11-14 01:23 - 00002210 _____ C:\Users\Public\Desktop\Spiel Nightfall Mysteries - Die Ashburg Verschwoerung.lnk
2013-11-14 01:23 - 2013-11-14 01:23 - 00001907 _____ C:\Users\Public\Desktop\Spiel Atlantis Quest.lnk
2013-11-14 01:23 - 2013-11-14 01:23 - 00001234 _____ C:\Users\Public\Desktop\Weitere fantastische Spiele.lnk
2013-11-14 01:23 - 2013-11-14 01:23 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nightfall Mysteries - Die Ashburg Verschwoerung
2013-11-14 01:23 - 2013-11-14 01:23 - 00000000 ___DC C:\Program Files\Nightfall Mysteries - Die Ashburg Verschwoerung
2013-11-14 01:23 - 2013-11-14 01:23 - 00000000 ___DC C:\Program Files\Atlantis Quest
2013-11-14 01:20 - 2013-11-14 01:19 - 00000000 ___DC C:\Program Files\bfgclient
2013-11-14 01:19 - 2013-08-22 18:30 - 00000000 ___DC C:\ProgramData\Big Fish
2013-11-13 13:13 - 2013-11-13 13:13 - 08405609 ____C C:\Users\Paddy\Desktop\Evanescence-My Immortal lyrics.mp4
2013-11-13 13:11 - 2012-04-27 18:13 - 00365334 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-12 12:07 - 2013-11-12 12:07 - 00782336 _____ C:\Windows\system32\config\default.rhk
2013-11-12 12:07 - 2013-11-12 12:07 - 00024576 _____ C:\Windows\system32\config\security.rhk
2013-11-12 12:07 - 2013-11-12 12:07 - 00024576 _____ C:\Windows\system32\config\sam.rhk
2013-11-12 12:07 - 2013-11-12 12:06 - 43806720 _____ C:\Windows\system32\config\software.rhk
2013-11-12 02:03 - 2012-07-09 13:38 - 00000000 ___DC C:\Users\Paddy\Desktop\Programme
2013-11-12 01:11 - 2013-09-11 16:48 - 00000000 ___DC C:\Users\Paddy\Desktop\Handy
2013-11-12 01:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Samsung
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Samsung
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-11-12 01:09 - 2013-11-12 01:09 - 00000000 ____D C:\Users\Paddy\Documents\samsung
2013-11-12 01:08 - 2013-11-12 01:07 - 00000000 ___DC C:\ProgramData\Samsung
2013-11-12 01:08 - 2013-11-12 01:07 - 00000000 ___DC C:\Program Files\Samsung
2013-11-12 01:07 - 2012-04-27 19:45 - 00000000 __HDC C:\Program Files\InstallShield Installation Information
2013-11-12 01:04 - 2013-11-12 01:04 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Downloaded Installations
2013-11-11 12:56 - 2013-11-11 12:56 - 00000442 _____ C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job
2013-11-11 12:50 - 2013-11-11 12:46 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Wise Registry Cleaner
2013-11-11 12:46 - 2013-11-11 12:46 - 00001456 _____ C:\Users\UpdatusUser\Desktop\Amazon.lnk
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Helper
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\DesktopIconForAmazon
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\ProgramData\DNSErrorHelper
2013-11-11 12:46 - 2013-11-11 12:46 - 00000000 ___DC C:\Program Files\Wise
2013-11-11 12:45 - 2013-11-11 12:45 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\OCS
2013-11-11 12:45 - 2013-03-21 00:07 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Opera
2013-11-11 12:27 - 2012-04-27 18:38 - 00000000 ___DC C:\Program Files\McAfee
2013-11-10 21:13 - 2013-10-31 00:14 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\AllDup
2013-11-07 19:00 - 2013-10-30 12:24 - 00000000 ___DC C:\Program Files\Flash Player Pro
2013-11-07 18:59 - 2012-04-27 18:11 - 00001701 ____C C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-04 21:10 - 2013-11-04 21:10 - 00016384 ____C C:\Users\Paddy\Desktop\Laura.xls
2013-11-04 21:10 - 2013-09-21 20:00 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-04 20:56 - 2012-04-27 19:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-04 18:18 - 2013-08-28 17:13 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-437763861-1864287327-3057929401-1000UA.job
2013-11-04 18:18 - 2013-08-28 17:13 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-437763861-1864287327-3057929401-1000Core.job
2013-11-04 17:21 - 2013-11-04 17:21 - 00001678 ____C C:\Users\Paddy\Desktop\Shaiya-DE.lnk
2013-11-04 17:20 - 2013-11-04 17:20 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portal of Etain
2013-11-04 17:20 - 2013-11-04 17:20 - 00000000 ___DC C:\Program Files\Overwolf
2013-11-04 17:20 - 2013-11-04 17:20 - 00000000 ___DC C:\Program Files\Common Files\Overwolf
2013-11-04 17:06 - 2013-01-10 13:09 - 00000000 ___DC C:\AeriaGames
2013-11-04 17:06 - 2012-05-26 20:59 - 00000000 _SHDC C:\AI_RecycleBin
2013-11-04 17:06 - 2012-05-04 20:55 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2013-11-04 16:50 - 2013-10-19 01:37 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Fighters
2013-11-04 16:50 - 2013-10-19 01:35 - 00000000 ___DC C:\ProgramData\Fighters
2013-11-04 16:46 - 2012-06-22 15:24 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Apps\2.0
2013-11-04 16:45 - 2013-11-04 16:38 - 00000000 ___DC C:\Program Files\Free Window Registry Repair
2013-11-04 16:38 - 2013-11-04 16:38 - 00001001 _____ C:\Users\UpdatusUser\Desktop\Free Window Registry Repair.lnk
2013-11-04 16:38 - 2013-11-04 16:38 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
2013-11-04 15:37 - 2013-09-17 09:04 - 00000000 ___DC C:\Program Files\SoftwareUpdater
2013-11-04 15:31 - 2013-09-21 20:00 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-04 15:31 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-03 21:02 - 2013-11-03 21:02 - 00016304 ____N C:\Windows\system32\apl003.sys
2013-11-03 21:02 - 2013-11-03 21:02 - 00013232 ____N C:\Windows\system32\apf003.sys
2013-11-03 20:42 - 2012-08-04 22:51 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-11-03 20:42 - 2012-05-17 15:40 - 00000000 ____D C:\Windows\system32\directx
2013-11-03 20:39 - 2013-11-03 20:39 - 00000000 ___DC C:\Program Files\Aeria Games
2013-11-02 14:27 - 2012-08-16 18:22 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Unity
2013-11-02 00:53 - 2012-04-28 16:59 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\vlc
2013-11-02 00:13 - 2013-10-21 20:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\IMVU
2013-11-01 20:22 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\security
2013-11-01 00:37 - 2012-12-01 12:50 - 00000000 ___DC C:\ProgramData\CanonIJPLM
2013-10-31 21:51 - 2012-05-16 20:37 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-10-31 21:49 - 2012-05-04 20:43 - 00000000 ___DC C:\Users\Paddy\AppData\Local\RapidSolution
2013-10-31 21:36 - 2013-03-16 15:31 - 00000000 ___DC C:\Users\Paddy\Desktop\Musik
2013-10-31 21:36 - 2012-05-04 23:28 - 00000000 ____D C:\Users\Paddy\Documents\FFOutput
2013-10-31 20:17 - 2013-10-19 01:38 - 00000000 ___DC C:\ProgramData\clp
2013-10-31 02:26 - 2013-03-10 17:14 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Skype
2013-10-31 00:16 - 2013-10-31 00:14 - 00000000 ___DC C:\ProgramData\AllDup
2013-10-31 00:16 - 2013-10-31 00:14 - 00000000 ___DC C:\Program Files\AllDup
2013-10-30 12:24 - 2013-10-30 12:24 - 00000000 ____D C:\Users\Paddy\Documents\Flash Player Pro
2013-10-30 12:13 - 2013-11-12 01:07 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\system32\Redemption.dll
2013-10-30 12:07 - 2013-10-30 12:07 - 00330240 _____ ((주)마크애니) C:\Windows\MASetupCaller.dll
2013-10-30 12:07 - 2013-10-30 12:07 - 00090112 _____ ((주)마크애니) C:\Windows\MAMCityDownload.ocx
2013-10-30 12:07 - 2013-10-30 12:07 - 00030568 _____ () C:\Windows\MusiccityDownload.exe
2013-10-30 12:06 - 2013-11-12 01:07 - 00821824 _____ (Devguru Co., Ltd.) C:\Windows\system32\dgderapi.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00974848 _____ C:\Windows\system32\cis-2.4.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00569344 _____ ((c) MusicCity) C:\Windows\system32\muzdecode.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00491520 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzapp.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00352256 _____ (Sample Corporation) C:\Windows\system32\MSLUR71.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00258048 _____ ((c) PeeringPortal) C:\Windows\system32\muzoggsp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00245760 _____ (Teruten Inc.) C:\Windows\system32\MSCLib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00200704 _____ ( (c) MusicCity) C:\Windows\system32\muzwmts.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00172032 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzapp.exe
2013-10-30 12:06 - 2013-10-30 12:06 - 00155648 _____ (Teruten Inc.) C:\Windows\system32\MSFLib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00143360 _____ C:\Windows\system32\3DAudio.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00135168 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzaf1.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00131072 _____ ((c) MusicCity) C:\Windows\system32\muzmpgsp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00122880 _____ ((c) MUSICCITY) C:\Windows\system32\muzeffect.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00118784 _____ ((주)마크애니) C:\Windows\system32\MaDRM.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00110592 _____ ((c) MusicCity) C:\Windows\system32\muzmp4sp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00081920 _____ C:\Windows\system32\issacapi_bs-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00065536 _____ C:\Windows\system32\issacapi_pe-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ C:\Windows\system32\issacapi_se-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ (Marktek) C:\Windows\system32\MK_Lyric.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ (Marktek Inc.) C:\Windows\system32\MTXSYNCICON.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00049152 _____ ((주) 마크애니) C:\Windows\system32\MaJGUILib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045320 _____ (MARKANY) C:\Windows\system32\MAMACExtract.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045056 _____ ((주) 마크애니) C:\Windows\system32\MaXMLProto.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045056 _____ ((주) 마크애니) C:\Windows\system32\MACXMLProto.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00040960 _____ (Telechips Inc.,) C:\Windows\system32\MTTELECHIP.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00024576 _____ ((주)마크애니) C:\Windows\system32\MASetupCleaner.exe
2013-10-30 02:45 - 2013-02-23 22:28 - 00000000 ___DC C:\FFOutput
2013-10-30 01:49 - 2013-10-02 01:15 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\okitspace
2013-10-27 23:09 - 2013-03-10 15:14 - 00000000 ___DC C:\Users\Paddy\Desktop\Spiele
2013-10-23 21:43 - 2013-07-11 20:37 - 00000000 ___DC C:\ProgramData\Spybot - Search & Destroy
2013-10-23 21:42 - 2013-10-23 21:42 - 00000079 _____ C:\Windows\wininit.ini
2013-10-23 16:29 - 2013-10-19 00:52 - 00000000 ____D C:\Windows\865537E164904193A4B6669C62711852.TMP
2013-10-22 19:07 - 2013-10-19 13:01 - 00001866 _____ C:\Users\Public\Desktop\Gothic.lnk
2013-10-21 20:26 - 2013-10-21 20:26 - 00001875 ____C C:\Users\Paddy\Desktop\IMVU.lnk
2013-10-21 20:26 - 2013-10-21 20:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU
2013-10-21 20:26 - 2013-10-21 20:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\IMVUClient
2013-10-21 19:06 - 2013-10-21 19:06 - 00000000 ____D C:\Users\Paddy\Documents\ProcAlyzer Dumps
2013-10-21 15:56 - 2013-10-20 00:55 - 00000000 ___DC C:\Program Files\JoWood
2013-10-21 15:36 - 2013-10-21 15:36 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-21 15:36 - 2013-10-21 15:36 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-21 15:36 - 2013-10-21 15:36 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-21 15:36 - 2013-10-21 15:36 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-10-21 15:36 - 2013-10-21 15:36 - 00000000 ___DC C:\ProgramData\Oracle
2013-10-21 15:36 - 2013-10-21 15:36 - 00000000 ___DC C:\Program Files\Java
2013-10-20 10:32 - 2013-10-20 10:32 - 00000000 ____D C:\Users\Paddy\Documents\Gothic3ForsakenGods
2013-10-20 01:04 - 2013-10-20 01:04 - 00000000 ___DC C:\ProgramData\Preventon
2013-10-20 01:00 - 2013-10-20 01:00 - 00001160 _____ C:\Users\Public\Desktop\Gothic 2 Gold Spielen!.lnk
2013-10-19 02:36 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-10-19 01:36 - 2013-10-19 01:36 - 00000000 ___DC C:\ProgramData\Common Toolkit Suite
2013-10-19 01:14 - 2013-09-03 00:41 - 00001609 _____ C:\Users\Public\Desktop\Play League of Legends.lnk
2013-10-19 00:52 - 2013-10-19 00:52 - 00000000 ___DC C:\Program Files\Common Files\Wise Installation Wizard
2013-10-19 00:47 - 2012-04-27 18:11 - 00000000 ___DC C:\Users\Paddy\AppData\Local\VirtualStore
2013-10-19 00:46 - 2013-10-19 00:46 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\net1-wfds
2013-10-19 00:46 - 2013-10-19 00:46 - 00000000 ___DC C:\Program Files\net1-wfds
2013-10-19 00:37 - 2012-06-22 15:24 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Deployment
2013-10-18 12:58 - 2009-07-14 09:57 - 00000000 ____D C:\Windows\ShellNew
2013-10-18 12:58 - 2009-07-14 09:56 - 00000000 ___DC C:\Program Files\Windows Journal
2013-10-18 12:58 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2013-10-18 12:58 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\de
2013-10-18 12:58 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\de-DE
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ___DC C:\Program Files\Windows Sidebar
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ___DC C:\Program Files\Windows Portable Devices
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ___DC C:\Program Files\Windows Photo Viewer
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ___DC C:\Program Files\Windows Defender
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ___DC C:\Program Files\DVD Maker
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\twain_32
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\Offline Web Pages
2013-10-18 12:58 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\addins
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 __RSD C:\Windows\Media
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Public\Libraries
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 __RDC C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 __RDC C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 __RDC C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 __RDC C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ___DC C:\Program Files\Common Files\System
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ___DC C:\Program Files\Common Files\Services
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\TAPI
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\zh-TW
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\zh-HK
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\zh-CN
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\wfp
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\uk-UA
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\tr-TR
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\th-TH
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\sv-SE
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\sr-Latn-CS
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\sl-SI
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\sk-SK
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\ru-RU
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\ro-RO
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\ras
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\pt-PT
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\pt-BR
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\pl-PL
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\nl-NL
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\nb-NO
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\lv-LV
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\lt-LT
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\ko-KR
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\ja-JP
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\it-IT
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\icsxml
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\ias
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\hu-HU
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\hr-HR
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\he-IL
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\fr-FR
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\fi-FI
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\et-EE
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\el-GR
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\com
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\bg-BG
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\ar-SA
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\L2Schemas
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\IME
2013-10-18 12:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Cursors
2013-10-18 12:56 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-10-18 12:56 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\winrm
2013-10-18 12:56 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\WCN
2013-10-18 12:55 - 2012-05-02 10:05 - 00000000 ____D C:\Windows\system32\SPReview
2013-10-18 12:55 - 2012-05-02 10:04 - 00000000 ____D C:\Windows\system32\EventProviders
2013-10-18 12:55 - 2012-04-27 19:15 - 00000000 ____D C:\Windows\system32\Macromed
2013-10-18 12:55 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\slmgr
2013-10-18 12:55 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-10-18 12:55 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\system32\restore
2013-10-18 12:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\spp
2013-10-18 12:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\Speech
2013-10-18 12:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\SMI
2013-10-18 12:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NetworkList
2013-10-18 12:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\MUI
2013-10-18 12:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\Msdtc
2013-10-18 12:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\IME
2013-10-18 12:54 - 2013-10-15 21:37 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2013-10-18 12:54 - 2013-08-28 17:13 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2013-10-18 12:54 - 2013-06-24 17:25 - 00000000 ____D C:\Windows\de
2013-10-18 12:54 - 2013-06-20 12:31 - 00000000 ___DC C:\Users\Paddy\Desktop\Baphometsfluch 2
2013-10-18 12:54 - 2013-06-19 20:57 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\ScummVM
2013-10-18 12:54 - 2013-06-01 18:44 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2013-10-18 12:54 - 2013-05-17 23:39 - 00000000 ___DC C:\Users\Paddy\Desktop\Chat
2013-10-18 12:54 - 2013-05-12 15:23 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Die Polizei 2013
2013-10-18 12:54 - 2013-05-12 15:10 - 00000000 ____D C:\Users\Paddy\Documents\UK Truck Simulator
2013-10-18 12:54 - 2013-03-31 16:11 - 00000000 ____D C:\Users\Paddy\Documents\18 WoS Extreme Trucker
2013-10-18 12:54 - 2013-03-30 16:57 - 00000000 ____D C:\Users\Paddy\Documents\Dungeon Siege
2013-10-18 12:54 - 2013-02-24 20:56 - 00000000 ____D C:\Users\Paddy\Documents\Euro Truck Simulator 2
2013-10-18 12:54 - 2013-01-20 13:26 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-10-18 12:54 - 2012-11-24 00:35 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\OpenCandy
2013-10-18 12:54 - 2012-11-23 21:15 - 00000000 ____D C:\Users\Paddy\Documents\Euro Truck Simulator
2013-10-18 12:54 - 2012-10-31 21:10 - 00000000 ____D C:\Users\Paddy\Documents\German Truck Simulator
2013-10-18 12:54 - 2012-09-22 15:00 - 00000000 ____D C:\Windows\pss
2013-10-18 12:54 - 2012-09-13 17:01 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\XXXDownloader
2013-10-18 12:54 - 2012-08-15 17:44 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2013-10-18 12:54 - 2012-07-12 20:42 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-18 12:54 - 2012-07-12 20:42 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-18 12:54 - 2012-06-23 16:16 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Mozilla
2013-10-18 12:54 - 2012-04-30 21:05 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Youtube Downloader HD
2013-10-18 12:54 - 2012-04-27 20:07 - 00000000 ___HD C:\Users\Paddy\Documents\Runes of Magic
2013-10-18 12:54 - 2012-04-27 18:39 - 00000000 __RSD C:\Users\Paddy\Documents\McAfee-Depots
2013-10-18 12:54 - 2012-04-27 18:11 - 00000000 __RDC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-18 12:54 - 2012-04-27 18:11 - 00000000 __RDC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-18 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Speech
2013-10-18 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\schemas
2013-10-18 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Resources
2013-10-18 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\PLA
2013-10-18 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Help
2013-10-18 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Globalization
2013-10-18 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Branding
2013-10-18 12:53 - 2013-09-03 00:41 - 00000000 ___DC C:\Riot Games
2013-10-18 12:53 - 2013-07-26 15:56 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Temp3a72a5afdf6945ddef865b2e9ccf6174
2013-10-18 12:53 - 2013-06-24 17:23 - 00000000 ___DC C:\Program Files\Windows Live
2013-10-18 12:53 - 2013-06-19 20:57 - 00000000 ___DC C:\Program Files\ScummVM
2013-10-18 12:53 - 2013-06-13 22:59 - 00000000 ___DC C:\Program Files\Microsoft Silverlight
2013-10-18 12:53 - 2013-06-01 18:44 - 00000000 ___DC C:\Users\Paddy\AppData\Local\TeamSpeak 3 Client
2013-10-18 12:53 - 2013-05-18 17:57 - 00000000 ___DC C:\Program Files\TheKlub17
2013-10-18 12:53 - 2013-05-12 15:09 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\GoforFiles
2013-10-18 12:53 - 2013-04-29 11:25 - 00000000 ___DC C:\Program Files\DVDVideoSoft
2013-10-18 12:53 - 2013-03-30 15:41 - 00000000 ___DC C:\ProgramData\DAEMON Tools Lite
2013-10-18 12:53 - 2013-03-29 20:25 - 00000000 ___DC C:\Program Files\Malwarebytes' Anti-Malware
2013-10-18 12:53 - 2013-03-10 17:14 - 00000000 __RDC C:\Program Files\Skype
2013-10-18 12:53 - 2013-03-02 14:21 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\DVDVideoSoft
2013-10-18 12:53 - 2013-01-10 13:09 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Akamai
2013-10-18 12:53 - 2013-01-09 20:07 - 00000000 ___DC C:\Program Files\Visions
2013-10-18 12:53 - 2013-01-09 16:15 - 00000000 __HDC C:\ProgramData\CanonIJEGV
2013-10-18 12:53 - 2013-01-03 21:03 - 00000000 ___DC C:\Program Files\TeamSpeak 3 Client
2013-10-18 12:53 - 2012-12-29 14:36 - 00000000 ___DC C:\ProgramData\Ulead Systems
2013-10-18 12:53 - 2012-12-08 20:40 - 00000000 ___DC C:\Program Files\Mozilla Firefox
2013-10-18 12:53 - 2012-12-02 14:14 - 00000000 ___DC C:\ProgramData\PWD
2013-10-18 12:53 - 2012-12-01 12:50 - 00000000 __HDC C:\ProgramData\CanonIJScan
2013-10-18 12:53 - 2012-12-01 12:50 - 00000000 ___DC C:\ProgramData\CanonIJ
2013-10-18 12:53 - 2012-11-24 20:06 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Cuttermaran
2013-10-18 12:53 - 2012-11-24 19:51 - 00000000 ___DC C:\ProgramData\Microsoft SkyDrive
2013-10-18 12:53 - 2012-11-24 19:51 - 00000000 ___DC C:\Program Files\Microsoft SkyDrive
2013-10-18 12:53 - 2012-11-24 00:00 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\KastorAllVideoDownloader
2013-10-18 12:53 - 2012-11-23 14:49 - 00000000 ___DC C:\Program Files\Steam
2013-10-18 12:53 - 2012-11-16 17:50 - 00000000 ___DC C:\Program Files\GameforgeLive
2013-10-18 12:53 - 2012-10-01 23:11 - 00000000 ___DC C:\Program Files\WinPcap
2013-10-18 12:53 - 2012-10-01 22:54 - 00000000 ___DC C:\Users\Paddy\AppData\Local\DownTango
2013-10-18 12:53 - 2012-09-07 16:18 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\eType
2013-10-18 12:53 - 2012-08-14 18:47 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\dvdcss
2013-10-18 12:53 - 2012-07-12 20:41 - 00000000 ___DC C:\ProgramData\NVIDIA Corporation
2013-10-18 12:53 - 2012-07-12 20:40 - 00000000 ___DC C:\Program Files\NVIDIA Corporation
2013-10-18 12:53 - 2012-06-03 16:18 - 00000000 ___DC C:\ProgramData\PMB Files
2013-10-18 12:53 - 2012-05-11 17:59 - 00000000 ___DC C:\Program Files\Freemium
2013-10-18 12:53 - 2012-04-30 21:20 - 00000000 ___DC C:\Program Files\SystemStore
2013-10-18 12:53 - 2012-04-28 17:56 - 00000000 ___DC C:\Users\Paddy\AppData\Local\IM
2013-10-18 12:53 - 2012-04-27 19:44 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Conduit
2013-10-18 12:53 - 2012-04-27 19:18 - 00000000 ___DC C:\Program Files\WinRAR
2013-10-18 12:53 - 2012-04-27 19:09 - 00000000 ___DC C:\Program Files\Microsoft.NET
2013-10-18 12:53 - 2012-04-27 19:09 - 00000000 ___DC C:\Program Files\Microsoft Office
2013-10-18 12:53 - 2012-04-27 19:01 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Hama Web
2013-10-18 12:53 - 2012-04-27 18:32 - 00000000 ___DC C:\ProgramData\McAfee
2013-10-18 12:53 - 2009-07-14 05:52 - 00000000 ___DC C:\Program Files\Microsoft Games
2013-10-18 12:53 - 2009-07-14 03:37 - 00000000 ___DC C:\Program Files\Windows NT
2013-10-18 12:52 - 2013-05-10 15:14 - 00000000 ___DC C:\Program Files\Common Files\Skype
2013-10-18 12:52 - 2013-04-29 11:25 - 00000000 ___DC C:\Program Files\Common Files\DVDVideoSoft
2013-10-18 12:52 - 2013-03-23 22:18 - 00000000 ___DC C:\Program Files\Common Files\PocketSoft
2013-10-18 12:52 - 2013-02-04 17:46 - 00000000 ___DC C:\Program Files\Adobe Download Assistant
2013-10-18 12:52 - 2012-11-30 15:32 - 00000000 ___DC C:\Program Files\Canon
2013-10-18 12:52 - 2012-11-23 14:49 - 00000000 ___DC C:\Program Files\Common Files\Steam
2013-10-18 12:52 - 2012-09-13 20:24 - 00000000 ___DC C:\Program Files\CCleaner
2013-10-18 12:52 - 2012-07-09 13:14 - 00000000 ___DC C:\Program Files\Common Files\PX Storage Engine
2013-10-18 12:52 - 2012-07-09 13:13 - 00000000 ___DC C:\Program Files\DivX
2013-10-18 12:52 - 2012-07-06 19:51 - 00000000 ___DC C:\Program Files\Common Files\SWF Studio
2013-10-18 12:52 - 2012-06-22 09:43 - 00000000 ___DC C:\Program Files\Common Files\Blizzard Entertainment
2013-10-18 12:52 - 2012-04-30 22:04 - 00000000 ___DC C:\ab3e352107b70ccdc8f63da9
2013-10-18 12:52 - 2012-04-29 22:30 - 00000000 ___DC C:\Program Files\Common Files\InstallShield
2013-10-18 12:52 - 2012-04-27 19:10 - 00000000 ___DC C:\Program Files\Common Files\DESIGNER
2013-10-18 12:52 - 2012-04-27 18:38 - 00000000 ___DC C:\Program Files\Common Files\Mcafee
2013-10-18 12:52 - 2009-07-14 03:37 - 00000000 ___DC C:\Program Files\Common Files\microsoft shared
2013-10-18 12:50 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2013-10-18 12:26 - 2013-03-10 17:14 - 00000000 ___DC C:\ProgramData\Skype
2013-10-18 12:08 - 2013-03-23 22:15 - 00000000 ___DC C:\Program Files\Atari
2013-10-18 12:05 - 2012-04-27 18:11 - 00000000 ___DC C:\Users\Paddy
2013-10-18 01:19 - 2012-10-03 14:49 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Malwarebytes
 
Files to move or delete:
====================
C:\Users\Paddy\AppData\Roaming\skype.ini
C:\ProgramData\dsgsdgdsgdsgw.pad
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-10-31 11:04
 
==================== End Of Log ============================

--- --- ---

schrauber · 16.11.2013, 12:08

dann jetzt Combofix

Sakurako137 · 16.11.2013, 14:23

Da gibt es nur ein Problem und zwar habe ich mcaffee und keine Ahnung wie man das ausstellt!

schrauber · 17.11.2013, 06:56

Deinstallier es und installier es nachher wieder.

16.11.2013, 12:08	#5
schrauber /// the machine /// TB-Ausbilder	Viren oder Trojaner dann jetzt Combofix __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

17.11.2013, 06:56	#7
schrauber /// the machine /// TB-Ausbilder	Viren oder Trojaner Deinstallier es und installier es nachher wieder. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Viren oder Trojaner

Plagegeister aller Art und deren Bekämpfung: Viren oder Trojaner