Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Posadi17.com werde ich nicht los

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 30.05.2014, 18:33   #1
pigman22
 
Posadi17.com werde ich nicht los - Standard

Posadi17.com werde ich nicht los



Hallo liebe Leute von Trojaner-Board ich habe folgendes Problem: Seit ein paar Tagen habe ich das Programm Posadi17 im Hintegrund laufen und ich kann es nicht schließen. Dieses Programm schickt mir werbung und verlangsamt meinen PC. Ich bitte um Hilfe und genaue Anweisungen weil ich mich leider mit PCs nicht wirklich auskenne.

Ich danke jetzt schon für jede Hilfe,

Tobias

Alt 30.05.2014, 21:03   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Posadi17.com werde ich nicht los - Standard

Posadi17.com werde ich nicht los



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 31.05.2014, 11:57   #3
pigman22
 
Posadi17.com werde ich nicht los - Standard

Posadi17.com werde ich nicht los



Das ist die FRST


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-05-2014
Ran by Tobias Pomper (administrator) on TOBIASPOMPER-PC on 31-05-2014 11:05:18
Running from C:\Users\Tobias Pomper\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Users\Tobias Pomper\AppData\Roaming\InetStat\inetstat.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(The Privoxy team - www.privoxy.org) C:\Program Files (x86)\MSR\Privoxy\privoxy.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(TeamSpeak Systems GmbH) C:\Users\Tobias Pomper\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(The Creative Assembly Ltd) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\Rome2.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
() C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\awesomium_process.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-08-09] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-01] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1801168 2014-03-26] (APN)
HKLM-x32\...\Run: [Registry Helper] => "C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe" /boot
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-25] (AVAST Software)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2014-04-13] (Microsoft Corporation)
HKU\S-1-5-21-3028036482-113387386-2930249891-1000\...\Run: [InetStat] => C:\Users\Tobias Pomper\AppData\Roaming\InetStat\inetstat.exe [1259488 2014-05-24] ()
HKU\S-1-5-21-3028036482-113387386-2930249891-1000\...\MountPoints2: {09c702fd-c101-11e3-a099-806e6f6e6963} - D:\Run.exe
HKU\S-1-5-21-3028036482-113387386-2930249891-1000\...\MountPoints2: {d4bb26ab-c142-11e3-96f6-806e6f6e6963} - D:\launcher.exe
AppInit_DLLs-x32: c:\progra~2\suppor~1\suppor~1.dll => "c:\progra~2\suppor~1\suppor~1.dll" File Not Found

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.search.ask.com/?tpid=ORJ-V7C&o=APN11406&pf=V7&trgb=IE&p2=%5EBBE%5EOSJ000%5EYY%5EAT&gct=hp&apn_ptnrs=BBE&apn_dtid=%5EOSJ000%5EYY%5EAT&apn_dbr=ie_11.0.9600.17041&apn_uid=8F6A873B-11FD-496A-9E46-361ADCE6E1CB&itbv=12.10.6.48&doi=2014-05-21&psv=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB4D039808D55CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1400432407&from=slbnew&uid=SAMSUNGXHD501LJ_S0MUJ1KP202051
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400432407&from=slbnew&uid=SAMSUNGXHD501LJ_S0MUJ1KP202051&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1400432407&from=slbnew&uid=SAMSUNGXHD501LJ_S0MUJ1KP202051
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1400432407&from=slbnew&uid=SAMSUNGXHD501LJ_S0MUJ1KP202051
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1400432407&from=slbnew&uid=SAMSUNGXHD501LJ_S0MUJ1KP202051&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400432407&from=slbnew&uid=SAMSUNGXHD501LJ_S0MUJ1KP202051&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1400432407&from=slbnew&uid=SAMSUNGXHD501LJ_S0MUJ1KP202051
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1400432407&from=slbnew&uid=SAMSUNGXHD501LJ_S0MUJ1KP202051
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1400432407&from=slbnew&uid=SAMSUNGXHD501LJ_S0MUJ1KP202051&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1400432407&from=slbnew&uid=SAMSUNGXHD501LJ_S0MUJ1KP202051
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400432407&from=slbnew&uid=SAMSUNGXHD501LJ_S0MUJ1KP202051&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400432407&from=slbnew&uid=SAMSUNGXHD501LJ_S0MUJ1KP202051&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400432407&from=slbnew&uid=SAMSUNGXHD501LJ_S0MUJ1KP202051&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400432407&from=slbnew&uid=SAMSUNGXHD501LJ_S0MUJ1KP202051&q={searchTerms}
SearchScopes: HKCU - {207B15DB-9FE5-451B-A7D8-29F1DC24C67E} URL = hxxp://www.search.ask.com/web?tpid=ORJ-V7C&o=APN11406&pf=V7&p2=%5EBBE%5EOSJ000%5EYY%5EAT&gct=&itbv=12.10.6.48&apn_uid=8F6A873B-11FD-496A-9E46-361ADCE6E1CB&apn_ptnrs=BBE&apn_dtid=%5EOSJ000%5EYY%5EAT&apn_dbr=ie_11.0.9600.17041&doi=2014-05-21&trgb=IE&q={searchTerms}&psv=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400432407&from=slbnew&uid=SAMSUNGXHD501LJ_S0MUJ1KP202051&q={searchTerms}
BHO: Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll (APN LLC.)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll (APN LLC.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF [2014-05-25]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ []

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://istart.webssearches.com/?type=hppp&ts=1401044390&from=slbnew&uid=SAMSUNGXHD501LJ_S0MUJ1KP202051"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\gcswf32.dll No File
CHR Plugin: (Norton Confidential) - C:\Users\Tobias Pomper\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.0.0.72_0\npcoplgn.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Extension: (Avira Browser Safety) - C:\Users\Tobias Pomper\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-05-25]
CHR Extension: (SmallringFX DarkBlue Theme) - C:\Users\Tobias Pomper\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfijmgohofmpjlcgmjplbpmkpchdhpk [2014-05-25]
CHR Extension: (Google Wallet) - C:\Users\Tobias Pomper\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\Exts\Chrome.crx [2014-05-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-25]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-03-26] (APN LLC.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-25] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-04-13] ()
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-01] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-01] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-01] (BlueStack Systems, Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-22] ()
R2 SystemUpdatekb70007; C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe [18944 2014-05-08] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [549008 2014-05-12] (Cherished Technololgy LIMITED)
S2 Update webget; "C:\Program Files (x86)\webget\updatewebget.exe" [X]

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-25] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-01] (BlueStack Systems)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1405000.01C\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-05-24] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-05-24] (Symantec Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-04-11] ()
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140530.001\IDSvia64.sys [525016 2014-05-23] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140530.017\ENG64.SYS [126040 2014-05-24] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140530.017\EX64.SYS [2099288 2014-05-24] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1405000.01C\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1405000.01C\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1405000.01C\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1405000.01C\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2014-04-11] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1405000.01C\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1405000.01C\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [231112 2013-01-03] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [301256 2013-01-03] (VIA Technologies, Inc.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-31 11:05 - 2014-05-31 11:05 - 00022846 _____ () C:\Users\Tobias Pomper\Downloads\FRST.txt
2014-05-31 11:05 - 2014-05-31 11:05 - 00000000 ____D () C:\FRST
2014-05-31 11:04 - 2014-05-31 11:04 - 02066944 _____ (Farbar) C:\Users\Tobias Pomper\Downloads\FRST64.exe
2014-05-30 18:06 - 2014-05-30 18:06 - 00720896 _____ () C:\Users\Tobias Pomper\Downloads\SDM_DE.msi
2014-05-30 17:21 - 2014-05-30 17:21 - 04892480 _____ (WinZip International LLC ) C:\Users\Tobias Pomper\Downloads\wzmp_8.exe
2014-05-27 19:30 - 2014-05-27 19:36 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-27 19:28 - 2014-05-27 19:29 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tobias Pomper\Downloads\revosetup95.exe
2014-05-26 18:57 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-26 18:57 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-05-26 01:28 - 2014-05-26 01:28 - 00003096 _____ () C:\{7CDF8E62-53B7-4CDD-A435-A6F5D96C710F}
2014-05-25 22:40 - 2014-05-25 22:40 - 00002184 _____ () C:\{CA8847FC-8664-40B7-8B83-EED31ECD73C4}
2014-05-25 20:04 - 2014-05-25 20:05 - 28033792 _____ (NVIDIA Corporation) C:\Users\Tobias Pomper\Downloads\GeForce_Experience_v2.0.1.0.exe
2014-05-25 18:21 - 2014-05-25 18:22 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\DropboxMaster
2014-05-25 18:21 - 2014-05-25 18:21 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-25 18:19 - 2014-05-25 18:22 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\Dropbox
2014-05-25 18:09 - 2014-05-25 18:09 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\AVAST Software
2014-05-25 18:03 - 2014-05-25 18:03 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-25 18:03 - 2014-05-25 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-05-25 18:02 - 2014-05-31 10:59 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-25 18:00 - 2014-05-25 18:03 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-25 18:00 - 2014-05-25 18:03 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-25 18:00 - 2014-05-25 18:03 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-25 18:00 - 2014-05-25 17:59 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1401033815049
2014-05-25 18:00 - 2014-05-25 17:59 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1401033815049
2014-05-25 18:00 - 2014-05-25 17:59 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-25 18:00 - 2014-05-25 17:59 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-25 18:00 - 2014-05-25 17:59 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-25 18:00 - 2014-05-25 17:59 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-25 18:00 - 2014-05-25 17:59 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-25 18:00 - 2014-05-25 17:59 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-25 17:59 - 2014-05-25 17:59 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-25 17:58 - 2014-05-25 17:58 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-25 17:57 - 2014-05-25 17:57 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-05-25 17:56 - 2014-05-25 17:57 - 94714880 _____ (AVAST Software) C:\Users\Tobias Pomper\Downloads\avast_free_antivirus_setup_21514.exe
2014-05-25 17:09 - 2014-05-25 17:09 - 00000000 _____ () C:\autoexec.bat
2014-05-25 17:08 - 2014-05-25 17:09 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-05-25 17:08 - 2014-05-25 17:08 - 00001162 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-05-25 17:08 - 2014-05-25 17:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-25 17:08 - 2014-05-25 17:08 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-05-25 17:07 - 2014-05-25 18:06 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-05-25 17:06 - 2014-05-25 17:06 - 07401104 _____ (TeamViewer GmbH) C:\Users\Tobias Pomper\Downloads\TeamViewer_9.0.28223.exe
2014-05-25 17:03 - 2014-05-25 17:03 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Tobias Pomper\Downloads\SpyHunter-Installer.exe
2014-05-25 16:57 - 2014-05-25 16:57 - 00000000 ____D () C:\ProgramData\Systweak
2014-05-25 16:26 - 2014-05-25 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-25 16:26 - 2014-05-25 16:26 - 00000000 ____D () C:\ProgramData\Avira
2014-05-25 16:26 - 2014-05-25 16:26 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-25 16:25 - 2014-05-30 17:53 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\Nico Mak Computing
2014-05-25 16:24 - 2014-05-25 16:48 - 00000000 ____D () C:\Program Files (x86)\WinZip Registry Optimizer
2014-05-25 16:24 - 2014-05-25 16:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Registry Optimizer
2014-05-25 16:16 - 2014-05-25 16:16 - 00000184 _____ () C:\Users\Tobias Pomper\Downloads\100294661420 (1).sdx
2014-05-25 14:14 - 2014-05-25 16:33 - 3100693178 _____ () C:\Users\Tobias Pomper\Downloads\German_Windows_7_Ultimate_SP1_W64_X17-59455.sdc
2014-05-25 14:13 - 2014-05-25 16:33 - 00043850 _____ () C:\Users\Tobias Pomper\Downloads\SecureDownloadManager.log
2014-05-25 14:13 - 2014-05-25 14:13 - 00000184 _____ () C:\Users\Tobias Pomper\Downloads\100294661420.sdx
2014-05-25 14:13 - 2014-05-25 14:13 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\e-academy Inc
2014-05-25 14:13 - 2014-05-25 14:13 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\e-academy Inc
2014-05-24 15:45 - 2014-05-24 15:45 - 18816968 _____ (Bitberry Software ) C:\Users\Tobias Pomper\Downloads\FreeFileViewerSetup [1].exe
2014-05-24 15:45 - 2014-05-24 15:45 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\WorldofTanks
2014-05-24 15:45 - 2014-05-24 15:45 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\WorldofTanks
2014-05-24 15:44 - 2014-05-31 07:58 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-05-24 15:44 - 2014-05-30 15:01 - 00000292 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-05-24 15:44 - 2014-05-25 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-05-24 15:44 - 2014-05-25 16:54 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-05-24 15:44 - 2014-05-24 15:44 - 00711776 _____ ( ) C:\Users\Tobias Pomper\Downloads\FreeFileViewerSetup.exe
2014-05-24 15:44 - 2014-05-24 15:44 - 00003072 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2014-05-24 15:44 - 2014-05-24 15:44 - 00002916 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2014-05-24 15:44 - 2012-07-25 12:03 - 00016896 _____ () C:\Windows\system32\sasnative64.exe
2014-05-24 15:43 - 2014-05-28 15:43 - 00000300 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-05-24 15:43 - 2014-05-26 18:25 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro
2014-05-24 15:43 - 2014-05-25 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2014-05-24 15:43 - 2014-05-24 15:43 - 04318040 _____ (Systweak Inc ) C:\Users\Tobias Pomper\Downloads\sysrc_trial_25044.exe
2014-05-24 15:38 - 2014-05-26 06:27 - 00000000 ____D () C:\ProgramData\CostMin
2014-05-24 15:38 - 2014-05-25 18:04 - 00000000 ____D () C:\Program Files (x86)\Supporter
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\Torch
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\Packages
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\Comodo
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\Chromatic Browser
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Gast
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Administrator
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\ProgramData\f9d1dd67384e9722
2014-05-24 15:36 - 2014-05-24 15:37 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\Prompt Downloader
2014-05-24 15:36 - 2014-05-24 15:36 - 25819784 _____ (promptdownloader.com) C:\Users\Tobias Pomper\Downloads\PromptDownloader.exe
2014-05-24 15:36 - 2014-05-24 15:36 - 00000000 ____D () C:\ProgramData\Registry Helper
2014-05-24 15:33 - 2014-05-26 06:27 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\3891
2014-05-24 15:33 - 2014-05-25 16:52 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\InetStat
2014-05-24 15:33 - 2014-05-24 15:34 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-05-24 15:27 - 2014-05-24 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-24 15:26 - 2014-05-24 15:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-24 15:25 - 2014-05-24 15:25 - 00000229 _____ () C:\Users\Tobias Pomper\Downloads\CLASH OF CLANS ACTIVATION CODE.txt
2014-05-24 15:24 - 2014-05-24 15:24 - 00349160 _____ () C:\Users\Tobias Pomper\Downloads\MediaPlayerClassic.exe
2014-05-23 23:18 - 2014-05-23 23:18 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\BitTorrent Sync
2014-05-21 19:39 - 2014-05-21 19:39 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2014-05-21 19:39 - 2014-05-21 19:39 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-05-21 19:38 - 2014-05-21 19:38 - 00000000 ____D () C:\ProgramData\APN
2014-05-21 19:37 - 2014-05-23 20:08 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\.minecraft
2014-05-21 19:37 - 2014-05-21 19:37 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-21 19:36 - 2014-05-21 19:36 - 00000000 ____D () C:\ProgramData\Sun
2014-05-21 19:35 - 2014-05-21 19:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-21 19:35 - 2014-05-21 19:34 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-21 19:35 - 2014-05-21 19:34 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-21 19:35 - 2014-05-21 19:34 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-21 19:35 - 2014-05-21 19:34 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-21 19:34 - 2014-05-21 19:34 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-21 19:33 - 2014-05-21 19:33 - 00675988 _____ () C:\Users\Tobias Pomper\Desktop\Minecraft.exe
2014-05-19 19:30 - 2014-05-19 19:30 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\CDWLauncher
2014-05-19 19:25 - 2014-05-19 19:28 - 00000000 ____D () C:\7f92c9e1a2cdf75bbf2ab9440f5bfb2e
2014-05-19 19:03 - 2014-05-19 19:03 - 00000222 _____ () C:\Users\Tobias Pomper\Desktop\Chivalry Medieval Warfare.url
2014-05-19 19:03 - 2014-05-19 19:03 - 00000222 _____ () C:\Users\Tobias Pomper\Desktop\Chivalry Medieval Warfare Beta.url
2014-05-19 18:35 - 2014-05-19 18:36 - 00000222 _____ () C:\Users\Tobias Pomper\Desktop\PlanetSide 2.url
2014-05-18 19:12 - 2014-05-18 19:12 - 08131992 _____ () C:\Users\Tobias Pomper\Downloads\VioVideoConverterSetup (1).exe
2014-05-18 19:12 - 2014-05-18 19:12 - 00000071 _____ () C:\ioVIO.ini
2014-05-18 19:12 - 2014-05-18 19:12 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\TempImages
2014-05-18 19:12 - 2014-05-18 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VioVideoConverter
2014-05-18 19:09 - 2014-05-18 19:09 - 01295295 _____ (Clash of Clans ) C:\Users\Tobias Pomper\Downloads\Clash of Clans Ultimate Hack Tool Android & IOS v.2.3.exe
2014-05-18 19:06 - 2014-05-26 06:58 - 00000000 ____D () C:\ProgramData\IePluginService
2014-05-18 19:06 - 2014-05-18 19:08 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-05-18 19:06 - 2014-05-18 19:06 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\SupTab
2014-05-18 19:06 - 2014-05-18 19:06 - 00000000 ____D () C:\ProgramData\WPM
2014-05-18 19:04 - 2014-05-25 16:52 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\systweak
2014-05-18 19:04 - 2012-12-10 12:01 - 00019896 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-05-18 19:01 - 2014-05-18 19:01 - 00000000 _____ () C:\end
2014-05-18 18:59 - 2014-05-18 18:59 - 00501520 _____ ( apps installer ) C:\Users\Tobias Pomper\Downloads\Clash Of Clans Hack 2014.exe
2014-05-18 18:01 - 2014-05-18 18:01 - 00001825 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-05-18 18:00 - 2014-05-25 16:48 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-05-18 18:00 - 2014-05-18 18:00 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-05-18 18:00 - 2014-05-18 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-05-18 18:00 - 2014-05-18 18:00 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-05-18 17:59 - 2014-05-18 18:06 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-05-18 17:59 - 2014-05-18 17:59 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\Bluestacks
2014-05-18 17:58 - 2014-05-18 17:58 - 00961360 _____ (Chip Digital GmbH) C:\Users\Tobias Pomper\Downloads\BlueStacks App Player - CHIP-Downloader.exe
2014-05-17 20:30 - 2014-05-17 20:30 - 00000000 ____D () C:\Users\Tobias Pomper\Documents\LEGO Interactive
2014-05-17 19:20 - 2014-05-17 19:20 - 00000000 ____D () C:\Program Files (x86)\Firefly Studios
2014-05-17 18:45 - 2014-05-17 18:45 - 00000474 _____ () C:\Windows\eReg.dat
2014-05-17 18:27 - 2014-05-17 18:27 - 00002010 _____ () C:\Users\Public\Desktop\BIONICLE TM.lnk
2014-05-17 18:26 - 2014-05-17 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Interactive
2014-05-17 18:26 - 2014-05-17 18:26 - 00000000 ____D () C:\Program Files (x86)\LEGO Interactive
2014-05-17 03:34 - 2014-05-17 03:34 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-05-17 03:12 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-17 03:12 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-17 03:05 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-17 03:05 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-17 03:05 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-17 03:05 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-17 03:05 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-17 03:05 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 23:26 - 2014-05-16 23:26 - 00000000 ____D () C:\Crash
2014-05-16 19:44 - 2014-05-16 19:44 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\SCE
2014-05-16 19:42 - 2014-05-16 19:42 - 00002558 _____ () C:\Users\Tobias Pomper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2 PSG.lnk
2014-05-16 19:40 - 2014-05-16 19:41 - 23968184 _____ () C:\Users\Tobias Pomper\Downloads\PS2_PSG_setup.exe
2014-05-16 17:47 - 2014-05-25 23:35 - 00013901 _____ () C:\Users\Tobias Pomper\Downloads\Windows+7+Loader+v2.1.1+by+Daz+(x86+&+x64).zip
2014-05-16 17:43 - 2014-05-16 17:43 - 00002702 _____ () C:\Users\Tobias Pomper\Downloads\legitcheck.hta
2014-05-16 16:51 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-16 16:51 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-16 16:51 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-16 16:51 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-16 16:51 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-16 16:51 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-16 16:51 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-16 16:51 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-16 16:51 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-16 16:51 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-16 16:51 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-16 16:51 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-16 16:51 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-16 16:51 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-16 16:51 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-16 16:51 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-16 16:51 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-16 16:51 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-16 16:51 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-16 16:51 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-16 16:51 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-16 16:51 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-16 16:51 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-16 16:51 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-16 16:51 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-16 16:51 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-16 16:51 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-16 16:51 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-16 16:51 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-16 16:51 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-16 16:51 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-16 16:51 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-16 16:51 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-16 16:51 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-16 16:51 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-16 16:51 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-16 16:51 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-16 16:51 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-16 16:51 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-16 16:51 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-16 16:51 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-16 16:50 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-16 16:50 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-10 11:56 - 2014-05-10 11:56 - 690662708 _____ () C:\Users\Tobias Pomper\Downloads\CSS_Content_Addon_(Dec2013) (1).rar
2014-05-10 11:44 - 2014-05-10 11:45 - 65812970 _____ () C:\Users\Tobias Pomper\Downloads\Slender_v0_9_7.zip
2014-05-10 11:42 - 2014-05-10 11:46 - 96987764 _____ () C:\Users\Tobias Pomper\Downloads\Vanish_a0.2a.zip
2014-05-10 11:37 - 2014-05-10 11:37 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-05-08 21:43 - 2014-05-08 21:43 - 00000221 _____ () C:\Users\Tobias Pomper\Desktop\Rising StormRed Orchestra 2 Multiplayer.url
2014-05-08 03:00 - 2014-05-18 08:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-04 11:03 - 2014-05-04 11:03 - 00000700 _____ () C:\Users\Tobias Pomper\Desktop\Empire Total War - Verknüpfung.lnk
2014-05-03 16:41 - 2014-05-10 19:45 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\NVIDIA
2014-05-03 15:37 - 2014-05-03 15:37 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\WarThunder
2014-05-03 15:37 - 2014-05-03 15:37 - 00000000 ____D () C:\ProgramData\WarThunder
2014-05-03 15:36 - 2014-05-19 19:30 - 00000000 ____D () C:\Users\Tobias Pomper\Documents\My Games
2014-05-03 15:36 - 2014-05-17 16:42 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-05-03 15:36 - 2014-05-03 15:36 - 00001101 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-05-03 15:36 - 2014-05-03 15:36 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-05-03 15:35 - 2014-05-03 15:36 - 04131040 _____ (Gaijin Entertainment ) C:\Users\Tobias Pomper\Downloads\wt_launcher_1.0.1.355.exe
2014-05-03 15:31 - 2014-05-03 15:31 - 00000222 _____ () C:\Users\Tobias Pomper\Desktop\Total War ROME II.url
2014-05-02 17:56 - 2014-05-02 17:56 - 00000000 ____D () C:\ProgramData\Bohemia Interactive Studio
2014-05-02 10:35 - 2014-05-02 10:35 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\StunlockStudios
2014-05-02 10:33 - 2014-05-02 17:59 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\ArmA 2 OA
2014-05-02 10:18 - 2014-05-02 10:18 - 00000222 _____ () C:\Users\Tobias Pomper\Desktop\Dead Island Epidemic.url
2014-05-02 10:18 - 2014-05-02 10:18 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\DayZCommander
2014-05-02 10:17 - 2014-05-02 10:17 - 00001336 _____ () C:\Users\Public\Desktop\DayZ Commander.lnk
2014-05-02 10:17 - 2014-05-02 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dotjosh Studios
2014-05-02 10:17 - 2014-05-02 10:17 - 00000000 ____D () C:\Program Files (x86)\Dotjosh Studios
2014-05-02 10:16 - 2014-05-02 10:16 - 02945024 _____ () C:\Users\Tobias Pomper\Downloads\Dotjosh.DayZCommander.Installer.msi
2014-05-02 10:10 - 2014-05-23 21:20 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\ArmA 2
2014-05-02 10:10 - 2014-05-22 18:33 - 00000000 ____D () C:\Users\Tobias Pomper\Documents\ArmA 2
2014-05-02 10:10 - 2014-05-02 10:34 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-05-02 10:10 - 2014-05-02 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-05-02 09:38 - 2014-05-02 09:38 - 00000221 _____ () C:\Users\Tobias Pomper\Desktop\Arma 2.url
2014-05-01 23:23 - 2014-05-01 23:23 - 00000000 __SHD () C:\Users\Tobias Pomper\AppData\Local\EmieUserList
2014-05-01 23:23 - 2014-05-01 23:23 - 00000000 __SHD () C:\Users\Tobias Pomper\AppData\Local\EmieSiteList
2014-05-01 16:20 - 2014-05-01 16:20 - 00002230 _____ () C:\Users\Public\Desktop\Barbarian Invasion.lnk
2014-05-01 16:20 - 2014-05-01 16:20 - 00002207 _____ () C:\Users\Public\Desktop\Rome - Total War.lnk
2014-05-01 16:20 - 2014-05-01 16:20 - 00000996 _____ () C:\Users\Tobias Pomper\Desktop\GameSpy Arcade.lnk
2014-05-01 16:20 - 2014-05-01 16:20 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-05-01 16:00 - 2014-05-25 16:54 - 00000000 ____D () C:\Program Files (x86)\GameSpy Arcade
2014-05-01 16:00 - 2014-05-25 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2014-05-01 15:55 - 2014-05-01 15:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total War

==================== One Month Modified Files and Folders =======

2014-05-31 11:05 - 2014-05-31 11:05 - 00022846 _____ () C:\Users\Tobias Pomper\Downloads\FRST.txt
2014-05-31 11:05 - 2014-05-31 11:05 - 00000000 ____D () C:\FRST
2014-05-31 11:05 - 2014-04-10 18:55 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\Temp
2014-05-31 11:04 - 2014-05-31 11:04 - 02066944 _____ (Farbar) C:\Users\Tobias Pomper\Downloads\FRST64.exe
2014-05-31 10:59 - 2014-05-25 18:02 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-31 10:59 - 2014-04-10 18:58 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-31 10:19 - 2009-07-14 06:45 - 00018912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-31 10:19 - 2009-07-14 06:45 - 00018912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-31 08:05 - 2014-04-11 17:58 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-31 07:58 - 2014-05-24 15:44 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-05-31 07:57 - 2014-04-11 21:55 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\TS3Client
2014-05-31 07:53 - 2009-07-14 06:51 - 00031894 _____ () C:\Windows\setupact.log
2014-05-31 07:51 - 2014-04-11 18:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-31 07:51 - 2014-04-10 18:58 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-31 07:51 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-30 18:49 - 2014-04-11 00:43 - 01712959 _____ () C:\Windows\WindowsUpdate.log
2014-05-30 18:06 - 2014-05-30 18:06 - 00720896 _____ () C:\Users\Tobias Pomper\Downloads\SDM_DE.msi
2014-05-30 17:53 - 2014-05-25 16:25 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\Nico Mak Computing
2014-05-30 17:21 - 2014-05-30 17:21 - 04892480 _____ (WinZip International LLC ) C:\Users\Tobias Pomper\Downloads\wzmp_8.exe
2014-05-30 15:01 - 2014-05-24 15:44 - 00000292 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-05-30 14:28 - 2014-04-11 21:10 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\Arma 3
2014-05-28 15:45 - 2014-04-12 02:00 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\CrashDumps
2014-05-28 15:43 - 2014-05-24 15:43 - 00000300 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-05-27 22:30 - 2014-04-11 08:30 - 00176060 _____ () C:\Windows\PFRO.log
2014-05-27 19:36 - 2014-05-27 19:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-27 19:29 - 2014-05-27 19:28 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tobias Pomper\Downloads\revosetup95.exe
2014-05-27 16:52 - 2014-04-10 18:56 - 00000000 ___RD () C:\Users\Tobias Pomper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-26 19:03 - 2014-04-11 18:35 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\NVIDIA Corporation
2014-05-26 18:25 - 2014-05-24 15:43 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro
2014-05-26 06:58 - 2014-05-18 19:06 - 00000000 ____D () C:\ProgramData\IePluginService
2014-05-26 06:27 - 2014-05-24 15:38 - 00000000 ____D () C:\ProgramData\CostMin
2014-05-26 06:27 - 2014-05-24 15:33 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\3891
2014-05-26 01:28 - 2014-05-26 01:28 - 00003096 _____ () C:\{7CDF8E62-53B7-4CDD-A435-A6F5D96C710F}
2014-05-25 23:35 - 2014-05-16 17:47 - 00013901 _____ () C:\Users\Tobias Pomper\Downloads\Windows+7+Loader+v2.1.1+by+Daz+(x86+&+x64).zip
2014-05-25 22:40 - 2014-05-25 22:40 - 00002184 _____ () C:\{CA8847FC-8664-40B7-8B83-EED31ECD73C4}
2014-05-25 20:51 - 2009-07-14 06:45 - 00276968 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-25 20:05 - 2014-05-25 20:04 - 28033792 _____ (NVIDIA Corporation) C:\Users\Tobias Pomper\Downloads\GeForce_Experience_v2.0.1.0.exe
2014-05-25 18:22 - 2014-05-25 18:21 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\DropboxMaster
2014-05-25 18:22 - 2014-05-25 18:19 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\Dropbox
2014-05-25 18:21 - 2014-05-25 18:21 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-25 18:09 - 2014-05-25 18:09 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\AVAST Software
2014-05-25 18:06 - 2014-05-25 17:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-05-25 18:04 - 2014-05-24 15:38 - 00000000 ____D () C:\Program Files (x86)\Supporter
2014-05-25 18:03 - 2014-05-25 18:03 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-25 18:03 - 2014-05-25 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-05-25 18:03 - 2014-05-25 18:00 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-25 18:03 - 2014-05-25 18:00 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-25 18:03 - 2014-05-25 18:00 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-25 17:59 - 2014-05-25 18:00 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1401033815049
2014-05-25 17:59 - 2014-05-25 18:00 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1401033815049
2014-05-25 17:59 - 2014-05-25 18:00 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-25 17:59 - 2014-05-25 18:00 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-25 17:59 - 2014-05-25 18:00 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-25 17:59 - 2014-05-25 18:00 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-25 17:59 - 2014-05-25 18:00 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-25 17:59 - 2014-05-25 18:00 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-25 17:59 - 2014-05-25 17:59 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-25 17:58 - 2014-05-25 17:58 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-25 17:57 - 2014-05-25 17:57 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-05-25 17:57 - 2014-05-25 17:56 - 94714880 _____ (AVAST Software) C:\Users\Tobias Pomper\Downloads\avast_free_antivirus_setup_21514.exe
2014-05-25 17:57 - 2014-04-12 21:12 - 00058016 _____ () C:\Users\Tobias Pomper\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-25 17:09 - 2014-05-25 17:09 - 00000000 _____ () C:\autoexec.bat
2014-05-25 17:09 - 2014-05-25 17:08 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-05-25 17:08 - 2014-05-25 17:08 - 00001162 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-05-25 17:08 - 2014-05-25 17:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-25 17:08 - 2014-05-25 17:08 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-05-25 17:06 - 2014-05-25 17:06 - 07401104 _____ (TeamViewer GmbH) C:\Users\Tobias Pomper\Downloads\TeamViewer_9.0.28223.exe
2014-05-25 17:03 - 2014-05-25 17:03 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Tobias Pomper\Downloads\SpyHunter-Installer.exe
2014-05-25 16:57 - 2014-05-25 16:57 - 00000000 ____D () C:\ProgramData\Systweak
2014-05-25 16:55 - 2014-04-10 18:55 - 00000000 ____D () C:\Users\Tobias Pomper
2014-05-25 16:54 - 2014-05-24 15:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-05-25 16:54 - 2014-05-24 15:44 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-05-25 16:54 - 2014-05-24 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2014-05-25 16:54 - 2014-05-01 16:00 - 00000000 ____D () C:\Program Files (x86)\GameSpy Arcade
2014-05-25 16:52 - 2014-05-24 15:33 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\InetStat
2014-05-25 16:52 - 2014-05-18 19:04 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\systweak
2014-05-25 16:52 - 2014-05-01 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2014-05-25 16:52 - 2014-04-13 23:34 - 00000000 ____D () C:\Users\Tobias Pomper\Documents\DayZ
2014-05-25 16:52 - 2014-04-11 21:11 - 00000000 ____D () C:\Users\Tobias Pomper\Documents\Arma 3
2014-05-25 16:52 - 2014-04-10 19:15 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-05-25 16:52 - 2014-04-10 19:11 - 00000000 ____D () C:\ProgramData\Norton
2014-05-25 16:48 - 2014-05-25 16:24 - 00000000 ____D () C:\Program Files (x86)\WinZip Registry Optimizer
2014-05-25 16:48 - 2014-05-18 18:00 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-05-25 16:48 - 2014-04-10 19:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-25 16:47 - 2014-05-25 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-25 16:47 - 2014-04-12 01:40 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-25 16:47 - 2009-07-14 20:18 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-25 16:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-05-25 16:33 - 2014-05-25 14:14 - 3100693178 _____ () C:\Users\Tobias Pomper\Downloads\German_Windows_7_Ultimate_SP1_W64_X17-59455.sdc
2014-05-25 16:33 - 2014-05-25 14:13 - 00043850 _____ () C:\Users\Tobias Pomper\Downloads\SecureDownloadManager.log
2014-05-25 16:26 - 2014-05-25 16:26 - 00000000 ____D () C:\ProgramData\Avira
2014-05-25 16:26 - 2014-05-25 16:26 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-25 16:25 - 2014-05-25 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Registry Optimizer
2014-05-25 16:16 - 2014-05-25 16:16 - 00000184 _____ () C:\Users\Tobias Pomper\Downloads\100294661420 (1).sdx
2014-05-25 14:13 - 2014-05-25 14:13 - 00000184 _____ () C:\Users\Tobias Pomper\Downloads\100294661420.sdx
2014-05-25 14:13 - 2014-05-25 14:13 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\e-academy Inc
2014-05-25 14:13 - 2014-05-25 14:13 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\e-academy Inc
2014-05-24 15:45 - 2014-05-24 15:45 - 18816968 _____ (Bitberry Software ) C:\Users\Tobias Pomper\Downloads\FreeFileViewerSetup [1].exe
2014-05-24 15:45 - 2014-05-24 15:45 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\WorldofTanks
2014-05-24 15:45 - 2014-05-24 15:45 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\WorldofTanks
2014-05-24 15:44 - 2014-05-24 15:44 - 00711776 _____ ( ) C:\Users\Tobias Pomper\Downloads\FreeFileViewerSetup.exe
2014-05-24 15:44 - 2014-05-24 15:44 - 00003072 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2014-05-24 15:44 - 2014-05-24 15:44 - 00002916 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2014-05-24 15:43 - 2014-05-24 15:43 - 04318040 _____ (Systweak Inc ) C:\Users\Tobias Pomper\Downloads\sysrc_trial_25044.exe
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\Torch
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\Packages
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\Comodo
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\Chromatic Browser
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Gast
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\Users\Administrator
2014-05-24 15:38 - 2014-05-24 15:38 - 00000000 ____D () C:\ProgramData\f9d1dd67384e9722
2014-05-24 15:38 - 2014-04-10 18:58 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\Google
2014-05-24 15:37 - 2014-05-24 15:36 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\Prompt Downloader
2014-05-24 15:36 - 2014-05-24 15:36 - 25819784 _____ (promptdownloader.com) C:\Users\Tobias Pomper\Downloads\PromptDownloader.exe
2014-05-24 15:36 - 2014-05-24 15:36 - 00000000 ____D () C:\ProgramData\Registry Helper
2014-05-24 15:34 - 2014-05-24 15:33 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-05-24 15:27 - 2014-05-24 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-24 15:26 - 2014-05-24 15:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-24 15:25 - 2014-05-24 15:25 - 00000229 _____ () C:\Users\Tobias Pomper\Downloads\CLASH OF CLANS ACTIVATION CODE.txt
2014-05-24 15:24 - 2014-05-24 15:24 - 00349160 _____ () C:\Users\Tobias Pomper\Downloads\MediaPlayerClassic.exe
2014-05-24 07:56 - 2014-04-12 01:59 - 00001384 _____ () C:\Users\Tobias Pomper\AppData\Roaming\BreakingPoint_Options.ini
2014-05-23 23:18 - 2014-05-23 23:18 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\BitTorrent Sync
2014-05-23 23:18 - 2014-04-12 01:37 - 00000000 ____D () C:\Breaking Point
2014-05-23 23:15 - 2014-04-12 01:59 - 00000297 _____ () C:\Users\Tobias Pomper\AppData\Roaming\BreakingPoint_Login.ini
2014-05-23 21:20 - 2014-05-02 10:10 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\ArmA 2
2014-05-23 21:02 - 2014-04-13 23:34 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\DayZ
2014-05-23 20:08 - 2014-05-21 19:37 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\.minecraft
2014-05-23 16:01 - 2014-04-10 18:59 - 00002377 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-22 18:33 - 2014-05-02 10:10 - 00000000 ____D () C:\Users\Tobias Pomper\Documents\ArmA 2
2014-05-21 19:39 - 2014-05-21 19:39 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2014-05-21 19:39 - 2014-05-21 19:39 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-05-21 19:38 - 2014-05-21 19:38 - 00000000 ____D () C:\ProgramData\APN
2014-05-21 19:37 - 2014-05-21 19:37 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-21 19:36 - 2014-05-21 19:36 - 00000000 ____D () C:\ProgramData\Sun
2014-05-21 19:35 - 2014-05-21 19:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-21 19:34 - 2014-05-21 19:35 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-21 19:34 - 2014-05-21 19:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-21 19:34 - 2014-05-21 19:35 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-21 19:34 - 2014-05-21 19:35 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-21 19:34 - 2014-05-21 19:34 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-21 19:33 - 2014-05-21 19:33 - 00675988 _____ () C:\Users\Tobias Pomper\Desktop\Minecraft.exe
2014-05-21 15:06 - 2014-04-22 09:19 - 00291128 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-05-21 15:06 - 2014-04-22 09:18 - 00291128 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-21 15:05 - 2014-04-22 01:52 - 00000000 ____D () C:\Users\Tobias Pomper\Documents\Infestation Survivor Stories
2014-05-19 21:05 - 2014-04-11 21:08 - 00116391 _____ () C:\Windows\DirectX.log
2014-05-19 19:30 - 2014-05-19 19:30 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\CDWLauncher
2014-05-19 19:30 - 2014-05-03 15:36 - 00000000 ____D () C:\Users\Tobias Pomper\Documents\My Games
2014-05-19 19:28 - 2014-05-19 19:25 - 00000000 ____D () C:\7f92c9e1a2cdf75bbf2ab9440f5bfb2e
2014-05-19 19:03 - 2014-05-19 19:03 - 00000222 _____ () C:\Users\Tobias Pomper\Desktop\Chivalry Medieval Warfare.url
2014-05-19 19:03 - 2014-05-19 19:03 - 00000222 _____ () C:\Users\Tobias Pomper\Desktop\Chivalry Medieval Warfare Beta.url
2014-05-19 19:03 - 2014-04-11 18:47 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-19 18:36 - 2014-05-19 18:35 - 00000222 _____ () C:\Users\Tobias Pomper\Desktop\PlanetSide 2.url
2014-05-18 19:12 - 2014-05-18 19:12 - 08131992 _____ () C:\Users\Tobias Pomper\Downloads\VioVideoConverterSetup (1).exe
2014-05-18 19:12 - 2014-05-18 19:12 - 00000071 _____ () C:\ioVIO.ini
2014-05-18 19:12 - 2014-05-18 19:12 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\TempImages
2014-05-18 19:12 - 2014-05-18 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VioVideoConverter
2014-05-18 19:09 - 2014-05-18 19:09 - 01295295 _____ (Clash of Clans ) C:\Users\Tobias Pomper\Downloads\Clash of Clans Ultimate Hack Tool Android & IOS v.2.3.exe
2014-05-18 19:08 - 2014-05-18 19:06 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-05-18 19:06 - 2014-05-18 19:06 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\SupTab
2014-05-18 19:06 - 2014-05-18 19:06 - 00000000 ____D () C:\ProgramData\WPM
2014-05-18 19:05 - 2014-04-12 08:12 - 00001635 _____ () C:\Users\Tobias Pomper\Desktop\Internet Explorer.lnk
2014-05-18 19:01 - 2014-05-18 19:01 - 00000000 _____ () C:\end
2014-05-18 18:59 - 2014-05-18 18:59 - 00501520 _____ ( apps installer ) C:\Users\Tobias Pomper\Downloads\Clash Of Clans Hack 2014.exe
2014-05-18 18:06 - 2014-05-18 17:59 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-05-18 18:01 - 2014-05-18 18:01 - 00001825 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-05-18 18:01 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-05-18 18:00 - 2014-05-18 18:00 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-05-18 18:00 - 2014-05-18 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-05-18 18:00 - 2014-05-18 18:00 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-05-18 17:59 - 2014-05-18 17:59 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\Bluestacks
2014-05-18 17:58 - 2014-05-18 17:58 - 00961360 _____ (Chip Digital GmbH) C:\Users\Tobias Pomper\Downloads\BlueStacks App Player - CHIP-Downloader.exe
2014-05-18 08:02 - 2014-05-08 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-17 20:30 - 2014-05-17 20:30 - 00000000 ____D () C:\Users\Tobias Pomper\Documents\LEGO Interactive
2014-05-17 19:20 - 2014-05-17 19:20 - 00000000 ____D () C:\Program Files (x86)\Firefly Studios
2014-05-17 18:45 - 2014-05-17 18:45 - 00000474 _____ () C:\Windows\eReg.dat
2014-05-17 18:27 - 2014-05-17 18:27 - 00002010 _____ () C:\Users\Public\Desktop\BIONICLE TM.lnk
2014-05-17 18:26 - 2014-05-17 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Interactive
2014-05-17 18:26 - 2014-05-17 18:26 - 00000000 ____D () C:\Program Files (x86)\LEGO Interactive
2014-05-17 16:42 - 2014-05-03 15:36 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-05-17 09:01 - 2014-04-10 18:56 - 00000000 ___RD () C:\Users\Tobias Pomper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 04:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-17 03:34 - 2014-05-17 03:34 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-05-17 03:28 - 2014-04-10 19:12 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-05-17 03:28 - 2014-04-10 19:12 - 00002501 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-05-17 03:28 - 2014-04-10 19:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-05-17 03:28 - 2014-04-10 19:11 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-05-16 23:26 - 2014-05-16 23:26 - 00000000 ____D () C:\Crash
2014-05-16 20:21 - 2014-04-22 01:53 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-05-16 19:44 - 2014-05-16 19:44 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\SCE
2014-05-16 19:42 - 2014-05-16 19:42 - 00002558 _____ () C:\Users\Tobias Pomper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2 PSG.lnk
2014-05-16 19:42 - 2014-04-22 01:53 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-05-16 19:41 - 2014-05-16 19:40 - 23968184 _____ () C:\Users\Tobias Pomper\Downloads\PS2_PSG_setup.exe
2014-05-16 17:43 - 2014-05-16 17:43 - 00002702 _____ () C:\Users\Tobias Pomper\Downloads\legitcheck.hta
2014-05-16 17:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-10 19:45 - 2014-05-03 16:41 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\NVIDIA
2014-05-10 11:56 - 2014-05-10 11:56 - 690662708 _____ () C:\Users\Tobias Pomper\Downloads\CSS_Content_Addon_(Dec2013) (1).rar
2014-05-10 11:46 - 2014-05-10 11:42 - 96987764 _____ () C:\Users\Tobias Pomper\Downloads\Vanish_a0.2a.zip
2014-05-10 11:45 - 2014-05-10 11:44 - 65812970 _____ () C:\Users\Tobias Pomper\Downloads\Slender_v0_9_7.zip
2014-05-10 11:40 - 2009-07-14 19:58 - 00699318 _____ () C:\Windows\system32\perfh007.dat
2014-05-10 11:40 - 2009-07-14 19:58 - 00149458 _____ () C:\Windows\system32\perfc007.dat
2014-05-10 11:40 - 2009-07-14 07:13 - 01620196 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-10 11:37 - 2014-05-10 11:37 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-05-10 09:38 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-09 08:14 - 2014-05-17 03:12 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-17 03:12 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 21:43 - 2014-05-08 21:43 - 00000221 _____ () C:\Users\Tobias Pomper\Desktop\Rising StormRed Orchestra 2 Multiplayer.url
2014-05-08 17:39 - 2014-04-22 09:18 - 00291128 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-08 13:21 - 2014-04-11 15:54 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\Google
2014-05-08 02:54 - 2014-04-10 18:58 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 02:54 - 2014-04-10 18:58 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-06 06:40 - 2014-05-17 03:05 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-17 03:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-17 03:05 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-17 03:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-17 03:05 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-17 03:05 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 11:03 - 2014-05-04 11:03 - 00000700 _____ () C:\Users\Tobias Pomper\Desktop\Empire Total War - Verknüpfung.lnk
2014-05-04 00:53 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-03 15:37 - 2014-05-03 15:37 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\WarThunder
2014-05-03 15:37 - 2014-05-03 15:37 - 00000000 ____D () C:\ProgramData\WarThunder
2014-05-03 15:36 - 2014-05-03 15:36 - 00001101 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-05-03 15:36 - 2014-05-03 15:36 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-05-03 15:36 - 2014-05-03 15:35 - 04131040 _____ (Gaijin Entertainment ) C:\Users\Tobias Pomper\Downloads\wt_launcher_1.0.1.355.exe
2014-05-03 15:31 - 2014-05-03 15:31 - 00000222 _____ () C:\Users\Tobias Pomper\Desktop\Total War ROME II.url
2014-05-02 17:59 - 2014-05-02 10:33 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\ArmA 2 OA
2014-05-02 17:56 - 2014-05-02 17:56 - 00000000 ____D () C:\ProgramData\Bohemia Interactive Studio
2014-05-02 10:35 - 2014-05-02 10:35 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\StunlockStudios
2014-05-02 10:34 - 2014-05-02 10:10 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-05-02 10:18 - 2014-05-02 10:18 - 00000222 _____ () C:\Users\Tobias Pomper\Desktop\Dead Island Epidemic.url
2014-05-02 10:18 - 2014-05-02 10:18 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\DayZCommander
2014-05-02 10:17 - 2014-05-02 10:17 - 00001336 _____ () C:\Users\Public\Desktop\DayZ Commander.lnk
2014-05-02 10:17 - 2014-05-02 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dotjosh Studios
2014-05-02 10:17 - 2014-05-02 10:17 - 00000000 ____D () C:\Program Files (x86)\Dotjosh Studios
2014-05-02 10:16 - 2014-05-02 10:16 - 02945024 _____ () C:\Users\Tobias Pomper\Downloads\Dotjosh.DayZCommander.Installer.msi
2014-05-02 10:10 - 2014-05-02 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-05-02 09:38 - 2014-05-02 09:38 - 00000221 _____ () C:\Users\Tobias Pomper\Desktop\Arma 2.url
2014-05-01 23:23 - 2014-05-01 23:23 - 00000000 __SHD () C:\Users\Tobias Pomper\AppData\Local\EmieUserList
2014-05-01 23:23 - 2014-05-01 23:23 - 00000000 __SHD () C:\Users\Tobias Pomper\AppData\Local\EmieSiteList
2014-05-01 20:39 - 2014-04-10 18:55 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Local\VirtualStore
2014-05-01 16:20 - 2014-05-01 16:20 - 00002230 _____ () C:\Users\Public\Desktop\Barbarian Invasion.lnk
2014-05-01 16:20 - 2014-05-01 16:20 - 00002207 _____ () C:\Users\Public\Desktop\Rome - Total War.lnk
2014-05-01 16:20 - 2014-05-01 16:20 - 00000996 _____ () C:\Users\Tobias Pomper\Desktop\GameSpy Arcade.lnk
2014-05-01 16:20 - 2014-05-01 16:20 - 00000000 ____D () C:\Users\Tobias Pomper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-05-01 15:55 - 2014-05-01 15:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total War
2014-05-01 15:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

Some content of TEMP:
====================
C:\Users\Tobias Pomper\AppData\Local\Temp\APNSetup.exe
C:\Users\Tobias Pomper\AppData\Local\Temp\BackupSetup.exe
C:\Users\Tobias Pomper\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Tobias Pomper\AppData\Local\Temp\comver.dll
C:\Users\Tobias Pomper\AppData\Local\Temp\downloader.dll
C:\Users\Tobias Pomper\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp368wob.dll
C:\Users\Tobias Pomper\AppData\Local\Temp\epom2_nationzoom_20131128171912.exe
C:\Users\Tobias Pomper\AppData\Local\Temp\ICReinstall_FreeFileViewerSetup.exe
C:\Users\Tobias Pomper\AppData\Local\Temp\nskFE04.exe
C:\Users\Tobias Pomper\AppData\Local\Temp\nsm44A2.exe
C:\Users\Tobias Pomper\AppData\Local\Temp\nsrDDC1.exe
C:\Users\Tobias Pomper\AppData\Local\Temp\nsrE206.exe
C:\Users\Tobias Pomper\AppData\Local\Temp\nsw4B95.exe
C:\Users\Tobias Pomper\AppData\Local\Temp\SHSetup.exe
C:\Users\Tobias Pomper\AppData\Local\Temp\SpeeDial.exe
C:\Users\Tobias Pomper\AppData\Local\Temp\Uninstall.exe
C:\Users\Tobias Pomper\AppData\Local\Temp\Uninstaller-4056.exe
C:\Users\Tobias Pomper\AppData\Local\Temp\Uninstaller-5988.exe
C:\Users\Tobias Pomper\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-20 19:06

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Und die Addition

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-05-2014
Ran by Tobias Pomper at 2014-05-31 11:06:14
Running from C:\Users\Tobias Pomper\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.30 - GIGABYTE)
Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.13591 - Systweak Software) <==== ATTENTION
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{120EC191-78F8-CA89-3511-7E90C23F5261}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2012.0806.1213.19931 - Ihr Firmenname) Hidden
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (HKLM-x32\...\Steam App 219540) (Version:  - )
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C0A06}) (Version: 12.10.6.48 - APN, LLC) <==== ATTENTION
AutoGreen B12.1220.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B12.1220.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
BIONICLE (HKLM-x32\...\{B196519A-A2AC-443E-84D1-F336B4E8F304}) (Version: 1.00.000 - )
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.9.3088 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{4C02AFA8-074D-44FE-B0E1-A73D4AA65390}) (Version: 0.8.9.3088 - BlueStack Systems, Inc.)
Catalyst Control Center (x32 Version: 2012.0806.1213.19931 - Ihr Firmenname) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Chivalry: Medieval Warfare Beta (HKLM-x32\...\Steam App 232210) (Version:  - )
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version:  - Stunlock Studios)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Easy Tune 6 B13.0323.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B13.0323.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version:  - The Creative Assembly)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
InetStat (HKCU\...\InetStat) (Version: 0.4 - InetStat)
Infestation Survivor Stories version 1.0 (HKLM-x32\...\{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1) (Version: 1.0 - OP Productions LLC)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
ModifyRegistry version 0.1 (HKLM-x32\...\{1D5BE6B5-7FD4-4A78-90F2-AF6B53BC8C1C}_is1) (Version: 0.1 - VIA Technologies, Inc.)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.5.0.28 - Symantec Corporation)
NVIDIA 3D Vision Controller-Treiber 337.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.50 (Version: 337.50 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire Interactive)
Rome - Total War - Gold Edition (HKLM-x32\...\{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}) (Version: 1.6 - The Creative Assembly)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Supporter 1.80 (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{be0fb33b}) (Version:  - Costmin) <==== ATTENTION
System Update kb70007 (x32 Version: 1.0.0 - MSR) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
War Thunder Launcher 1.0.1.355 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Wargame: AirLand Battle (HKLM-x32\...\Steam App 222750) (Version:  - Eugen Systems)
Wargame: Red Dragon (HKLM-x32\...\Steam App 251060) (Version:  - Eugen Systems)
WinRAR 5.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.2 - win.rar GmbH)
WPM18.8.0.304 (HKLM-x32\...\WPM) (Version: 18.8.0.304 - Cherished Technololgy LIMITED) <==== ATTENTION

==================== Restore Points  =========================

30-05-2014 16:06:35 Secure Download Manager wird installiert

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {08BC4709-D892-4C7B-9B47-48C2E260A458} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {377B96C2-6B21-4CC8-9317-DA5EB520E8CC} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {3BA5946F-67B9-481A-A6B8-817666F2E4A5} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\WSCStub.exe [2014-04-29] (Symantec Corporation)
Task: {4D8409C5-34F8-46FF-A6C5-34C43FA3F3EE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-25] (AVAST Software)
Task: {6C02458F-A6D4-4101-B8C0-6AAF823991EF} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {7DEC8E1C-9372-4618-9816-336F0EECD117} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-10] (Google Inc.)
Task: {7EEB99BC-AA67-4F8F-B52A-48E5476DB67B} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2014-05-23] (Systweak) <==== ATTENTION
Task: {8F74F1A8-7E20-4A0A-9A85-63AAE73CC946} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-10] (Google Inc.)
Task: {96D9C4F3-D7EF-4D0C-92D1-8B7F9E9C0C41} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {AF04F5B1-FD31-41F7-84BD-96C5F917E4A7} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-04-11 17:42 - 2014-03-27 04:11 - 00118728 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-24 15:33 - 2014-05-24 15:33 - 01259488 _____ () C:\Users\Tobias Pomper\AppData\Roaming\InetStat\inetstat.exe
2014-04-10 19:14 - 2012-08-09 12:55 - 00078480 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2014-04-10 19:14 - 2012-08-09 12:55 - 00386192 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-04-22 09:18 - 2014-04-22 09:18 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-05-24 15:34 - 2014-05-08 11:45 - 00018944 _____ () C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe
2014-02-28 11:14 - 2014-02-28 11:14 - 00173568 _____ () C:\Users\Tobias Pomper\AppData\Local\TeamSpeak 3 Client\quazip.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 01080832 _____ () C:\Users\Tobias Pomper\AppData\Local\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00833024 _____ () C:\Users\Tobias Pomper\AppData\Local\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-02-28 15:07 - 2014-02-28 15:07 - 00102344 _____ () C:\Users\Tobias Pomper\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-02-28 15:07 - 2014-02-28 15:07 - 00108488 _____ () C:\Users\Tobias Pomper\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00030208 _____ () C:\Users\Tobias Pomper\AppData\Local\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00233984 _____ () C:\Users\Tobias Pomper\AppData\Local\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-02-28 15:10 - 2014-02-28 15:10 - 00563656 _____ () C:\Users\Tobias Pomper\AppData\Local\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-02-28 15:10 - 2014-02-28 15:10 - 00577480 _____ () C:\Users\Tobias Pomper\AppData\Local\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00159232 _____ () C:\Users\Tobias Pomper\AppData\Local\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-05-03 15:31 - 2014-05-03 15:31 - 00038240 _____ () C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\awesomium_process.exe
2014-05-30 13:44 - 2014-05-30 13:44 - 02259456 _____ () C:\Program Files\AVAST Software\Avast\defs\14053000\algo.dll
2014-05-31 07:53 - 2014-05-31 07:53 - 02259456 _____ () C:\Program Files\AVAST Software\Avast\defs\14053001\algo.dll
2014-05-24 15:44 - 2012-07-25 12:03 - 00886272 _____ () C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll
2014-05-24 15:44 - 2014-05-23 18:50 - 01730928 _____ () C:\Program Files (x86)\Advanced System Protector\aspsys.dll
2014-05-25 17:59 - 2014-05-25 17:59 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-24 15:34 - 2014-05-08 11:45 - 00061952 _____ () C:\Windows\Microsoft\SystemUpdatekb70007\InstallerLibrary.dll
2014-05-24 15:34 - 2014-05-08 11:45 - 00016896 _____ () C:\Windows\Microsoft\SystemUpdatekb70007\Installer.dll
2014-05-24 15:34 - 2014-05-31 07:53 - 00086528 _____ () C:\Program Files (x86)\MSR\Privoxy\mgwz.dll
2014-05-01 22:50 - 2012-05-30 08:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.5.0.28\wincfi39.dll
2014-05-21 19:37 - 2014-04-30 02:08 - 01135104 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-04-23 16:21 - 2014-04-30 02:08 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-21 19:37 - 2014-04-30 02:08 - 00404992 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-04-11 18:01 - 2014-04-30 02:08 - 00340992 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-04-11 18:01 - 2014-05-17 03:36 - 00756224 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-21 19:37 - 2014-05-29 19:37 - 02139840 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-21 19:37 - 2014-04-29 02:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2014-04-11 18:01 - 2014-05-29 19:36 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-04-11 18:01 - 2014-05-02 01:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-04-11 18:01 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2014-04-11 18:01 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2014-04-11 18:01 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-05-03 15:31 - 2014-05-03 15:31 - 20645216 _____ () C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\awesomium.dll
2014-05-03 15:31 - 2014-05-03 15:31 - 00891904 _____ () C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\twitchsdk_32_release.dll
2014-05-03 15:31 - 2014-05-03 15:32 - 00394810 _____ () C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\libmp3lame-ttv.dll
2014-05-03 15:32 - 2014-05-03 15:32 - 00113171 _____ () C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\swresample-ttv-0.dll
2014-05-03 15:31 - 2014-05-03 15:31 - 00246332 _____ () C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\avutil-ttv-51.dll
2014-04-11 18:01 - 2014-05-29 19:36 - 00359104 _____ () C:\Program Files (x86)\Steam\steam.dll
2014-05-27 19:08 - 2014-05-30 14:10 - 00059392 _____ () C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\CALibsWinExt.zintelunityrelease.dll
2014-05-03 15:31 - 2014-05-03 15:31 - 01099632 _____ () C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\avcodec-53.dll
2014-05-03 15:31 - 2014-05-03 15:31 - 00123248 _____ () C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\avutil-51.dll
2014-05-03 15:31 - 2014-05-03 15:31 - 00190832 _____ () C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\avformat-53.dll
2014-05-23 16:01 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-23 16:01 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-23 16:01 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-23 16:01 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-23 16:01 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-23 16:01 - 2014-05-14 01:40 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Audiocontroller für Multimedia
Description: Audiocontroller für Multimedia
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/30/2014 06:49:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x501fefb5
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x78c
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3

Error: (05/30/2014 02:17:26 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/30/2014 02:14:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x501fefb5
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x774
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3

Error: (05/30/2014 01:41:34 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/28/2014 04:18:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x501fefb5
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x790
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3

Error: (05/28/2014 04:12:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ChivLauncher.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1d8c

Startzeit: 01cf7a7ecfd0c256

Endzeit: 31

Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\ChivLauncher.exe

Berichts-ID: 1e25109f-e672-11e3-9a60-74d4350480a9

Error: (05/28/2014 04:01:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm hl2.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: b40

Startzeit: 01cf7a7c294d66c8

Endzeit: 65

Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe

Berichts-ID:

Error: (05/28/2014 03:45:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvBackend.exe, Version: 12.4.67.0, Zeitstempel: 0x535fafd9
Name des fehlerhaften Moduls: nvapi.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5333479c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x628c8830
ID des fehlerhaften Prozesses: 0xb10
Startzeit der fehlerhaften Anwendung: 0xNvBackend.exe0
Pfad der fehlerhaften Anwendung: NvBackend.exe1
Pfad des fehlerhaften Moduls: NvBackend.exe2
Berichtskennung: NvBackend.exe3

Error: (05/28/2014 03:44:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 9a4

Startzeit: 01cf7a7a8d7c1a64

Endzeit: 18

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 249ea9c0-e66e-11e3-9a60-74d4350480a9

Error: (05/28/2014 03:43:31 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


System errors:
=============
Error: (05/31/2014 07:53:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update webget" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/31/2014 07:51:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/31/2014 07:51:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AMD FUEL Service erreicht.

Error: (05/30/2014 06:50:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/30/2014 03:47:30 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (05/30/2014 02:27:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/30/2014 02:27:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (05/30/2014 02:21:27 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{3CAD3F9F-13C7-4CE3-9A5B-60631692CBA1}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (05/30/2014 02:20:43 PM) (Source: NetBT) (EventID: 4319) (User: )
Description: Ein doppelter Name wurde im TCP-Netzwerk entdeckt. Die IP-Adresse des Computers,
der die Meldung gesendet hat, steht in den Daten. Verwenden Sie NBTSTAT -n an
der Eingabeaufforderung, um den doppelten Namen zu bestimmen.

Error: (05/30/2014 02:20:43 PM) (Source: NetBT) (EventID: 4319) (User: )
Description: Ein doppelter Name wurde im TCP-Netzwerk entdeckt. Die IP-Adresse des Computers,
der die Meldung gesendet hat, steht in den Daten. Verwenden Sie NBTSTAT -n an
der Eingabeaufforderung, um den doppelten Namen zu bestimmen.


Microsoft Office Sessions:
=========================
Error: (05/30/2014 06:49:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.0501fefb5Device.dll4.1.0.04f55e10bc000000500000000000033c178c01cf7c00f280da67C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll6f4324ea-e81a-11e3-941d-74d4350480a9

Error: (05/30/2014 02:17:26 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/30/2014 02:14:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.0501fefb5Device.dll4.1.0.04f55e10bc000000500000000000033c177401cf7bfbd2dcb4e3C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dllf2ac58c0-e7f3-11e3-9a1e-74d4350480a9

Error: (05/30/2014 01:41:34 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/28/2014 04:18:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.0501fefb5Device.dll4.1.0.04f55e10bc000000500000000000033c179001cf7a7a829d71c6C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dllf4523493-e672-11e3-9a60-74d4350480a9

Error: (05/28/2014 04:12:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ChivLauncher.exe1.0.0.01d8c01cf7a7ecfd0c25631C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\ChivLauncher.exe1e25109f-e672-11e3-9a60-74d4350480a9

Error: (05/28/2014 04:01:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: hl2.exe0.0.0.0b4001cf7a7c294d66c865C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe

Error: (05/28/2014 03:45:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvBackend.exe12.4.67.0535fafd9nvapi.dll_unloaded0.0.0.05333479cc0000005628c8830b1001cf7a7a98c8424eC:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exenvapi.dll50ddea96-e66e-11e3-9a60-74d4350480a9

Error: (05/28/2014 03:44:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.175679a401cf7a7a8d7c1a6418C:\Windows\Explorer.EXE249ea9c0-e66e-11e3-9a60-74d4350480a9

Error: (05/28/2014 03:43:31 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


==================== Memory info =========================== 

Percentage of memory in use: 32%
Total physical RAM: 16348.63 MB
Available physical RAM: 10956.68 MB
Total Pagefile: 32695.43 MB
Available Pagefile: 25140.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:190.95 GB) NTFS
Drive d: (BIONICLE) (CDROM) (Total:0.68 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________

Alt 01.06.2014, 14:56   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Posadi17.com werde ich nicht los - Standard

Posadi17.com werde ich nicht los



Adware & Co. deinstallieren
  • Lade Dir bitte von hier Revo Uninstaller herunter.
  • Installiere und starte das Programm.
  • Suche im Uninstallerfeld nach den Programmen, die unter:

    diesen Zusatz haben:
  • Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:




Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Posadi17.com werde ich nicht los
.com, bitte um hilfe, folge, folgendes, hilfe, laufe, laufen, liebe, nationzoom, nationzoom entfernen, posadi17, posadi17 entfernen, programm, schickt, spyhunter, spyhunter entfernen, troja, trojaner-board, verlangsamt, werbung, wirklich



Ähnliche Themen: Posadi17.com werde ich nicht los


  1. Posadi17 Virus was tun?
    Plagegeister aller Art und deren Bekämpfung - 20.08.2014 (11)
  2. PC hat Virus, vielleicht posadi17
    Plagegeister aller Art und deren Bekämpfung - 24.07.2014 (9)
  3. Posadi17
    Plagegeister aller Art und deren Bekämpfung - 23.06.2014 (5)
  4. Posadi17 nach verschiedenen Maßnahmen immer noch nicht entfernt bekommen
    Log-Analyse und Auswertung - 22.06.2014 (3)
  5. Posadi17.com läst sich nicht entfernen
    Log-Analyse und Auswertung - 27.05.2014 (10)
  6. Posadi17.com/ lässt sich nicht entfernen
    Log-Analyse und Auswertung - 23.05.2014 (15)
  7. Posadi17 - Probleme mit der Entfernung!
    Log-Analyse und Auswertung - 22.05.2014 (7)
  8. posadi17 im IE
    Plagegeister aller Art und deren Bekämpfung - 15.05.2014 (17)
  9. Posadi17 verschwindet nicht mehr.
    Log-Analyse und Auswertung - 14.05.2014 (3)
  10. "Posadi17" ständig offen als Task im Taskmanager
    Plagegeister aller Art und deren Bekämpfung - 12.05.2014 (18)
  11. Ich werde das Gefühl nicht los dass mit meinem Rechner etwas nicht stimmt .. (einfrieren, langsam,..)
    Log-Analyse und Auswertung - 04.05.2014 (1)
  12. posadi17 entfernen
    Anleitungen, FAQs & Links - 30.04.2014 (2)
  13. backdoor trojaner werde sie nicht los und formatieren geht auch nicht
    Alles rund um Windows - 07.01.2011 (15)
  14. Werde Hijacker nicht los
    Log-Analyse und Auswertung - 27.02.2009 (9)
  15. ich werde *ihn* nicht los!
    Log-Analyse und Auswertung - 22.01.2006 (58)
  16. Werde Trojaner nicht los ! Plz help
    Log-Analyse und Auswertung - 14.08.2005 (1)
  17. Werde Adware nicht los
    Log-Analyse und Auswertung - 16.01.2005 (5)

Zum Thema Posadi17.com werde ich nicht los - Hallo liebe Leute von Trojaner-Board ich habe folgendes Problem: Seit ein paar Tagen habe ich das Programm Posadi17 im Hintegrund laufen und ich kann es nicht schließen. Dieses Programm schickt - Posadi17.com werde ich nicht los...
Archiv
Du betrachtest: Posadi17.com werde ich nicht los auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.