| |
| |||||||
Log-Analyse und Auswertung: Snap.do löschen (Win 7 64 Bit)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
25.06.2013, 14:51
| #1 |
 |  Snap.do löschen (Win 7 64 Bit)Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2013 01
Ran by Drenalim at 2013-06-25 16:10:56
Running from C:\Users\Drenalim\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
AI Suite II (x32 Version: 1.02.27)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Assassin's Creed (R) III (x32 Version: 1.01)
Avira Free Antivirus (x32 Version: 13.0.0.3640)
BioShock Infinite Version 1.0 (x32 Version: 1.0)
Bonjour (Version: 3.0.0.10)
Call of Duty: Black Ops II - Multiplayer (x32)
Curse Client (HKCU Version: 5.1.1.792)
DAEMON Tools Lite (x32 Version: 4.47.1.0333)
DmC Devil May Cry (x32)
Fraps (x32)
Google Chrome (x32 Version: 27.0.1453.116)
Google Update Helper (x32 Version: 1.3.21.145)
Intel(R) Network Connections 16.6.126.0 (Version: 16.6.126.0)
iTunes (Version: 11.0.4.4)
Java 7 Update 21 (x32 Version: 7.0.210)
Java Auto Updater (x32 Version: 2.1.9.5)
JDownloader 0.9 (x32 Version: 0.9)
Metro 2033 (x32)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (x32 Version: 3.5.30730.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
NVIDIA 3D Vision Controller-Treiber 314.07 (Version: 314.07)
NVIDIA 3D Vision Treiber 314.07 (Version: 314.07)
NVIDIA Grafiktreiber 314.07 (Version: 314.07)
NVIDIA HD-Audiotreiber 1.3.23.1 (Version: 1.3.23.1)
NVIDIA Install Application (Version: 2.1002.109.706)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1407)
NVIDIA Systemsteuerung 314.07 (Version: 314.07)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
PunkBuster Services (x32 Version: 0.991)
Qualcomm Atheros WiFi Driver Installation (x32 Version: 9.2)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6570)
Resident Evil 6 (x32 Version: 1.0.5.153)
Star Wars: The Old Republic (x32 Version: 1.00)
StarCraft II (x32 Version: 2.0.4.24944)
Steam (x32 Version: 1.0.0.0)
SWF Opener (x32 Version: 1.3)
TeamSpeak 3 Client (x32 Version: 3.0.10.1)
The Witcher 2: Assassins of Kings Enhanced Edition (x32)
Tomb Raider (x32)
TortoiseSVN 1.7.11.23600 (64 bit) (Version: 1.7.23600)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Uplay (x32 Version: 2.0)
VLC media player 2.0.6 (Version: 2.0.6)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
==================== Restore Points =========================
26-05-2013 16:48:00 Geplanter Prüfpunkt
05-06-2013 16:03:47 Geplanter Prüfpunkt
13-06-2013 22:19:13 Windows Update
16-06-2013 18:50:27 DirectX wurde installiert
16-06-2013 19:07:06 Windows Update
24-06-2013 14:09:09 Gerätetreiber-Paketinstallation: DT Soft Ltd Systemgeräte
24-06-2013 14:28:04 TuneUp Utilities 2013 wird entfernt
24-06-2013 14:28:19 TuneUp Utilities Language Pack (de-DE) wird entfernt
==================== Scheduled Tasks (whitelisted) =============
Task: {0D9877B0-9529-4D8F-8D9A-03BE0AB48EAA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-28] (Google Inc.)
Task: {1EA21CB5-5885-4A4F-B989-429483585AAA} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)
Task: {96017127-55E6-4762-AA46-24DADF3D37FC} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe [2012-03-01] (ASUSTeK Computer Inc.)
Task: {C077BE0E-FE76-41CE-9D96-9E44A0B08B06} - System32\Tasks\DealPly => C:\Users\Drenalim\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE No File
Task: {C6A476AD-51D5-4E27-8884-EF907F12589C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F08022C1-F850-4458-8044-AFF9BF6D847A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-28] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Faulty Device Manager Devices =============
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/25/2013 04:01:10 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AsDLNAServerReal.exe, Version: 1.0.0.9, Zeitstempel: 0x4f4f54b1
Name des fehlerhaften Moduls: AsDLNAServerReal.exe, Version: 1.0.0.9, Zeitstempel: 0x4f4f54b1
Ausnahmecode: 0x40000015
Fehleroffset: 0x0001923a
ID des fehlerhaften Prozesses: 0x794
Startzeit der fehlerhaften Anwendung: 0xAsDLNAServerReal.exe0
Pfad der fehlerhaften Anwendung: AsDLNAServerReal.exe1
Pfad des fehlerhaften Moduls: AsDLNAServerReal.exe2
Berichtskennung: AsDLNAServerReal.exe3
Error: (06/25/2013 03:54:42 PM) (Source: Application Hang) (User: )
Description: Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1594
Startzeit: 01ce71ab25f30f95
Endzeit: 2
Anwendungspfad: C:\Users\Drenalim\Desktop\OTL.exe
Berichts-ID:
Error: (06/24/2013 05:15:27 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/18/2013 10:11:25 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/16/2013 06:21:40 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/13/2013 07:40:00 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AsDLNAServerReal.exe, Version: 1.0.0.9, Zeitstempel: 0x4f4f54b1
Name des fehlerhaften Moduls: AsDLNAServerReal.exe, Version: 1.0.0.9, Zeitstempel: 0x4f4f54b1
Ausnahmecode: 0x40000015
Fehleroffset: 0x0001923a
ID des fehlerhaften Prozesses: 0xfb0
Startzeit der fehlerhaften Anwendung: 0xAsDLNAServerReal.exe0
Pfad der fehlerhaften Anwendung: AsDLNAServerReal.exe1
Pfad des fehlerhaften Moduls: AsDLNAServerReal.exe2
Berichtskennung: AsDLNAServerReal.exe3
Error: (06/12/2013 00:24:01 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AsDLNAServerReal.exe, Version: 1.0.0.9, Zeitstempel: 0x4f4f54b1
Name des fehlerhaften Moduls: AsDLNAServerReal.exe, Version: 1.0.0.9, Zeitstempel: 0x4f4f54b1
Ausnahmecode: 0x40000015
Fehleroffset: 0x0001923a
ID des fehlerhaften Prozesses: 0xfbc
Startzeit der fehlerhaften Anwendung: 0xAsDLNAServerReal.exe0
Pfad der fehlerhaften Anwendung: AsDLNAServerReal.exe1
Pfad des fehlerhaften Moduls: AsDLNAServerReal.exe2
Berichtskennung: AsDLNAServerReal.exe3
Error: (06/11/2013 11:36:50 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AsDLNAServerReal.exe, Version: 1.0.0.9, Zeitstempel: 0x4f4f54b1
Name des fehlerhaften Moduls: AsDLNAServerReal.exe, Version: 1.0.0.9, Zeitstempel: 0x4f4f54b1
Ausnahmecode: 0x40000015
Fehleroffset: 0x0001923a
ID des fehlerhaften Prozesses: 0xe28
Startzeit der fehlerhaften Anwendung: 0xAsDLNAServerReal.exe0
Pfad der fehlerhaften Anwendung: AsDLNAServerReal.exe1
Pfad des fehlerhaften Moduls: AsDLNAServerReal.exe2
Berichtskennung: AsDLNAServerReal.exe3
Error: (06/11/2013 01:45:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/10/2013 08:43:10 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AsDLNAServerReal.exe, Version: 1.0.0.9, Zeitstempel: 0x4f4f54b1
Name des fehlerhaften Moduls: AsDLNAServerReal.exe, Version: 1.0.0.9, Zeitstempel: 0x4f4f54b1
Ausnahmecode: 0x40000015
Fehleroffset: 0x0001923a
ID des fehlerhaften Prozesses: 0xd78
Startzeit der fehlerhaften Anwendung: 0xAsDLNAServerReal.exe0
Pfad der fehlerhaften Anwendung: AsDLNAServerReal.exe1
Pfad des fehlerhaften Moduls: AsDLNAServerReal.exe2
Berichtskennung: AsDLNAServerReal.exe3
System errors:
=============
Error: (06/25/2013 04:02:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (06/25/2013 04:02:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (06/25/2013 03:30:27 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (06/25/2013 03:30:27 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (06/25/2013 01:36:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (06/25/2013 01:36:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (06/24/2013 04:12:45 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Installer" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (06/24/2013 04:10:45 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/24/2013 03:17:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (06/24/2013 03:17:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Microsoft Office Sessions:
=========================
Error: (06/25/2013 04:01:10 PM) (Source: Application Error)(User: )
Description: AsDLNAServerReal.exe1.0.0.94f4f54b1AsDLNAServerReal.exe1.0.0.94f4f54b1400000150001923a79401ce71ac5bd94c87C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exeC:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exeb00163a6-dd9f-11e2-996a-c86000e37760
Error: (06/25/2013 03:54:42 PM) (Source: Application Hang)(User: )
Description: OTL.exe3.2.69.0159401ce71ab25f30f952C:\Users\Drenalim\Desktop\OTL.exe
Error: (06/24/2013 05:15:27 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\program files (x86)\ASUS\ai suite ii\wi-fi engine\SoftAP.exe
Error: (06/18/2013 10:11:25 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\program files (x86)\ASUS\ai suite ii\wi-fi engine\SoftAP.exe
Error: (06/16/2013 06:21:40 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\program files (x86)\ASUS\ai suite ii\wi-fi engine\SoftAP.exe
Error: (06/13/2013 07:40:00 PM) (Source: Application Error)(User: )
Description: AsDLNAServerReal.exe1.0.0.94f4f54b1AsDLNAServerReal.exe1.0.0.94f4f54b1400000150001923afb001ce685cd18c1f10C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exeC:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe45200987-d450-11e2-95a5-c86000e37760
Error: (06/12/2013 00:24:01 PM) (Source: Application Error)(User: )
Description: AsDLNAServerReal.exe1.0.0.94f4f54b1AsDLNAServerReal.exe1.0.0.94f4f54b1400000150001923afbc01ce6756d0497368C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exeC:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe32aa5807-d34a-11e2-9f93-c86000e37760
Error: (06/11/2013 11:36:50 PM) (Source: Application Error)(User: )
Description: AsDLNAServerReal.exe1.0.0.94f4f54b1AsDLNAServerReal.exe1.0.0.94f4f54b1400000150001923ae2801ce66ebb851f61cC:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exeC:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe060016e5-d2df-11e2-b438-c86000e37760
Error: (06/11/2013 01:45:10 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\program files (x86)\ASUS\ai suite ii\wi-fi engine\SoftAP.exe
Error: (06/10/2013 08:43:10 PM) (Source: Application Error)(User: )
Description: AsDLNAServerReal.exe1.0.0.94f4f54b1AsDLNAServerReal.exe1.0.0.94f4f54b1400000150001923ad7801ce6609ecce01ebC:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exeC:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe98bbf32d-d1fd-11e2-b839-c86000e37760
CodeIntegrity Errors:
===================================
Date: 2013-06-25 16:00:26.732
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-25 15:58:36.388
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-25 15:40:01.044
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-25 15:28:23.869
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-25 13:35:12.498
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-24 17:23:03.101
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-24 16:23:00.909
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-24 16:08:13.340
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-24 15:15:36.318
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-20 10:43:13.779
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 22%
Total physical RAM: 8147.19 MB
Available physical RAM: 6302.99 MB
Total Pagefile: 16292.56 MB
Available Pagefile: 14279.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:1000 GB) (Free:725.02 GB) NTFS (Disk=0 Partition=3)
Drive d: () (Fixed) (Total:862.79 GB) (Free:680.84 GB) NTFS (Disk=0 Partition=4)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT Partition Type
==================== End Of Log ============================
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2013 01
Ran by Drenalim (administrator) on 25-06-2013 16:10:29
Running from C:\Users\Drenalim\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6463592 2012-02-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2P [1158248 2012-02-08] (Realtek Semiconductor)
HKCU\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [x]
HKCU\...\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3672640 2013-03-14] (Disc Soft Ltd)
MountPoints2: {cb03af97-72a9-11e2-b720-b3795870341a} - G:\setup.exe
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345312 2013-05-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [ASUS WiFi GO! FileTransfer Execute] C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe [1376896 2012-03-01] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKU\UpdatusUser\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3672640 2013-03-14] (Disc Soft Ltd)
HKU\UpdatusUser\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [x]
Startup: C:\Users\Drenalim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=671849f2-57e1-4930-8bb1-ee7a6496a329&searchtype=hp&installDate=24/06/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=671849f2-57e1-4930-8bb1-ee7a6496a329&searchtype=ds&q={searchTerms}&installDate=24/06/2013
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Chrome:
=======
CHR HomePage: hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=671849f2-57e1-4930-8bb1-ee7a6496a329&searchtype=hp&installDate={installDate}
CHR RestoreOnStartup: "https://www.google.com/", "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=671849f2-57e1-4930-8bb1-ee7a6496a329&searchtype=hp&installDate={installDate}", "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=671849f2-57e1-4930-8bb1-ee7a6496a329&searchtype=hp&installDate=24/06/2013"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Extension: (Google Docs) - C:\Users\Drenalim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Drenalim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Drenalim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Drenalim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail) - C:\Users\Drenalim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752 2013-03-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816 2013-03-31] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [918448 2011-10-29] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-02-09] ()
==================== Drivers (Whitelisted) ====================
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-31] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-31] (Avira Operations GmbH & Co. KG)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-24] (DT Soft Ltd)
U3 uwlcqkog; \??\C:\Users\Drenalim\AppData\Local\Temp\uwlcqkog.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-25 16:10 - 2013-06-25 16:10 - 00000000 ____D C:\FRST
2013-06-25 16:10 - 2013-06-25 16:09 - 01931854 ____A (Farbar) C:\Users\Drenalim\Desktop\FRST64.exe
2013-06-25 16:09 - 2013-06-25 16:09 - 01931854 ____A (Farbar) C:\Users\Drenalim\Downloads\FRST64.exe
2013-06-25 16:08 - 2013-06-25 16:08 - 00014331 ____A C:\Users\Drenalim\Desktop\Gmer.log
2013-06-25 16:00 - 2013-06-25 16:00 - 00000920 ____A C:\Users\Drenalim\Desktop\ADW.txt
2013-06-25 15:58 - 2013-06-25 15:59 - 00000920 ____A C:\AdwCleaner[S2].txt
2013-06-25 15:57 - 2013-06-25 15:57 - 00072576 ____A C:\Users\Drenalim\Desktop\Extras.Txt
2013-06-25 15:57 - 2013-06-25 15:57 - 00062338 ____A C:\Users\Drenalim\Desktop\OTL.Txt
2013-06-25 15:41 - 2013-06-25 15:41 - 00377856 ____A C:\Users\Drenalim\Downloads\gmer_2.1.19163.exe
2013-06-25 15:41 - 2013-06-25 15:41 - 00377856 ____A C:\Users\Drenalim\Desktop\gmer_2.1.19163.exe
2013-06-25 15:34 - 2013-06-25 15:34 - 00602112 ____A (OldTimer Tools) C:\Users\Drenalim\Desktop\OTL.exe
2013-06-25 15:26 - 2013-06-25 15:26 - 00002163 ____A C:\AdwCleaner[S1].txt
2013-06-25 15:25 - 2013-06-25 15:25 - 00648201 ____A C:\Users\Drenalim\Desktop\adwcleaner2303.exe
2013-06-24 16:10 - 2013-06-24 16:10 - 00000000 ____D C:\Users\Drenalim\AppData\Roaming\TuneUp Software
2013-06-24 16:10 - 2013-06-24 16:10 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-06-24 16:09 - 2013-06-24 16:09 - 00283200 ____A (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2013-06-24 16:09 - 2013-06-24 16:09 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-24 16:09 - 2013-06-24 16:09 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2013-06-20 00:45 - 2013-06-20 00:46 - 40323433 ____A C:\Users\Drenalim\Downloads\QOTSA.zip
2013-06-20 00:20 - 2013-06-20 01:33 - 00000000 ____D C:\Users\Drenalim\Desktop\Queens of the Stoneage
2013-06-19 23:58 - 2013-06-20 00:07 - 00000000 ____D C:\Users\Drenalim\Desktop\otl, extras, gmer
2013-06-19 23:51 - 2013-06-19 23:53 - 00000000 ____D C:\Users\Drenalim\Desktop\Sony
2013-06-18 21:45 - 2013-06-18 21:45 - 00000000 ____D C:\Users\Drenalim\Downloads\Turkish_mixed
2013-06-18 20:45 - 2013-06-18 20:45 - 00000000 ____D C:\Users\Drenalim\Downloads\orhasesmok
2013-06-18 20:24 - 2013-06-18 21:16 - 225034551 ____A C:\Users\Drenalim\Downloads\Turkish_mixed.rar
2013-06-18 19:11 - 2013-06-18 19:11 - 00000000 ____D C:\Users\Drenalim\Desktop\items
2013-06-18 12:45 - 2013-06-18 12:45 - 00000000 ____D C:\Users\Drenalim\Downloads\xen01
2013-06-16 21:07 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-16 21:07 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-16 21:07 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-16 21:07 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-16 21:07 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-16 21:07 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-16 21:07 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-16 21:07 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-16 21:07 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-16 21:07 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-16 21:07 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-16 21:07 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-16 20:51 - 2013-06-18 21:48 - 00000000 ____D C:\Users\Drenalim\Documents\Witcher 2
2013-06-16 20:51 - 2013-06-16 20:51 - 00000000 ____D C:\Users\Drenalim\AppData\Local\The Witcher 2
2013-06-16 20:47 - 2013-06-16 20:48 - 00624648 ____A C:\Users\Drenalim\Downloads\W2_Triss_Nude_Patch.zip
2013-06-16 17:34 - 2013-06-16 17:34 - 00617312 ____A (www.download-sponsor.de) C:\Users\Drenalim\Downloads\W2_Triss_Nude_Patch_NCDownloader.exe
2013-06-16 17:25 - 2013-06-16 17:25 - 00000201 ____A C:\Users\Drenalim\Desktop\The Witcher 2 Assassins of Kings Enhanced Edition.url
2013-06-14 00:19 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-14 00:19 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-14 00:19 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-14 00:19 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-14 00:19 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-14 00:19 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-14 00:19 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-14 00:19 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-14 00:19 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-14 00:19 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-14 00:19 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-14 00:19 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-14 00:19 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-14 00:19 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-14 00:19 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-14 00:19 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-14 00:19 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-14 00:19 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-14 00:19 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-13 19:44 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-13 19:44 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-13 19:44 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-13 19:44 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-13 19:44 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-13 19:44 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-13 19:44 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-13 19:44 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-13 19:44 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-13 19:44 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-13 19:44 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-13 19:44 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-13 19:44 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-13 19:44 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-13 19:44 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-13 19:44 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-13 19:44 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-13 19:44 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-13 19:44 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\Program Files\iTunes
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\Program Files\iPod
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-05-31 13:55 - 2013-05-31 13:57 - 00000000 ____D C:\Users\Drenalim\Desktop\iphone 31.05
2013-05-31 11:22 - 2013-05-31 11:23 - 00000000 ____D C:\Users\Drenalim\Desktop\Top100
2013-05-30 22:14 - 2013-05-30 22:14 - 00000000 ____D C:\Users\Drenalim\Downloads\Battle Angel Alita
2013-05-28 12:59 - 2013-05-28 13:02 - 17494653 ____A C:\Users\Drenalim\Downloads\fairy_tail_322.zip
2013-05-28 12:59 - 2013-05-28 13:01 - 11192702 ____A C:\Users\Drenalim\Downloads\fairy_tail_319.zip
2013-05-28 12:59 - 2013-05-28 13:01 - 10662310 ____A C:\Users\Drenalim\Downloads\fairy_tail_320.zip
2013-05-28 12:59 - 2013-05-28 13:01 - 09851850 ____A C:\Users\Drenalim\Downloads\fairy_tail_321.zip
2013-05-28 12:57 - 2013-05-28 12:59 - 11184758 ____A C:\Users\Drenalim\Downloads\fairy_tail_318.zip
2013-05-28 12:57 - 2013-05-28 12:59 - 11035501 ____A C:\Users\Drenalim\Downloads\fairy_tail_315.zip
2013-05-28 12:57 - 2013-05-28 12:58 - 10161981 ____A C:\Users\Drenalim\Downloads\fairy_tail_316.zip
2013-05-28 12:57 - 2013-05-28 12:58 - 09821258 ____A C:\Users\Drenalim\Downloads\fairy_tail_317.zip
2013-05-28 12:54 - 2013-05-28 12:56 - 13290768 ____A C:\Users\Drenalim\Downloads\fairy_tail_312.zip
2013-05-28 12:54 - 2013-05-28 12:56 - 10883220 ____A C:\Users\Drenalim\Downloads\fairy_tail_314.zip
2013-05-28 12:54 - 2013-05-28 12:55 - 09679402 ____A C:\Users\Drenalim\Downloads\fairy_tail_313.zip
2013-05-28 12:54 - 2013-05-28 12:55 - 09542024 ____A C:\Users\Drenalim\Downloads\fairy_tail_311.zip
2013-05-28 12:52 - 2013-05-28 12:54 - 10743801 ____A C:\Users\Drenalim\Downloads\fairy_tail_307.zip
2013-05-28 12:52 - 2013-05-28 12:54 - 09885327 ____A C:\Users\Drenalim\Downloads\fairy_tail_308.zip
2013-05-28 12:52 - 2013-05-28 12:54 - 09337082 ____A C:\Users\Drenalim\Downloads\fairy_tail_310.zip
2013-05-28 12:52 - 2013-05-28 12:54 - 08750327 ____A C:\Users\Drenalim\Downloads\fairy_tail_309.zip
2013-05-28 12:47 - 2013-05-28 12:48 - 10095821 ____A C:\Users\Drenalim\Downloads\fairy_tail_306.zip
2013-05-28 12:47 - 2013-05-28 12:48 - 09900564 ____A C:\Users\Drenalim\Downloads\fairy_tail_305.zip
2013-05-28 12:47 - 2013-05-28 12:48 - 09537966 ____A C:\Users\Drenalim\Downloads\fairy_tail_304.zip
2013-05-28 12:47 - 2013-05-28 12:48 - 08598684 ____A C:\Users\Drenalim\Downloads\fairy_tail_303.zip
2013-05-28 12:45 - 2013-05-28 12:47 - 11010760 ____A C:\Users\Drenalim\Downloads\fairy_tail_299.zip
2013-05-28 12:45 - 2013-05-28 12:46 - 10112162 ____A C:\Users\Drenalim\Downloads\fairy_tail_300.zip
2013-05-28 12:45 - 2013-05-28 12:46 - 09745158 ____A C:\Users\Drenalim\Downloads\fairy_tail_302.zip
2013-05-28 12:45 - 2013-05-28 12:46 - 09541797 ____A C:\Users\Drenalim\Downloads\fairy_tail_301.zip
2013-05-28 12:40 - 2013-05-28 12:42 - 13727892 ____A C:\Users\Drenalim\Downloads\fairy_tail_295.zip
2013-05-28 12:40 - 2013-05-28 12:42 - 11042799 ____A C:\Users\Drenalim\Downloads\fairy_tail_296.zip
2013-05-28 12:40 - 2013-05-28 12:42 - 10931657 ____A C:\Users\Drenalim\Downloads\fairy_tail_298.zip
2013-05-28 12:40 - 2013-05-28 12:42 - 10143891 ____A C:\Users\Drenalim\Downloads\fairy_tail_297.zip
2013-05-28 12:35 - 2013-05-28 12:37 - 15762255 ____A C:\Users\Drenalim\Downloads\fairy_tail_294.zip
2013-05-28 12:35 - 2013-05-28 12:37 - 12303084 ____A C:\Users\Drenalim\Downloads\fairy_tail_291.zip
2013-05-28 12:35 - 2013-05-28 12:36 - 09094292 ____A C:\Users\Drenalim\Downloads\fairy_tail_292.zip
2013-05-28 12:35 - 2013-05-28 12:36 - 08983579 ____A C:\Users\Drenalim\Downloads\fairy_tail_293.zip
2013-05-28 12:32 - 2013-05-28 12:33 - 09456982 ____A C:\Users\Drenalim\Downloads\fairy_tail_287.zip
2013-05-28 12:32 - 2013-05-28 12:33 - 08527885 ____A C:\Users\Drenalim\Downloads\fairy_tail_288.zip
2013-05-28 12:32 - 2013-05-28 12:33 - 08496045 ____A C:\Users\Drenalim\Downloads\fairy_tail_290.zip
2013-05-28 12:32 - 2013-05-28 12:33 - 07954078 ____A C:\Users\Drenalim\Downloads\fairy_tail_289.zip
2013-05-28 12:27 - 2013-05-28 12:28 - 08356739 ____A C:\Users\Drenalim\Downloads\fairy_tail_285.zip
2013-05-28 12:27 - 2013-05-28 12:28 - 07268357 ____A C:\Users\Drenalim\Downloads\fairy_tail_286.zip
2013-05-28 12:26 - 2013-05-28 12:28 - 07732548 ____A C:\Users\Drenalim\Downloads\fairy_tail_283.zip
2013-05-28 12:26 - 2013-05-28 12:28 - 07599022 ____A C:\Users\Drenalim\Downloads\fairy_tail_284.zip
2013-05-28 12:22 - 2013-05-28 12:24 - 08880350 ____A C:\Users\Drenalim\Downloads\fairy_tail_279.zip
2013-05-28 12:22 - 2013-05-28 12:24 - 08355404 ____A C:\Users\Drenalim\Downloads\fairy_tail_282.zip
2013-05-28 12:22 - 2013-05-28 12:24 - 07737961 ____A C:\Users\Drenalim\Downloads\fairy_tail_281.zip
2013-05-28 12:22 - 2013-05-28 12:23 - 07256018 ____A C:\Users\Drenalim\Downloads\fairy_tail_280.zip
2013-05-28 12:20 - 2013-05-28 12:21 - 08529176 ____A C:\Users\Drenalim\Downloads\fairy_tail_278.zip
2013-05-28 12:20 - 2013-05-28 12:21 - 06681535 ____A C:\Users\Drenalim\Downloads\fairy_tail_276.zip
2013-05-28 12:20 - 2013-05-28 12:21 - 06515855 ____A C:\Users\Drenalim\Downloads\fairy_tail_275.zip
2013-05-28 12:20 - 2013-05-28 12:21 - 05910571 ____A C:\Users\Drenalim\Downloads\fairy_tail_277.zip
2013-05-28 12:15 - 2013-05-28 12:17 - 06923232 ____A C:\Users\Drenalim\Downloads\fairy_tail_271.zip
2013-05-28 12:15 - 2013-05-28 12:17 - 06893552 ____A C:\Users\Drenalim\Downloads\fairy_tail_272.zip
2013-05-28 12:15 - 2013-05-28 12:17 - 06628564 ____A C:\Users\Drenalim\Downloads\fairy_tail_273.zip
2013-05-28 12:15 - 2013-05-28 12:17 - 06594431 ____A C:\Users\Drenalim\Downloads\fairy_tail_274.zip
2013-05-28 12:14 - 2013-05-28 12:15 - 09088739 ____A C:\Users\Drenalim\Downloads\fairy_tail_269.zip
2013-05-28 12:14 - 2013-05-28 12:15 - 08889900 ____A C:\Users\Drenalim\Downloads\fairy_tail_270.zip
2013-05-28 12:14 - 2013-05-28 12:15 - 07328724 ____A C:\Users\Drenalim\Downloads\fairy_tail_267.zip
2013-05-28 12:14 - 2013-05-28 12:15 - 06576113 ____A C:\Users\Drenalim\Downloads\fairy_tail_268.zip
2013-05-28 12:12 - 2013-05-28 12:13 - 09591499 ____A C:\Users\Drenalim\Downloads\fairy_tail_264.zip
2013-05-28 12:12 - 2013-05-28 12:13 - 09011613 ____A C:\Users\Drenalim\Downloads\fairy_tail_265.zip
2013-05-28 12:12 - 2013-05-28 12:13 - 08370337 ____A C:\Users\Drenalim\Downloads\fairy_tail_266.zip
2013-05-28 12:12 - 2013-05-28 12:13 - 07121416 ____A C:\Users\Drenalim\Downloads\fairy_tail_263.zip
2013-05-28 12:07 - 2013-05-28 12:09 - 10252117 ____A C:\Users\Drenalim\Downloads\fairy_tail_259.zip
2013-05-28 12:07 - 2013-05-28 12:09 - 08923937 ____A C:\Users\Drenalim\Downloads\fairy_tail_261.zip
2013-05-28 12:07 - 2013-05-28 12:09 - 08095716 ____A C:\Users\Drenalim\Downloads\fairy_tail_260.zip
2013-05-28 12:07 - 2013-05-28 12:09 - 07686716 ____A C:\Users\Drenalim\Downloads\fairy_tail_262.zip
2013-05-28 12:03 - 2013-05-28 12:04 - 09427506 ____A C:\Users\Drenalim\Downloads\fairy_tail_258.zip
2013-05-28 12:03 - 2013-05-28 12:04 - 09083243 ____A C:\Users\Drenalim\Downloads\fairy_tail_257.zip
2013-05-28 12:03 - 2013-05-28 12:04 - 08307296 ____A C:\Users\Drenalim\Downloads\fairy_tail_255.zip
2013-05-28 12:03 - 2013-05-28 12:04 - 08275580 ____A C:\Users\Drenalim\Downloads\fairy_tail_256.zip
2013-05-28 11:58 - 2013-05-28 11:59 - 09860239 ____A C:\Users\Drenalim\Downloads\fairy_tail_252.zip
2013-05-28 11:58 - 2013-05-28 11:59 - 09626432 ____A C:\Users\Drenalim\Downloads\fairy_tail_254.zip
2013-05-28 11:58 - 2013-05-28 11:59 - 09096973 ____A C:\Users\Drenalim\Downloads\fairy_tail_253.zip
2013-05-28 11:58 - 2013-05-28 11:59 - 07689842 ____A C:\Users\Drenalim\Downloads\fairy_tail_251.zip
2013-05-28 11:54 - 2013-05-28 11:55 - 09113842 ____A C:\Users\Drenalim\Downloads\fairy_tail_248.zip
2013-05-28 11:54 - 2013-05-28 11:55 - 08964381 ____A C:\Users\Drenalim\Downloads\fairy_tail_247.zip
2013-05-28 11:54 - 2013-05-28 11:55 - 08953074 ____A C:\Users\Drenalim\Downloads\fairy_tail_249.zip
2013-05-28 11:54 - 2013-05-28 11:55 - 06769384 ____A C:\Users\Drenalim\Downloads\fairy_tail_250.zip
2013-05-26 19:51 - 2013-05-26 19:53 - 09532690 ____A C:\Users\Drenalim\Downloads\fairy_tail_246.zip
2013-05-26 19:51 - 2013-05-26 19:53 - 09403052 ____A C:\Users\Drenalim\Downloads\fairy_tail_244.zip
2013-05-26 19:51 - 2013-05-26 19:52 - 09277618 ____A C:\Users\Drenalim\Downloads\fairy_tail_243.zip
2013-05-26 19:51 - 2013-05-26 19:52 - 09077516 ____A C:\Users\Drenalim\Downloads\fairy_tail_245.zip
2013-05-26 19:44 - 2013-05-26 19:46 - 11863281 ____A C:\Users\Drenalim\Downloads\fairy_tail_241.zip
2013-05-26 19:44 - 2013-05-26 19:46 - 08960366 ____A C:\Users\Drenalim\Downloads\fairy_tail_242.zip
2013-05-26 19:44 - 2013-05-26 19:45 - 09267573 ____A C:\Users\Drenalim\Downloads\fairy_tail_240.zip
2013-05-26 19:44 - 2013-05-26 19:45 - 08810380 ____A C:\Users\Drenalim\Downloads\fairy_tail_239.zip
2013-05-26 19:38 - 2013-05-26 19:39 - 09900343 ____A C:\Users\Drenalim\Downloads\fairy_tail_237.zip
2013-05-26 19:38 - 2013-05-26 19:39 - 09733445 ____A C:\Users\Drenalim\Downloads\fairy_tail_238.zip
2013-05-26 19:37 - 2013-05-26 19:39 - 10529421 ____A C:\Users\Drenalim\Downloads\fairy_tail_235.zip
2013-05-26 19:37 - 2013-05-26 19:39 - 10290119 ____A C:\Users\Drenalim\Downloads\fairy_tail_236.zip
2013-05-26 19:30 - 2013-05-26 19:31 - 09599149 ____A C:\Users\Drenalim\Downloads\fairy_tail_234.zip
2013-05-26 19:29 - 2013-05-26 19:31 - 11424485 ____A C:\Users\Drenalim\Downloads\fairy_tail_231.zip
2013-05-26 19:29 - 2013-05-26 19:31 - 09447631 ____A C:\Users\Drenalim\Downloads\fairy_tail_233.zip
2013-05-26 19:29 - 2013-05-26 19:31 - 08330068 ____A C:\Users\Drenalim\Downloads\fairy_tail_232.zip
2013-05-26 19:24 - 2013-05-26 19:25 - 10872365 ____A C:\Users\Drenalim\Downloads\fairy_tail_228.zip
2013-05-26 19:24 - 2013-05-26 19:25 - 07707067 ____A C:\Users\Drenalim\Downloads\fairy_tail_229.zip
2013-05-26 19:24 - 2013-05-26 19:25 - 07645439 ____A C:\Users\Drenalim\Downloads\fairy_tail_230.zip
2013-05-26 19:24 - 2013-05-26 19:24 - 04239652 ____A C:\Users\Drenalim\Downloads\fairy_tail_227.zip
2013-05-26 19:18 - 2013-05-26 19:19 - 06785814 ____A C:\Users\Drenalim\Downloads\fairy_tail_225.zip
2013-05-26 19:18 - 2013-05-26 19:19 - 05963375 ____A C:\Users\Drenalim\Downloads\fairy_tail_223.zip
2013-05-26 19:18 - 2013-05-26 19:19 - 05503223 ____A C:\Users\Drenalim\Downloads\fairy_tail_224.zip
2013-05-26 19:18 - 2013-05-26 19:19 - 05485110 ____A C:\Users\Drenalim\Downloads\fairy_tail_226.zip
2013-05-26 19:15 - 2013-05-26 19:17 - 09065345 ____A C:\Users\Drenalim\Downloads\fairy_tail_220.zip
2013-05-26 19:15 - 2013-05-26 19:16 - 06666409 ____A C:\Users\Drenalim\Downloads\fairy_tail_221.zip
2013-05-26 19:15 - 2013-05-26 19:16 - 06390146 ____A C:\Users\Drenalim\Downloads\fairy_tail_222.zip
2013-05-26 19:15 - 2013-05-26 19:16 - 06162391 ____A C:\Users\Drenalim\Downloads\fairy_tail_219.zip
2013-05-26 19:12 - 2013-05-26 19:13 - 08167770 ____A C:\Users\Drenalim\Downloads\fairy_tail_217.zip
2013-05-26 19:12 - 2013-05-26 19:13 - 07458831 ____A C:\Users\Drenalim\Downloads\fairy_tail_215.zip
2013-05-26 19:12 - 2013-05-26 19:13 - 06432400 ____A C:\Users\Drenalim\Downloads\fairy_tail_216.zip
2013-05-26 19:12 - 2013-05-26 19:13 - 06247260 ____A C:\Users\Drenalim\Downloads\fairy_tail_218.zip
2013-05-26 19:09 - 2013-05-26 19:10 - 06426956 ____A C:\Users\Drenalim\Downloads\fairy_tail_214.zip
2013-05-26 19:09 - 2013-05-26 19:10 - 06323249 ____A C:\Users\Drenalim\Downloads\fairy_tail_213.zip
2013-05-26 19:09 - 2013-05-26 19:09 - 05085299 ____A C:\Users\Drenalim\Downloads\fairy_tail_211.zip
2013-05-26 19:09 - 2013-05-26 19:09 - 05061505 ____A C:\Users\Drenalim\Downloads\fairy_tail_212.zip
2013-05-26 19:07 - 2013-05-26 19:08 - 08755768 ____A C:\Users\Drenalim\Downloads\fairy_tail_207.zip
2013-05-26 19:07 - 2013-05-26 19:08 - 06435463 ____A C:\Users\Drenalim\Downloads\fairy_tail_208.zip
2013-05-26 19:07 - 2013-05-26 19:08 - 06242999 ____A C:\Users\Drenalim\Downloads\fairy_tail_210.zip
2013-05-26 19:07 - 2013-05-26 19:08 - 05178800 ____A C:\Users\Drenalim\Downloads\fairy_tail_209.zip
2013-05-26 19:05 - 2013-05-26 19:06 - 06660638 ____A C:\Users\Drenalim\Downloads\fairy_tail_204.zip
2013-05-26 19:05 - 2013-05-26 19:06 - 06659025 ____A C:\Users\Drenalim\Downloads\fairy_tail_206.zip
2013-05-26 19:05 - 2013-05-26 19:06 - 06498405 ____A C:\Users\Drenalim\Downloads\fairy_tail_205.zip
2013-05-26 19:05 - 2013-05-26 19:06 - 06226733 ____A C:\Users\Drenalim\Downloads\fairy_tail_203.zip
2013-05-26 19:02 - 2013-05-26 19:03 - 08588101 ____A C:\Users\Drenalim\Downloads\fairy_tail_200.zip
2013-05-26 19:02 - 2013-05-26 19:03 - 05752050 ____A C:\Users\Drenalim\Downloads\fairy_tail_201.zip
2013-05-26 19:02 - 2013-05-26 19:03 - 05315240 ____A C:\Users\Drenalim\Downloads\fairy_tail_202.zip
2013-05-26 19:01 - 2013-05-26 19:03 - 06821944 ____A C:\Users\Drenalim\Downloads\fairy_tail_199.zip
2013-05-26 18:18 - 2013-05-26 18:19 - 06785281 ____A C:\Users\Drenalim\Downloads\fairy_tail_196.zip
2013-05-26 18:18 - 2013-05-26 18:19 - 06709143 ____A C:\Users\Drenalim\Downloads\fairy_tail_195.zip
2013-05-26 18:18 - 2013-05-26 18:19 - 06640543 ____A C:\Users\Drenalim\Downloads\fairy_tail_197.zip
2013-05-26 18:18 - 2013-05-26 18:19 - 05686950 ____A C:\Users\Drenalim\Downloads\fairy_tail_198.zip
2013-05-26 18:16 - 2013-05-26 18:18 - 10394585 ____A C:\Users\Drenalim\Downloads\fairy_tail_194.zip
2013-05-26 18:16 - 2013-05-26 18:17 - 06556432 ____A C:\Users\Drenalim\Downloads\fairy_tail_192.zip
2013-05-26 18:16 - 2013-05-26 18:17 - 05439614 ____A C:\Users\Drenalim\Downloads\fairy_tail_191.zip
2013-05-26 18:16 - 2013-05-26 18:17 - 05229800 ____A C:\Users\Drenalim\Downloads\fairy_tail_193.zip
2013-05-26 18:10 - 2013-05-26 18:11 - 05771692 ____A C:\Users\Drenalim\Downloads\fairy_tail_190.zip
2013-05-26 18:10 - 2013-05-26 18:11 - 05314942 ____A C:\Users\Drenalim\Downloads\fairy_tail_189.zip
2013-05-26 18:10 - 2013-05-26 18:11 - 04668288 ____A C:\Users\Drenalim\Downloads\fairy_tail_188.zip
2013-05-26 18:08 - 2013-05-26 18:09 - 06153634 ____A C:\Users\Drenalim\Downloads\fairy_tail_187.zip
2013-05-26 18:08 - 2013-05-26 18:09 - 05582268 ____A C:\Users\Drenalim\Downloads\fairy_tail_184.zip
2013-05-26 18:08 - 2013-05-26 18:09 - 05113601 ____A C:\Users\Drenalim\Downloads\fairy_tail_185.zip
2013-05-26 18:08 - 2013-05-26 18:09 - 04739575 ____A C:\Users\Drenalim\Downloads\fairy_tail_186.zip
2013-05-26 18:05 - 2013-05-26 18:06 - 05616527 ____A C:\Users\Drenalim\Downloads\fairy_tail_183.zip
2013-05-26 18:05 - 2013-05-26 18:06 - 05529654 ____A C:\Users\Drenalim\Downloads\fairy_tail_182.zip
2013-05-26 18:05 - 2013-05-26 18:05 - 04957600 ____A C:\Users\Drenalim\Downloads\fairy_tail_181.zip
2013-05-26 18:05 - 2013-05-26 18:05 - 03033347 ____A C:\Users\Drenalim\Downloads\fairy_tail_182.5.zip
2013-05-26 17:59 - 2013-05-26 18:00 - 06195544 ____A C:\Users\Drenalim\Downloads\fairy_tail_179.zip
2013-05-26 17:59 - 2013-05-26 18:00 - 05731409 ____A C:\Users\Drenalim\Downloads\fairy_tail_178.zip
2013-05-26 17:59 - 2013-05-26 18:00 - 05538264 ____A C:\Users\Drenalim\Downloads\fairy_tail_180.zip
2013-05-26 17:59 - 2013-05-26 18:00 - 04836111 ____A C:\Users\Drenalim\Downloads\fairy_tail_177.zip
2013-05-26 17:56 - 2013-05-26 17:57 - 05431147 ____A C:\Users\Drenalim\Downloads\fairy_tail_175.zip
2013-05-26 17:56 - 2013-05-26 17:57 - 05240610 ____A C:\Users\Drenalim\Downloads\fairy_tail_173.zip
2013-05-26 17:56 - 2013-05-26 17:57 - 04440783 ____A C:\Users\Drenalim\Downloads\fairy_tail_174.zip
2013-05-26 17:56 - 2013-05-26 17:57 - 04279654 ____A C:\Users\Drenalim\Downloads\fairy_tail_176.zip
2013-05-26 17:52 - 2013-05-26 17:53 - 04629780 ____A C:\Users\Drenalim\Downloads\fairy_tail_170.zip
2013-05-26 17:52 - 2013-05-26 17:53 - 04597711 ____A C:\Users\Drenalim\Downloads\fairy_tail_171.zip
2013-05-26 17:52 - 2013-05-26 17:53 - 04387189 ____A C:\Users\Drenalim\Downloads\fairy_tail_169.zip
2013-05-26 17:52 - 2013-05-26 17:53 - 04253128 ____A C:\Users\Drenalim\Downloads\fairy_tail_172.zip
2013-05-26 17:46 - 2013-05-26 17:48 - 06141795 ____A C:\Users\Drenalim\Downloads\fairy_tail_168.zip
2013-05-26 17:46 - 2013-05-26 17:48 - 05218850 ____A C:\Users\Drenalim\Downloads\fairy_tail_167.zip
2013-05-26 17:46 - 2013-05-26 17:48 - 04903685 ____A C:\Users\Drenalim\Downloads\fairy_tail_166.zip
2013-05-26 17:46 - 2013-05-26 17:47 - 06673659 ____A C:\Users\Drenalim\Downloads\fairy_tail_165.zip
2013-05-26 17:41 - 2013-05-26 17:42 - 04968191 ____A C:\Users\Drenalim\Downloads\fairy_tail_164.zip
==================== One Month Modified Files and Folders =======
2013-06-25 16:10 - 2013-06-25 16:10 - 00000000 ____D C:\FRST
2013-06-25 16:09 - 2013-06-25 16:10 - 01931854 ____A (Farbar) C:\Users\Drenalim\Desktop\FRST64.exe
2013-06-25 16:09 - 2013-06-25 16:09 - 01931854 ____A (Farbar) C:\Users\Drenalim\Downloads\FRST64.exe
2013-06-25 16:08 - 2013-06-25 16:08 - 00014331 ____A C:\Users\Drenalim\Desktop\Gmer.log
2013-06-25 16:07 - 2009-07-14 06:45 - 00014800 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-25 16:07 - 2009-07-14 06:45 - 00014800 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-25 16:06 - 2009-07-14 19:58 - 00653928 ____A C:\Windows\System32\perfh007.dat
2013-06-25 16:06 - 2009-07-14 19:58 - 00129800 ____A C:\Windows\System32\perfc007.dat
2013-06-25 16:06 - 2009-07-14 07:13 - 01498506 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-25 16:00 - 2013-06-25 16:00 - 00000920 ____A C:\Users\Drenalim\Desktop\ADW.txt
2013-06-25 16:00 - 2013-01-28 14:38 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-25 16:00 - 2013-01-28 14:37 - 00000000 ____D C:\Users\Drenalim\AppData\Local\Deployment
2013-06-25 15:59 - 2013-06-25 15:58 - 00000920 ____A C:\AdwCleaner[S2].txt
2013-06-25 15:59 - 2013-01-28 14:34 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-25 15:59 - 2013-01-28 14:21 - 02061453 ____A C:\Windows\WindowsUpdate.log
2013-06-25 15:59 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-25 15:59 - 2009-07-14 06:51 - 00037853 ____A C:\Windows\setupact.log
2013-06-25 15:57 - 2013-06-25 15:57 - 00072576 ____A C:\Users\Drenalim\Desktop\Extras.Txt
2013-06-25 15:57 - 2013-06-25 15:57 - 00062338 ____A C:\Users\Drenalim\Desktop\OTL.Txt
2013-06-25 15:53 - 2013-01-28 14:38 - 00001114 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-25 15:41 - 2013-06-25 15:41 - 00377856 ____A C:\Users\Drenalim\Downloads\gmer_2.1.19163.exe
2013-06-25 15:41 - 2013-06-25 15:41 - 00377856 ____A C:\Users\Drenalim\Desktop\gmer_2.1.19163.exe
2013-06-25 15:34 - 2013-06-25 15:34 - 00602112 ____A (OldTimer Tools) C:\Users\Drenalim\Desktop\OTL.exe
2013-06-25 15:26 - 2013-06-25 15:26 - 00002163 ____A C:\AdwCleaner[S1].txt
2013-06-25 15:25 - 2013-06-25 15:25 - 00648201 ____A C:\Users\Drenalim\Desktop\adwcleaner2303.exe
2013-06-25 15:17 - 2013-03-19 17:51 - 00000000 ____D C:\Users\Drenalim\AppData\Roaming\Notepad++
2013-06-25 15:17 - 2013-03-19 17:51 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-06-25 13:34 - 2013-02-16 14:35 - 00000000 ____D C:\Users\Drenalim\AppData\Local\TSVNCache
2013-06-25 13:34 - 2013-01-28 14:45 - 00100922 ____A C:\Windows\PFRO.log
2013-06-24 16:10 - 2013-06-24 16:10 - 00000000 ____D C:\Users\Drenalim\AppData\Roaming\TuneUp Software
2013-06-24 16:10 - 2013-06-24 16:10 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-06-24 16:09 - 2013-06-24 16:09 - 00283200 ____A (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2013-06-24 16:09 - 2013-06-24 16:09 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-24 16:09 - 2013-06-24 16:09 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2013-06-20 01:33 - 2013-06-20 00:20 - 00000000 ____D C:\Users\Drenalim\Desktop\Queens of the Stoneage
2013-06-20 00:46 - 2013-06-20 00:45 - 40323433 ____A C:\Users\Drenalim\Downloads\QOTSA.zip
2013-06-20 00:07 - 2013-06-19 23:58 - 00000000 ____D C:\Users\Drenalim\Desktop\otl, extras, gmer
2013-06-19 23:53 - 2013-06-19 23:51 - 00000000 ____D C:\Users\Drenalim\Desktop\Sony
2013-06-18 21:48 - 2013-06-16 20:51 - 00000000 ____D C:\Users\Drenalim\Documents\Witcher 2
2013-06-18 21:45 - 2013-06-18 21:45 - 00000000 ____D C:\Users\Drenalim\Downloads\Turkish_mixed
2013-06-18 21:16 - 2013-06-18 20:24 - 225034551 ____A C:\Users\Drenalim\Downloads\Turkish_mixed.rar
2013-06-18 20:45 - 2013-06-18 20:45 - 00000000 ____D C:\Users\Drenalim\Downloads\orhasesmok
2013-06-18 19:11 - 2013-06-18 19:11 - 00000000 ____D C:\Users\Drenalim\Desktop\items
2013-06-18 12:45 - 2013-06-18 12:45 - 00000000 ____D C:\Users\Drenalim\Downloads\xen01
2013-06-16 20:51 - 2013-06-16 20:51 - 00000000 ____D C:\Users\Drenalim\AppData\Local\The Witcher 2
2013-06-16 20:51 - 2013-02-09 13:42 - 00102484 ____A C:\Windows\DirectX.log
2013-06-16 20:48 - 2013-06-16 20:47 - 00624648 ____A C:\Users\Drenalim\Downloads\W2_Triss_Nude_Patch.zip
2013-06-16 18:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-16 17:34 - 2013-06-16 17:34 - 00617312 ____A (www.download-sponsor.de) C:\Users\Drenalim\Downloads\W2_Triss_Nude_Patch_NCDownloader.exe
2013-06-16 17:25 - 2013-06-16 17:25 - 00000201 ____A C:\Users\Drenalim\Desktop\The Witcher 2 Assassins of Kings Enhanced Edition.url
2013-06-14 00:20 - 2013-02-06 14:01 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-10 22:18 - 2013-04-02 17:59 - 00000000 ____D C:\Users\Drenalim\AppData\Roaming\TS3Client
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\Program Files\iTunes
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\Program Files\iPod
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-08 16:08 - 2013-06-16 21:07 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-16 21:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-16 21:07 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-16 21:07 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-16 21:07 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-16 21:07 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-16 21:07 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-16 21:07 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-16 21:07 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-16 21:07 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-16 21:07 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-16 21:07 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-05 17:37 - 2013-05-20 23:07 - 00000000 ____D C:\Users\Drenalim\Downloads\fairy tail
2013-05-31 13:57 - 2013-05-31 13:55 - 00000000 ____D C:\Users\Drenalim\Desktop\iphone 31.05
2013-05-31 11:23 - 2013-05-31 11:22 - 00000000 ____D C:\Users\Drenalim\Desktop\Top100
2013-05-30 22:14 - 2013-05-30 22:14 - 00000000 ____D C:\Users\Drenalim\Downloads\Battle Angel Alita
2013-05-28 13:02 - 2013-05-28 12:59 - 17494653 ____A C:\Users\Drenalim\Downloads\fairy_tail_322.zip
2013-05-28 13:01 - 2013-05-28 12:59 - 11192702 ____A C:\Users\Drenalim\Downloads\fairy_tail_319.zip
2013-05-28 13:01 - 2013-05-28 12:59 - 10662310 ____A C:\Users\Drenalim\Downloads\fairy_tail_320.zip
2013-05-28 13:01 - 2013-05-28 12:59 - 09851850 ____A C:\Users\Drenalim\Downloads\fairy_tail_321.zip
2013-05-28 12:59 - 2013-05-28 12:57 - 11184758 ____A C:\Users\Drenalim\Downloads\fairy_tail_318.zip
2013-05-28 12:59 - 2013-05-28 12:57 - 11035501 ____A C:\Users\Drenalim\Downloads\fairy_tail_315.zip
2013-05-28 12:58 - 2013-05-28 12:57 - 10161981 ____A C:\Users\Drenalim\Downloads\fairy_tail_316.zip
2013-05-28 12:58 - 2013-05-28 12:57 - 09821258 ____A C:\Users\Drenalim\Downloads\fairy_tail_317.zip
2013-05-28 12:56 - 2013-05-28 12:54 - 13290768 ____A C:\Users\Drenalim\Downloads\fairy_tail_312.zip
2013-05-28 12:56 - 2013-05-28 12:54 - 10883220 ____A C:\Users\Drenalim\Downloads\fairy_tail_314.zip
2013-05-28 12:55 - 2013-05-28 12:54 - 09679402 ____A C:\Users\Drenalim\Downloads\fairy_tail_313.zip
2013-05-28 12:55 - 2013-05-28 12:54 - 09542024 ____A C:\Users\Drenalim\Downloads\fairy_tail_311.zip
2013-05-28 12:54 - 2013-05-28 12:52 - 10743801 ____A C:\Users\Drenalim\Downloads\fairy_tail_307.zip
2013-05-28 12:54 - 2013-05-28 12:52 - 09885327 ____A C:\Users\Drenalim\Downloads\fairy_tail_308.zip
2013-05-28 12:54 - 2013-05-28 12:52 - 09337082 ____A C:\Users\Drenalim\Downloads\fairy_tail_310.zip
2013-05-28 12:54 - 2013-05-28 12:52 - 08750327 ____A C:\Users\Drenalim\Downloads\fairy_tail_309.zip
2013-05-28 12:48 - 2013-05-28 12:47 - 10095821 ____A C:\Users\Drenalim\Downloads\fairy_tail_306.zip
2013-05-28 12:48 - 2013-05-28 12:47 - 09900564 ____A C:\Users\Drenalim\Downloads\fairy_tail_305.zip
2013-05-28 12:48 - 2013-05-28 12:47 - 09537966 ____A C:\Users\Drenalim\Downloads\fairy_tail_304.zip
2013-05-28 12:48 - 2013-05-28 12:47 - 08598684 ____A C:\Users\Drenalim\Downloads\fairy_tail_303.zip
2013-05-28 12:47 - 2013-05-28 12:45 - 11010760 ____A C:\Users\Drenalim\Downloads\fairy_tail_299.zip
2013-05-28 12:46 - 2013-05-28 12:45 - 10112162 ____A C:\Users\Drenalim\Downloads\fairy_tail_300.zip
2013-05-28 12:46 - 2013-05-28 12:45 - 09745158 ____A C:\Users\Drenalim\Downloads\fairy_tail_302.zip
2013-05-28 12:46 - 2013-05-28 12:45 - 09541797 ____A C:\Users\Drenalim\Downloads\fairy_tail_301.zip
2013-05-28 12:42 - 2013-05-28 12:40 - 13727892 ____A C:\Users\Drenalim\Downloads\fairy_tail_295.zip
2013-05-28 12:42 - 2013-05-28 12:40 - 11042799 ____A C:\Users\Drenalim\Downloads\fairy_tail_296.zip
2013-05-28 12:42 - 2013-05-28 12:40 - 10931657 ____A C:\Users\Drenalim\Downloads\fairy_tail_298.zip
2013-05-28 12:42 - 2013-05-28 12:40 - 10143891 ____A C:\Users\Drenalim\Downloads\fairy_tail_297.zip
2013-05-28 12:37 - 2013-05-28 12:35 - 15762255 ____A C:\Users\Drenalim\Downloads\fairy_tail_294.zip
2013-05-28 12:37 - 2013-05-28 12:35 - 12303084 ____A C:\Users\Drenalim\Downloads\fairy_tail_291.zip
2013-05-28 12:36 - 2013-05-28 12:35 - 09094292 ____A C:\Users\Drenalim\Downloads\fairy_tail_292.zip
2013-05-28 12:36 - 2013-05-28 12:35 - 08983579 ____A C:\Users\Drenalim\Downloads\fairy_tail_293.zip
2013-05-28 12:33 - 2013-05-28 12:32 - 09456982 ____A C:\Users\Drenalim\Downloads\fairy_tail_287.zip
2013-05-28 12:33 - 2013-05-28 12:32 - 08527885 ____A C:\Users\Drenalim\Downloads\fairy_tail_288.zip
2013-05-28 12:33 - 2013-05-28 12:32 - 08496045 ____A C:\Users\Drenalim\Downloads\fairy_tail_290.zip
2013-05-28 12:33 - 2013-05-28 12:32 - 07954078 ____A C:\Users\Drenalim\Downloads\fairy_tail_289.zip
2013-05-28 12:28 - 2013-05-28 12:27 - 08356739 ____A C:\Users\Drenalim\Downloads\fairy_tail_285.zip
2013-05-28 12:28 - 2013-05-28 12:27 - 07268357 ____A C:\Users\Drenalim\Downloads\fairy_tail_286.zip
2013-05-28 12:28 - 2013-05-28 12:26 - 07732548 ____A C:\Users\Drenalim\Downloads\fairy_tail_283.zip
2013-05-28 12:28 - 2013-05-28 12:26 - 07599022 ____A C:\Users\Drenalim\Downloads\fairy_tail_284.zip
2013-05-28 12:24 - 2013-05-28 12:22 - 08880350 ____A C:\Users\Drenalim\Downloads\fairy_tail_279.zip
2013-05-28 12:24 - 2013-05-28 12:22 - 08355404 ____A C:\Users\Drenalim\Downloads\fairy_tail_282.zip
2013-05-28 12:24 - 2013-05-28 12:22 - 07737961 ____A C:\Users\Drenalim\Downloads\fairy_tail_281.zip
2013-05-28 12:23 - 2013-05-28 12:22 - 07256018 ____A C:\Users\Drenalim\Downloads\fairy_tail_280.zip
2013-05-28 12:21 - 2013-05-28 12:20 - 08529176 ____A C:\Users\Drenalim\Downloads\fairy_tail_278.zip
2013-05-28 12:21 - 2013-05-28 12:20 - 06681535 ____A C:\Users\Drenalim\Downloads\fairy_tail_276.zip
2013-05-28 12:21 - 2013-05-28 12:20 - 06515855 ____A C:\Users\Drenalim\Downloads\fairy_tail_275.zip
2013-05-28 12:21 - 2013-05-28 12:20 - 05910571 ____A C:\Users\Drenalim\Downloads\fairy_tail_277.zip
2013-05-28 12:17 - 2013-05-28 12:15 - 06923232 ____A C:\Users\Drenalim\Downloads\fairy_tail_271.zip
2013-05-28 12:17 - 2013-05-28 12:15 - 06893552 ____A C:\Users\Drenalim\Downloads\fairy_tail_272.zip
2013-05-28 12:17 - 2013-05-28 12:15 - 06628564 ____A C:\Users\Drenalim\Downloads\fairy_tail_273.zip
2013-05-28 12:17 - 2013-05-28 12:15 - 06594431 ____A C:\Users\Drenalim\Downloads\fairy_tail_274.zip
2013-05-28 12:15 - 2013-05-28 12:14 - 09088739 ____A C:\Users\Drenalim\Downloads\fairy_tail_269.zip
2013-05-28 12:15 - 2013-05-28 12:14 - 08889900 ____A C:\Users\Drenalim\Downloads\fairy_tail_270.zip
2013-05-28 12:15 - 2013-05-28 12:14 - 07328724 ____A C:\Users\Drenalim\Downloads\fairy_tail_267.zip
2013-05-28 12:15 - 2013-05-28 12:14 - 06576113 ____A C:\Users\Drenalim\Downloads\fairy_tail_268.zip
2013-05-28 12:13 - 2013-05-28 12:12 - 09591499 ____A C:\Users\Drenalim\Downloads\fairy_tail_264.zip
2013-05-28 12:13 - 2013-05-28 12:12 - 09011613 ____A C:\Users\Drenalim\Downloads\fairy_tail_265.zip
2013-05-28 12:13 - 2013-05-28 12:12 - 08370337 ____A C:\Users\Drenalim\Downloads\fairy_tail_266.zip
2013-05-28 12:13 - 2013-05-28 12:12 - 07121416 ____A C:\Users\Drenalim\Downloads\fairy_tail_263.zip
2013-05-28 12:09 - 2013-05-28 12:07 - 10252117 ____A C:\Users\Drenalim\Downloads\fairy_tail_259.zip
2013-05-28 12:09 - 2013-05-28 12:07 - 08923937 ____A C:\Users\Drenalim\Downloads\fairy_tail_261.zip
2013-05-28 12:09 - 2013-05-28 12:07 - 08095716 ____A C:\Users\Drenalim\Downloads\fairy_tail_260.zip
2013-05-28 12:09 - 2013-05-28 12:07 - 07686716 ____A C:\Users\Drenalim\Downloads\fairy_tail_262.zip
2013-05-28 12:04 - 2013-05-28 12:03 - 09427506 ____A C:\Users\Drenalim\Downloads\fairy_tail_258.zip
2013-05-28 12:04 - 2013-05-28 12:03 - 09083243 ____A C:\Users\Drenalim\Downloads\fairy_tail_257.zip
2013-05-28 12:04 - 2013-05-28 12:03 - 08307296 ____A C:\Users\Drenalim\Downloads\fairy_tail_255.zip
2013-05-28 12:04 - 2013-05-28 12:03 - 08275580 ____A C:\Users\Drenalim\Downloads\fairy_tail_256.zip
2013-05-28 11:59 - 2013-05-28 11:58 - 09860239 ____A C:\Users\Drenalim\Downloads\fairy_tail_252.zip
2013-05-28 11:59 - 2013-05-28 11:58 - 09626432 ____A C:\Users\Drenalim\Downloads\fairy_tail_254.zip
2013-05-28 11:59 - 2013-05-28 11:58 - 09096973 ____A C:\Users\Drenalim\Downloads\fairy_tail_253.zip
2013-05-28 11:59 - 2013-05-28 11:58 - 07689842 ____A C:\Users\Drenalim\Downloads\fairy_tail_251.zip
2013-05-28 11:55 - 2013-05-28 11:54 - 09113842 ____A C:\Users\Drenalim\Downloads\fairy_tail_248.zip
2013-05-28 11:55 - 2013-05-28 11:54 - 08964381 ____A C:\Users\Drenalim\Downloads\fairy_tail_247.zip
2013-05-28 11:55 - 2013-05-28 11:54 - 08953074 ____A C:\Users\Drenalim\Downloads\fairy_tail_249.zip
2013-05-28 11:55 - 2013-05-28 11:54 - 06769384 ____A C:\Users\Drenalim\Downloads\fairy_tail_250.zip
2013-05-26 19:53 - 2013-05-26 19:51 - 09532690 ____A C:\Users\Drenalim\Downloads\fairy_tail_246.zip
2013-05-26 19:53 - 2013-05-26 19:51 - 09403052 ____A C:\Users\Drenalim\Downloads\fairy_tail_244.zip
2013-05-26 19:52 - 2013-05-26 19:51 - 09277618 ____A C:\Users\Drenalim\Downloads\fairy_tail_243.zip
2013-05-26 19:52 - 2013-05-26 19:51 - 09077516 ____A C:\Users\Drenalim\Downloads\fairy_tail_245.zip
2013-05-26 19:46 - 2013-05-26 19:44 - 11863281 ____A C:\Users\Drenalim\Downloads\fairy_tail_241.zip
2013-05-26 19:46 - 2013-05-26 19:44 - 08960366 ____A C:\Users\Drenalim\Downloads\fairy_tail_242.zip
2013-05-26 19:45 - 2013-05-26 19:44 - 09267573 ____A C:\Users\Drenalim\Downloads\fairy_tail_240.zip
2013-05-26 19:45 - 2013-05-26 19:44 - 08810380 ____A C:\Users\Drenalim\Downloads\fairy_tail_239.zip
2013-05-26 19:39 - 2013-05-26 19:38 - 09900343 ____A C:\Users\Drenalim\Downloads\fairy_tail_237.zip
2013-05-26 19:39 - 2013-05-26 19:38 - 09733445 ____A C:\Users\Drenalim\Downloads\fairy_tail_238.zip
2013-05-26 19:39 - 2013-05-26 19:37 - 10529421 ____A C:\Users\Drenalim\Downloads\fairy_tail_235.zip
2013-05-26 19:39 - 2013-05-26 19:37 - 10290119 ____A C:\Users\Drenalim\Downloads\fairy_tail_236.zip
2013-05-26 19:31 - 2013-05-26 19:30 - 09599149 ____A C:\Users\Drenalim\Downloads\fairy_tail_234.zip
2013-05-26 19:31 - 2013-05-26 19:29 - 11424485 ____A C:\Users\Drenalim\Downloads\fairy_tail_231.zip
2013-05-26 19:31 - 2013-05-26 19:29 - 09447631 ____A C:\Users\Drenalim\Downloads\fairy_tail_233.zip
2013-05-26 19:31 - 2013-05-26 19:29 - 08330068 ____A C:\Users\Drenalim\Downloads\fairy_tail_232.zip
2013-05-26 19:25 - 2013-05-26 19:24 - 10872365 ____A C:\Users\Drenalim\Downloads\fairy_tail_228.zip
2013-05-26 19:25 - 2013-05-26 19:24 - 07707067 ____A C:\Users\Drenalim\Downloads\fairy_tail_229.zip
2013-05-26 19:25 - 2013-05-26 19:24 - 07645439 ____A C:\Users\Drenalim\Downloads\fairy_tail_230.zip
2013-05-26 19:24 - 2013-05-26 19:24 - 04239652 ____A C:\Users\Drenalim\Downloads\fairy_tail_227.zip
2013-05-26 19:19 - 2013-05-26 19:18 - 06785814 ____A C:\Users\Drenalim\Downloads\fairy_tail_225.zip
2013-05-26 19:19 - 2013-05-26 19:18 - 05963375 ____A C:\Users\Drenalim\Downloads\fairy_tail_223.zip
2013-05-26 19:19 - 2013-05-26 19:18 - 05503223 ____A C:\Users\Drenalim\Downloads\fairy_tail_224.zip
2013-05-26 19:19 - 2013-05-26 19:18 - 05485110 ____A C:\Users\Drenalim\Downloads\fairy_tail_226.zip
2013-05-26 19:17 - 2013-05-26 19:15 - 09065345 ____A C:\Users\Drenalim\Downloads\fairy_tail_220.zip
2013-05-26 19:16 - 2013-05-26 19:15 - 06666409 ____A C:\Users\Drenalim\Downloads\fairy_tail_221.zip
2013-05-26 19:16 - 2013-05-26 19:15 - 06390146 ____A C:\Users\Drenalim\Downloads\fairy_tail_222.zip
2013-05-26 19:16 - 2013-05-26 19:15 - 06162391 ____A C:\Users\Drenalim\Downloads\fairy_tail_219.zip
2013-05-26 19:13 - 2013-05-26 19:12 - 08167770 ____A C:\Users\Drenalim\Downloads\fairy_tail_217.zip
2013-05-26 19:13 - 2013-05-26 19:12 - 07458831 ____A C:\Users\Drenalim\Downloads\fairy_tail_215.zip
2013-05-26 19:13 - 2013-05-26 19:12 - 06432400 ____A C:\Users\Drenalim\Downloads\fairy_tail_216.zip
2013-05-26 19:13 - 2013-05-26 19:12 - 06247260 ____A C:\Users\Drenalim\Downloads\fairy_tail_218.zip
2013-05-26 19:10 - 2013-05-26 19:09 - 06426956 ____A C:\Users\Drenalim\Downloads\fairy_tail_214.zip
2013-05-26 19:10 - 2013-05-26 19:09 - 06323249 ____A C:\Users\Drenalim\Downloads\fairy_tail_213.zip
2013-05-26 19:09 - 2013-05-26 19:09 - 05085299 ____A C:\Users\Drenalim\Downloads\fairy_tail_211.zip
2013-05-26 19:09 - 2013-05-26 19:09 - 05061505 ____A C:\Users\Drenalim\Downloads\fairy_tail_212.zip
2013-05-26 19:08 - 2013-05-26 19:07 - 08755768 ____A C:\Users\Drenalim\Downloads\fairy_tail_207.zip
2013-05-26 19:08 - 2013-05-26 19:07 - 06435463 ____A C:\Users\Drenalim\Downloads\fairy_tail_208.zip
2013-05-26 19:08 - 2013-05-26 19:07 - 06242999 ____A C:\Users\Drenalim\Downloads\fairy_tail_210.zip
2013-05-26 19:08 - 2013-05-26 19:07 - 05178800 ____A C:\Users\Drenalim\Downloads\fairy_tail_209.zip
2013-05-26 19:06 - 2013-05-26 19:05 - 06660638 ____A C:\Users\Drenalim\Downloads\fairy_tail_204.zip
2013-05-26 19:06 - 2013-05-26 19:05 - 06659025 ____A C:\Users\Drenalim\Downloads\fairy_tail_206.zip
2013-05-26 19:06 - 2013-05-26 19:05 - 06498405 ____A C:\Users\Drenalim\Downloads\fairy_tail_205.zip
2013-05-26 19:06 - 2013-05-26 19:05 - 06226733 ____A C:\Users\Drenalim\Downloads\fairy_tail_203.zip
2013-05-26 19:03 - 2013-05-26 19:02 - 08588101 ____A C:\Users\Drenalim\Downloads\fairy_tail_200.zip
2013-05-26 19:03 - 2013-05-26 19:02 - 05752050 ____A C:\Users\Drenalim\Downloads\fairy_tail_201.zip
2013-05-26 19:03 - 2013-05-26 19:02 - 05315240 ____A C:\Users\Drenalim\Downloads\fairy_tail_202.zip
2013-05-26 19:03 - 2013-05-26 19:01 - 06821944 ____A C:\Users\Drenalim\Downloads\fairy_tail_199.zip
2013-05-26 18:19 - 2013-05-26 18:18 - 06785281 ____A C:\Users\Drenalim\Downloads\fairy_tail_196.zip
2013-05-26 18:19 - 2013-05-26 18:18 - 06709143 ____A C:\Users\Drenalim\Downloads\fairy_tail_195.zip
2013-05-26 18:19 - 2013-05-26 18:18 - 06640543 ____A C:\Users\Drenalim\Downloads\fairy_tail_197.zip
2013-05-26 18:19 - 2013-05-26 18:18 - 05686950 ____A C:\Users\Drenalim\Downloads\fairy_tail_198.zip
2013-05-26 18:18 - 2013-05-26 18:16 - 10394585 ____A C:\Users\Drenalim\Downloads\fairy_tail_194.zip
2013-05-26 18:17 - 2013-05-26 18:16 - 06556432 ____A C:\Users\Drenalim\Downloads\fairy_tail_192.zip
2013-05-26 18:17 - 2013-05-26 18:16 - 05439614 ____A C:\Users\Drenalim\Downloads\fairy_tail_191.zip
2013-05-26 18:17 - 2013-05-26 18:16 - 05229800 ____A C:\Users\Drenalim\Downloads\fairy_tail_193.zip
2013-05-26 18:11 - 2013-05-26 18:10 - 05771692 ____A C:\Users\Drenalim\Downloads\fairy_tail_190.zip
2013-05-26 18:11 - 2013-05-26 18:10 - 05314942 ____A C:\Users\Drenalim\Downloads\fairy_tail_189.zip
2013-05-26 18:11 - 2013-05-26 18:10 - 04668288 ____A C:\Users\Drenalim\Downloads\fairy_tail_188.zip
2013-05-26 18:09 - 2013-05-26 18:08 - 06153634 ____A C:\Users\Drenalim\Downloads\fairy_tail_187.zip
2013-05-26 18:09 - 2013-05-26 18:08 - 05582268 ____A C:\Users\Drenalim\Downloads\fairy_tail_184.zip
2013-05-26 18:09 - 2013-05-26 18:08 - 05113601 ____A C:\Users\Drenalim\Downloads\fairy_tail_185.zip
2013-05-26 18:09 - 2013-05-26 18:08 - 04739575 ____A C:\Users\Drenalim\Downloads\fairy_tail_186.zip
2013-05-26 18:06 - 2013-05-26 18:05 - 05616527 ____A C:\Users\Drenalim\Downloads\fairy_tail_183.zip
2013-05-26 18:06 - 2013-05-26 18:05 - 05529654 ____A C:\Users\Drenalim\Downloads\fairy_tail_182.zip
2013-05-26 18:05 - 2013-05-26 18:05 - 04957600 ____A C:\Users\Drenalim\Downloads\fairy_tail_181.zip
2013-05-26 18:05 - 2013-05-26 18:05 - 03033347 ____A C:\Users\Drenalim\Downloads\fairy_tail_182.5.zip
2013-05-26 18:00 - 2013-05-26 17:59 - 06195544 ____A C:\Users\Drenalim\Downloads\fairy_tail_179.zip
2013-05-26 18:00 - 2013-05-26 17:59 - 05731409 ____A C:\Users\Drenalim\Downloads\fairy_tail_178.zip
2013-05-26 18:00 - 2013-05-26 17:59 - 05538264 ____A C:\Users\Drenalim\Downloads\fairy_tail_180.zip
2013-05-26 18:00 - 2013-05-26 17:59 - 04836111 ____A C:\Users\Drenalim\Downloads\fairy_tail_177.zip
2013-05-26 17:57 - 2013-05-26 17:56 - 05431147 ____A C:\Users\Drenalim\Downloads\fairy_tail_175.zip
2013-05-26 17:57 - 2013-05-26 17:56 - 05240610 ____A C:\Users\Drenalim\Downloads\fairy_tail_173.zip
2013-05-26 17:57 - 2013-05-26 17:56 - 04440783 ____A C:\Users\Drenalim\Downloads\fairy_tail_174.zip
2013-05-26 17:57 - 2013-05-26 17:56 - 04279654 ____A C:\Users\Drenalim\Downloads\fairy_tail_176.zip
2013-05-26 17:53 - 2013-05-26 17:52 - 04629780 ____A C:\Users\Drenalim\Downloads\fairy_tail_170.zip
2013-05-26 17:53 - 2013-05-26 17:52 - 04597711 ____A C:\Users\Drenalim\Downloads\fairy_tail_171.zip
2013-05-26 17:53 - 2013-05-26 17:52 - 04387189 ____A C:\Users\Drenalim\Downloads\fairy_tail_169.zip
2013-05-26 17:53 - 2013-05-26 17:52 - 04253128 ____A C:\Users\Drenalim\Downloads\fairy_tail_172.zip
2013-05-26 17:48 - 2013-05-26 17:46 - 06141795 ____A C:\Users\Drenalim\Downloads\fairy_tail_168.zip
2013-05-26 17:48 - 2013-05-26 17:46 - 05218850 ____A C:\Users\Drenalim\Downloads\fairy_tail_167.zip
2013-05-26 17:48 - 2013-05-26 17:46 - 04903685 ____A C:\Users\Drenalim\Downloads\fairy_tail_166.zip
2013-05-26 17:47 - 2013-05-26 17:46 - 06673659 ____A C:\Users\Drenalim\Downloads\fairy_tail_165.zip
2013-05-26 17:42 - 2013-05-26 17:41 - 04968191 ____A C:\Users\Drenalim\Downloads\fairy_tail_164.zip
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-06-24 15:44
==================== End Of Log ============================
--- --- --- --- --- --- Guten Tag, ich habe mir Snap.do eingefangen (beim letzten Programm wohl zu flott auf 'Weiter' geklickt und mit installiert) Was ich versucht habe: Es unter "Systemsteuerung -> Programme und Funktionen -> Deinstallieren" zu löschen. Brachte aber nicht den gewünschten Erfolg. Bei jedem Starten des Browsers (Chrome) bekomme ich 2 zusätzliche Snap.do Fenster bzw Tabs geöffnet. Unter Google Chrome Sucheinstellungen alle Einträge der Suchmaschinen außer Google.de zu löschen. Brachte auch nichts. Via Google bin ich auch auf dieses Forum gestoßen da just gester(?) jemand das selbe Problem hatte. Daher hänge ich auch mal direkt den Log File von adwcleaner mit an. Anhänge in meiner AW unten. Grüße Geändert von Entenmann (25.06.2013 um 15:25 Uhr) Grund: Anhänge |
|
25.06.2013, 14:55
| #2 |
| /// the machine /// TB-Ausbilder    | Snap.do löschen (Win 7 64 Bit) Hi,
__________________Systemscan mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
__________________ |
|
25.06.2013, 15:16
| #3 |
| | Snap.do löschen (Win 7 64 Bit) Hier noch als Nachtrag die anderen Anhänge.
__________________Ich konnte bei GMER nicht auf alles zugreifen - jedenfalls bekam ich regelmäßig eine Warnung (nichts mit rootkit wie im Tutorial beschrieben) und ich kann plötzlich auch Anti Vir nicht mehr schließen... Edit: Die gewünschten FRST und Addition Codes sind oben in meiner Fragestellung. Greetz Geändert von Entenmann (25.06.2013 um 15:26 Uhr) |
|
25.06.2013, 15:27
| #4 | |
| /// the machine /// TB-Ausbilder | Snap.do löschen (Win 7 64 Bit)Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.06.2013, 15:43
| #5 |
| | Snap.do löschen (Win 7 64 Bit) ACHTUNG ich konne Anti Vir nicht deaktivieren da plötzlich folgende Meldung kommt: "Auf das angegebene Gerät, bzw. den Pfad oder die Datei kann nicht zugegriffen werden. Sie verfügen eventuell nicht über ausreichende Berechtigungen, um auf das Element zugreifen zu können." Ich habe den Scan trotzdem machen lassen allerdings sagte Anti Vir zwischen drin, dass er etwas blockiert hat. Somit ist der txt womöglich unvöllständig. Code:
ATTFilter ComboFix 13-06-24.01 - Drenalim 25.06.2013 16:36:51.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8147.6149 [GMT 2:00]
ausgeführt von:: c:\users\Drenalim\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-05-25 bis 2013-06-25 ))))))))))))))))))))))))))))))
.
.
2013-06-25 14:10 . 2013-06-25 14:10 -------- d-----w- C:\FRST
2013-06-24 14:10 . 2013-06-24 14:10 -------- d-----w- c:\users\Drenalim\AppData\Roaming\TuneUp Software
2013-06-24 14:10 . 2013-06-24 14:10 -------- d-----w- c:\programdata\TuneUp Software
2013-06-24 14:09 . 2013-06-24 14:09 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-24 14:09 . 2013-06-24 14:09 -------- d--h--w- c:\programdata\Common Files
2013-06-24 14:09 . 2013-06-24 14:09 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-06-24 14:09 . 2013-06-24 14:09 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2013-06-16 18:51 . 2013-06-16 18:51 -------- d-----w- c:\users\Drenalim\AppData\Local\The Witcher 2
2013-06-13 17:44 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-10 13:41 . 2013-06-10 13:41 -------- d-----w- c:\program files\iPod
2013-06-10 13:41 . 2013-06-10 13:41 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-10 13:41 . 2013-06-10 13:41 -------- d-----w- c:\program files\iTunes
2013-06-10 13:41 . 2013-06-10 13:41 -------- d-----w- c:\program files (x86)\iTunes
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-13 22:20 . 2013-02-06 12:01 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-05-03 16:04 . 2013-05-03 16:04 16896 ----a-w- c:\windows\AsTaskSched.dll
2013-05-02 09:14 . 2013-05-02 09:14 83160 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-05-01 12:39 . 2013-05-01 12:39 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-05-01 12:39 . 2013-05-01 12:39 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-01 12:39 . 2013-05-01 12:39 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-01 12:39 . 2013-05-01 12:39 81408 ----a-w- c:\windows\system32\icardie.dll
2013-05-01 12:39 . 2013-05-01 12:39 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-05-01 12:39 . 2013-05-01 12:39 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-01 12:39 . 2013-05-01 12:39 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-01 12:39 . 2013-05-01 12:39 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-01 12:39 . 2013-05-01 12:39 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-01 12:39 . 2013-05-01 12:39 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-01 12:39 . 2013-05-01 12:39 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-05-01 12:39 . 2013-05-01 12:39 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-05-01 12:39 . 2013-05-01 12:39 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-01 12:39 . 2013-05-01 12:39 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-05-01 12:39 . 2013-05-01 12:39 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-01 12:39 . 2013-05-01 12:39 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-01 12:39 . 2013-05-01 12:39 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-01 12:39 . 2013-05-01 12:39 441856 ----a-w- c:\windows\system32\html.iec
2013-05-01 12:39 . 2013-05-01 12:39 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-01 12:39 . 2013-05-01 12:39 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-05-01 12:39 . 2013-05-01 12:39 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-01 12:39 . 2013-05-01 12:39 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-01 12:39 . 2013-05-01 12:39 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-01 12:39 . 2013-05-01 12:39 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-01 12:39 . 2013-05-01 12:39 235008 ----a-w- c:\windows\system32\url.dll
2013-05-01 12:39 . 2013-05-01 12:39 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-01 12:39 . 2013-05-01 12:39 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-05-01 12:39 . 2013-05-01 12:39 216064 ----a-w- c:\windows\system32\msls31.dll
2013-05-01 12:39 . 2013-05-01 12:39 197120 ----a-w- c:\windows\system32\msrating.dll
2013-05-01 12:39 . 2013-05-01 12:39 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-05-01 12:39 . 2013-05-01 12:39 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-05-01 12:39 . 2013-05-01 12:39 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-05-01 12:39 . 2013-05-01 12:39 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-01 12:39 . 2013-05-01 12:39 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-01 12:39 . 2013-05-01 12:39 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-01 12:39 . 2013-05-01 12:39 149504 ----a-w- c:\windows\system32\occache.dll
2013-05-01 12:39 . 2013-05-01 12:39 144896 ----a-w- c:\windows\system32\wextract.exe
2013-05-01 12:39 . 2013-05-01 12:39 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-01 12:39 . 2013-05-01 12:39 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-05-01 12:39 . 2013-05-01 12:39 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-01 12:39 . 2013-05-01 12:39 13824 ----a-w- c:\windows\system32\mshta.exe
2013-05-01 12:39 . 2013-05-01 12:39 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-01 12:39 . 2013-05-01 12:39 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-05-01 12:39 . 2013-05-01 12:39 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-05-01 12:39 . 2013-05-01 12:39 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-01 12:39 . 2013-05-01 12:39 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-05-01 12:39 . 2013-05-01 12:39 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-01 12:39 . 2013-05-01 12:39 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-01 12:39 . 2013-05-01 12:39 102912 ----a-w- c:\windows\system32\inseng.dll
2013-05-01 12:38 . 2013-05-01 12:38 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-01 12:38 . 2013-05-01 12:38 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-01 12:38 . 2013-05-01 12:38 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-05-01 12:38 . 2013-05-01 12:38 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-05-01 12:38 . 2013-05-01 12:38 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-01 12:38 . 2013-05-01 12:38 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-01 12:38 . 2013-05-01 12:38 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-01 12:38 . 2013-05-01 12:38 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-01 12:38 . 2013-05-01 12:38 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-05-01 12:38 . 2013-05-01 12:38 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-05-01 12:38 . 2013-05-01 12:38 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-05-01 12:38 . 2013-05-01 12:38 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-01 12:38 . 2013-05-01 12:38 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-01 12:38 . 2013-05-01 12:38 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-05-01 12:38 . 2013-05-01 12:38 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-05-01 12:38 . 2013-05-01 12:38 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-05-01 12:38 . 2013-05-01 12:38 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-01 12:38 . 2013-05-01 12:38 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-01 12:38 . 2013-05-01 12:38 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-05-01 12:38 . 2013-05-01 12:38 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-05-01 12:38 . 2013-05-01 12:38 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-01 12:38 . 2013-05-01 12:38 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-01 12:38 . 2013-05-01 12:38 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-01 12:38 . 2013-05-01 12:38 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-01 12:38 . 2013-05-01 12:38 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-05-01 12:38 . 2013-05-01 12:38 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-05-01 12:38 . 2013-05-01 12:38 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-05-01 12:38 . 2013-05-01 12:38 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-01 12:38 . 2013-05-01 12:38 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-01 12:38 . 2013-05-01 12:38 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-05-01 12:38 . 2013-05-01 12:38 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-05-01 12:38 . 2013-05-01 12:38 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-05-01 12:38 . 2013-05-01 12:38 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-05-01 12:38 . 2013-05-01 12:38 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-05-01 12:38 . 2013-05-01 12:38 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-05-01 12:38 . 2013-05-01 12:38 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-05-01 12:38 . 2013-05-01 12:38 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-05-01 12:38 . 2013-05-01 12:38 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-05-01 12:38 . 2013-05-01 12:38 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-05-01 12:38 . 2013-05-01 12:38 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-05-01 12:38 . 2013-05-01 12:38 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-05-01 12:38 . 2013-05-01 12:38 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-05-01 12:38 . 2013-05-01 12:38 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-05-01 12:38 . 2013-05-01 12:38 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-05-01 12:38 . 2013-05-01 12:38 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-01 12:38 . 2013-05-01 12:38 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-01 12:38 . 2013-05-01 12:38 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-05-01 12:38 . 2013-05-01 12:38 221184 ----a-w- c:\windows\system32\UIAnimation.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-05-02 345312]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"ASUS WiFi GO! FileTransfer Execute"="c:\program files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe" [2012-03-01 1376896]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]
.
c:\users\Drenalim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2013-5-24 0]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - uwlcqkog
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-24 13:53 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-28 12:38]
.
2013-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-28 12:38]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-02-10 6463592]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-02-08 1158248]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=671849f2-57e1-4930-8bb1-ee7a6496a329&searchtype=hp&installDate=24/06/2013
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=671849f2-57e1-4930-8bb1-ee7a6496a329&searchtype=ds&q={searchTerms}&installDate=24/06/2013
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-Steam - c:\program files (x86)\Steam\Steam.exe
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-Steam App 203160 - c:\program files (x86)\Steam\steam.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-25 16:40:29
ComboFix-quarantined-files.txt 2013-06-25 14:40
.
Vor Suchlauf: 10 Verzeichnis(se), 778.570.805.248 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 778.797.613.056 Bytes frei
.
- - End Of File - - 3027F9054EF28111827084109FFCF0B0
A36C5E4F47E84449FF07ED3517B43A31
|
|
25.06.2013, 15:54
| #6 |
| /// the machine /// TB-Ausbilder | Snap.do löschen (Win 7 64 Bit) Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST LOg bitte. Antivir muckt immer noch?
__________________ --> Snap.do löschen (Win 7 64 Bit) |
|
25.06.2013, 16:28
| #7 |
| | Snap.do löschen (Win 7 64 Bit) Anti Vir ließ sich nach Benutzung von JRT und anschließend ADWcleaner benutzen. Anhänge anbei. |
|
25.06.2013, 19:09
| #8 |
| /// the machine /// TB-Ausbilder | Snap.do löschen (Win 7 64 Bit) Logs bitte immer im Thread posten. ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST Log. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.06.2013, 14:26
| #9 |
| | Snap.do löschen (Win 7 64 Bit) Hallo, meine Antwort hat leider etwas auf sich warten lassen, lang gearbeitet die letzten Tage. Eset: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=7753842a8b696c418036200bfe696334
# engine=14167
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-06-27 01:10:05
# local_time=2013-06-27 03:10:05 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 8135 237761895 929 0
# compatibility_mode=5893 16776574 66 85 4935060 123968455 0 0
# scanned=400652
# found=1
# cleaned=0
# scan_time=7977
sh=7D85A8A8F04013DFA9E895999CED80D31475C29E ft=1 fh=6ea06a1e9519710f vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="D:\Resident Evil 6\steam_api.dll"
Code:
ATTFilter Results of screen317's Security Check version 0.99.68
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 21
Java version out of Date!
Adobe Reader XI
Google Chrome 27.0.1453.110
Google Chrome 27.0.1453.116
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2013 01
Ran by Drenalim (administrator) on 27-06-2013 15:27:21
Running from C:\Users\Drenalim\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6463592 2012-02-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2P [1158248 2012-02-08] (Realtek Semiconductor)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [ASUS WiFi GO! FileTransfer Execute] C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe [1376896 2012-03-01] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKU\UpdatusUser\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3672640 2013-03-14] (Disc Soft Ltd)
HKU\UpdatusUser\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [x]
Startup: C:\Users\Drenalim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=671849f2-57e1-4930-8bb1-ee7a6496a329&searchtype=hp&installDate=24/06/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Chrome:
=======
CHR HomePage: hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=671849f2-57e1-4930-8bb1-ee7a6496a329&searchtype=hp&installDate={installDate}
CHR RestoreOnStartup: "https://www.google.com/", "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=671849f2-57e1-4930-8bb1-ee7a6496a329&searchtype=hp&installDate={installDate}", "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=671849f2-57e1-4930-8bb1-ee7a6496a329&searchtype=hp&installDate=24/06/2013"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Extension: (Google Docs) - C:\Users\Drenalim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Drenalim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Drenalim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Drenalim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail) - C:\Users\Drenalim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [918448 2011-10-29] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-02-09] ()
==================== Drivers (Whitelisted) ====================
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-31] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-31] (Avira Operations GmbH & Co. KG)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-24] (DT Soft Ltd)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-27 13:00 - 2013-06-27 13:00 - 00000000 ____D C:\Users\Drenalim\Desktop\bc rich
2013-06-27 12:59 - 2013-06-27 12:59 - 00890988 ____A C:\Users\Drenalim\Downloads\SecurityCheck.exe
2013-06-27 12:59 - 2013-06-27 12:59 - 00890988 ____A C:\Users\Drenalim\Desktop\SecurityCheck.exe
2013-06-27 12:55 - 2013-06-27 12:55 - 02347384 ____A (ESET) C:\Users\Drenalim\Downloads\esetsmartinstaller_enu.exe
2013-06-27 12:55 - 2013-06-27 12:55 - 02347384 ____A (ESET) C:\Users\Drenalim\Desktop\esetsmartinstaller_enu.exe
2013-06-25 17:19 - 2013-06-25 17:19 - 00000628 ____A C:\Users\Drenalim\Desktop\JRT.txt
2013-06-25 17:13 - 2013-06-25 17:14 - 00000979 ____A C:\Users\Drenalim\Desktop\AdwCleaner[S3].txt
2013-06-25 17:11 - 2013-06-25 17:17 - 00000000 ____D C:\JRT
2013-06-25 17:11 - 2013-06-25 17:11 - 00000000 ____D C:\Windows\ERUNT
2013-06-25 17:10 - 2013-06-25 17:10 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Drenalim\Downloads\JRT.exe
2013-06-25 17:10 - 2013-06-25 17:10 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Drenalim\Desktop\JRT.exe
2013-06-25 16:40 - 2013-06-25 16:40 - 00023153 ____A C:\ComboFix.txt
2013-06-25 16:35 - 2013-06-25 16:40 - 00000000 ____D C:\Qoobox
2013-06-25 16:35 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-25 16:35 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-25 16:35 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-25 16:35 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-25 16:35 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-25 16:35 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-25 16:35 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-25 16:35 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-25 16:34 - 2013-06-25 16:39 - 00000000 ____D C:\Windows\erdnt
2013-06-25 16:33 - 2013-06-25 16:33 - 05082330 ____R (Swearware) C:\Users\Drenalim\Desktop\ComboFix.exe
2013-06-25 16:33 - 2013-06-25 16:33 - 05082330 ____A (Swearware) C:\Users\Drenalim\Downloads\ComboFix.exe
2013-06-25 16:10 - 2013-06-25 16:10 - 00000000 ____D C:\FRST
2013-06-25 16:10 - 2013-06-25 16:09 - 01931854 ____A (Farbar) C:\Users\Drenalim\Desktop\FRST64.exe
2013-06-25 16:09 - 2013-06-25 16:09 - 01931854 ____A (Farbar) C:\Users\Drenalim\Downloads\FRST64.exe
2013-06-25 15:58 - 2013-06-25 15:59 - 00000920 ____A C:\AdwCleaner[S2].txt
2013-06-25 15:41 - 2013-06-25 15:41 - 00377856 ____A C:\Users\Drenalim\Downloads\gmer_2.1.19163.exe
2013-06-25 15:41 - 2013-06-25 15:41 - 00377856 ____A C:\Users\Drenalim\Desktop\gmer_2.1.19163.exe
2013-06-25 15:34 - 2013-06-25 15:34 - 00602112 ____A (OldTimer Tools) C:\Users\Drenalim\Desktop\OTL.exe
2013-06-25 15:26 - 2013-06-25 15:26 - 00002163 ____A C:\AdwCleaner[S1].txt
2013-06-25 15:25 - 2013-06-25 15:25 - 00648201 ____A C:\Users\Drenalim\Desktop\adwcleaner2303.exe
2013-06-24 16:10 - 2013-06-24 16:10 - 00000000 ____D C:\Users\Drenalim\AppData\Roaming\TuneUp Software
2013-06-24 16:10 - 2013-06-24 16:10 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-06-24 16:09 - 2013-06-24 16:09 - 00283200 ____A (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2013-06-24 16:09 - 2013-06-24 16:09 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-24 16:09 - 2013-06-24 16:09 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2013-06-20 00:45 - 2013-06-20 00:46 - 40323433 ____A C:\Users\Drenalim\Downloads\QOTSA.zip
2013-06-20 00:20 - 2013-06-20 01:33 - 00000000 ____D C:\Users\Drenalim\Desktop\Queens of the Stoneage
2013-06-19 23:58 - 2013-06-20 00:07 - 00000000 ____D C:\Users\Drenalim\Desktop\otl, extras, gmer
2013-06-19 23:51 - 2013-06-19 23:53 - 00000000 ____D C:\Users\Drenalim\Desktop\Sony
2013-06-18 21:45 - 2013-06-18 21:45 - 00000000 ____D C:\Users\Drenalim\Downloads\Turkish_mixed
2013-06-18 20:45 - 2013-06-18 20:45 - 00000000 ____D C:\Users\Drenalim\Downloads\orhasesmok
2013-06-18 20:24 - 2013-06-18 21:16 - 225034551 ____A C:\Users\Drenalim\Downloads\Turkish_mixed.rar
2013-06-18 19:11 - 2013-06-18 19:11 - 00000000 ____D C:\Users\Drenalim\Desktop\items
2013-06-18 12:45 - 2013-06-18 12:45 - 00000000 ____D C:\Users\Drenalim\Downloads\xen01
2013-06-16 21:07 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-16 21:07 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-16 21:07 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-16 21:07 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-16 21:07 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-16 21:07 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-16 21:07 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-16 21:07 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-16 21:07 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-16 21:07 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-16 21:07 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-16 21:07 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-16 20:51 - 2013-06-18 21:48 - 00000000 ____D C:\Users\Drenalim\Documents\Witcher 2
2013-06-16 20:51 - 2013-06-16 20:51 - 00000000 ____D C:\Users\Drenalim\AppData\Local\The Witcher 2
2013-06-16 20:47 - 2013-06-16 20:48 - 00624648 ____A C:\Users\Drenalim\Downloads\W2_Triss_Nude_Patch.zip
2013-06-16 17:34 - 2013-06-16 17:34 - 00617312 ____A (www.download-sponsor.de) C:\Users\Drenalim\Downloads\W2_Triss_Nude_Patch_NCDownloader.exe
2013-06-16 17:25 - 2013-06-16 17:25 - 00000201 ____A C:\Users\Drenalim\Desktop\The Witcher 2 Assassins of Kings Enhanced Edition.url
2013-06-14 00:19 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-14 00:19 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-14 00:19 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-14 00:19 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-14 00:19 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-14 00:19 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-14 00:19 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-14 00:19 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-14 00:19 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-14 00:19 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-14 00:19 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-14 00:19 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-14 00:19 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-14 00:19 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-14 00:19 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-14 00:19 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-14 00:19 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-14 00:19 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-14 00:19 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-13 19:44 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-13 19:44 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-13 19:44 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-13 19:44 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-13 19:44 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-13 19:44 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-13 19:44 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-13 19:44 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-13 19:44 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-13 19:44 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-13 19:44 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-13 19:44 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-13 19:44 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-13 19:44 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-13 19:44 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-13 19:44 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-13 19:44 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-13 19:44 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-13 19:44 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\Program Files\iTunes
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\Program Files\iPod
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-05-31 13:55 - 2013-05-31 13:57 - 00000000 ____D C:\Users\Drenalim\Desktop\iphone 31.05
2013-05-31 11:22 - 2013-05-31 11:23 - 00000000 ____D C:\Users\Drenalim\Desktop\Top100
2013-05-30 22:14 - 2013-05-30 22:14 - 00000000 ____D C:\Users\Drenalim\Downloads\Battle Angel Alita
2013-05-28 12:59 - 2013-05-28 13:02 - 17494653 ____A C:\Users\Drenalim\Downloads\fairy_tail_322.zip
2013-05-28 12:59 - 2013-05-28 13:01 - 11192702 ____A C:\Users\Drenalim\Downloads\fairy_tail_319.zip
2013-05-28 12:59 - 2013-05-28 13:01 - 10662310 ____A C:\Users\Drenalim\Downloads\fairy_tail_320.zip
2013-05-28 12:59 - 2013-05-28 13:01 - 09851850 ____A C:\Users\Drenalim\Downloads\fairy_tail_321.zip
2013-05-28 12:57 - 2013-05-28 12:59 - 11184758 ____A C:\Users\Drenalim\Downloads\fairy_tail_318.zip
2013-05-28 12:57 - 2013-05-28 12:59 - 11035501 ____A C:\Users\Drenalim\Downloads\fairy_tail_315.zip
2013-05-28 12:57 - 2013-05-28 12:58 - 10161981 ____A C:\Users\Drenalim\Downloads\fairy_tail_316.zip
2013-05-28 12:57 - 2013-05-28 12:58 - 09821258 ____A C:\Users\Drenalim\Downloads\fairy_tail_317.zip
2013-05-28 12:54 - 2013-05-28 12:56 - 13290768 ____A C:\Users\Drenalim\Downloads\fairy_tail_312.zip
2013-05-28 12:54 - 2013-05-28 12:56 - 10883220 ____A C:\Users\Drenalim\Downloads\fairy_tail_314.zip
2013-05-28 12:54 - 2013-05-28 12:55 - 09679402 ____A C:\Users\Drenalim\Downloads\fairy_tail_313.zip
2013-05-28 12:54 - 2013-05-28 12:55 - 09542024 ____A C:\Users\Drenalim\Downloads\fairy_tail_311.zip
2013-05-28 12:52 - 2013-05-28 12:54 - 10743801 ____A C:\Users\Drenalim\Downloads\fairy_tail_307.zip
2013-05-28 12:52 - 2013-05-28 12:54 - 09885327 ____A C:\Users\Drenalim\Downloads\fairy_tail_308.zip
2013-05-28 12:52 - 2013-05-28 12:54 - 09337082 ____A C:\Users\Drenalim\Downloads\fairy_tail_310.zip
2013-05-28 12:52 - 2013-05-28 12:54 - 08750327 ____A C:\Users\Drenalim\Downloads\fairy_tail_309.zip
2013-05-28 12:47 - 2013-05-28 12:48 - 10095821 ____A C:\Users\Drenalim\Downloads\fairy_tail_306.zip
2013-05-28 12:47 - 2013-05-28 12:48 - 09900564 ____A C:\Users\Drenalim\Downloads\fairy_tail_305.zip
2013-05-28 12:47 - 2013-05-28 12:48 - 09537966 ____A C:\Users\Drenalim\Downloads\fairy_tail_304.zip
2013-05-28 12:47 - 2013-05-28 12:48 - 08598684 ____A C:\Users\Drenalim\Downloads\fairy_tail_303.zip
2013-05-28 12:45 - 2013-05-28 12:47 - 11010760 ____A C:\Users\Drenalim\Downloads\fairy_tail_299.zip
2013-05-28 12:45 - 2013-05-28 12:46 - 10112162 ____A C:\Users\Drenalim\Downloads\fairy_tail_300.zip
2013-05-28 12:45 - 2013-05-28 12:46 - 09745158 ____A C:\Users\Drenalim\Downloads\fairy_tail_302.zip
2013-05-28 12:45 - 2013-05-28 12:46 - 09541797 ____A C:\Users\Drenalim\Downloads\fairy_tail_301.zip
2013-05-28 12:40 - 2013-05-28 12:42 - 13727892 ____A C:\Users\Drenalim\Downloads\fairy_tail_295.zip
2013-05-28 12:40 - 2013-05-28 12:42 - 11042799 ____A C:\Users\Drenalim\Downloads\fairy_tail_296.zip
2013-05-28 12:40 - 2013-05-28 12:42 - 10931657 ____A C:\Users\Drenalim\Downloads\fairy_tail_298.zip
2013-05-28 12:40 - 2013-05-28 12:42 - 10143891 ____A C:\Users\Drenalim\Downloads\fairy_tail_297.zip
2013-05-28 12:35 - 2013-05-28 12:37 - 15762255 ____A C:\Users\Drenalim\Downloads\fairy_tail_294.zip
2013-05-28 12:35 - 2013-05-28 12:37 - 12303084 ____A C:\Users\Drenalim\Downloads\fairy_tail_291.zip
2013-05-28 12:35 - 2013-05-28 12:36 - 09094292 ____A C:\Users\Drenalim\Downloads\fairy_tail_292.zip
2013-05-28 12:35 - 2013-05-28 12:36 - 08983579 ____A C:\Users\Drenalim\Downloads\fairy_tail_293.zip
2013-05-28 12:32 - 2013-05-28 12:33 - 09456982 ____A C:\Users\Drenalim\Downloads\fairy_tail_287.zip
2013-05-28 12:32 - 2013-05-28 12:33 - 08527885 ____A C:\Users\Drenalim\Downloads\fairy_tail_288.zip
2013-05-28 12:32 - 2013-05-28 12:33 - 08496045 ____A C:\Users\Drenalim\Downloads\fairy_tail_290.zip
2013-05-28 12:32 - 2013-05-28 12:33 - 07954078 ____A C:\Users\Drenalim\Downloads\fairy_tail_289.zip
2013-05-28 12:27 - 2013-05-28 12:28 - 08356739 ____A C:\Users\Drenalim\Downloads\fairy_tail_285.zip
2013-05-28 12:27 - 2013-05-28 12:28 - 07268357 ____A C:\Users\Drenalim\Downloads\fairy_tail_286.zip
2013-05-28 12:26 - 2013-05-28 12:28 - 07732548 ____A C:\Users\Drenalim\Downloads\fairy_tail_283.zip
2013-05-28 12:26 - 2013-05-28 12:28 - 07599022 ____A C:\Users\Drenalim\Downloads\fairy_tail_284.zip
2013-05-28 12:22 - 2013-05-28 12:24 - 08880350 ____A C:\Users\Drenalim\Downloads\fairy_tail_279.zip
2013-05-28 12:22 - 2013-05-28 12:24 - 08355404 ____A C:\Users\Drenalim\Downloads\fairy_tail_282.zip
2013-05-28 12:22 - 2013-05-28 12:24 - 07737961 ____A C:\Users\Drenalim\Downloads\fairy_tail_281.zip
2013-05-28 12:22 - 2013-05-28 12:23 - 07256018 ____A C:\Users\Drenalim\Downloads\fairy_tail_280.zip
2013-05-28 12:20 - 2013-05-28 12:21 - 08529176 ____A C:\Users\Drenalim\Downloads\fairy_tail_278.zip
2013-05-28 12:20 - 2013-05-28 12:21 - 06681535 ____A C:\Users\Drenalim\Downloads\fairy_tail_276.zip
2013-05-28 12:20 - 2013-05-28 12:21 - 06515855 ____A C:\Users\Drenalim\Downloads\fairy_tail_275.zip
2013-05-28 12:20 - 2013-05-28 12:21 - 05910571 ____A C:\Users\Drenalim\Downloads\fairy_tail_277.zip
2013-05-28 12:15 - 2013-05-28 12:17 - 06923232 ____A C:\Users\Drenalim\Downloads\fairy_tail_271.zip
2013-05-28 12:15 - 2013-05-28 12:17 - 06893552 ____A C:\Users\Drenalim\Downloads\fairy_tail_272.zip
2013-05-28 12:15 - 2013-05-28 12:17 - 06628564 ____A C:\Users\Drenalim\Downloads\fairy_tail_273.zip
2013-05-28 12:15 - 2013-05-28 12:17 - 06594431 ____A C:\Users\Drenalim\Downloads\fairy_tail_274.zip
2013-05-28 12:14 - 2013-05-28 12:15 - 09088739 ____A C:\Users\Drenalim\Downloads\fairy_tail_269.zip
2013-05-28 12:14 - 2013-05-28 12:15 - 08889900 ____A C:\Users\Drenalim\Downloads\fairy_tail_270.zip
2013-05-28 12:14 - 2013-05-28 12:15 - 07328724 ____A C:\Users\Drenalim\Downloads\fairy_tail_267.zip
2013-05-28 12:14 - 2013-05-28 12:15 - 06576113 ____A C:\Users\Drenalim\Downloads\fairy_tail_268.zip
2013-05-28 12:12 - 2013-05-28 12:13 - 09591499 ____A C:\Users\Drenalim\Downloads\fairy_tail_264.zip
2013-05-28 12:12 - 2013-05-28 12:13 - 09011613 ____A C:\Users\Drenalim\Downloads\fairy_tail_265.zip
2013-05-28 12:12 - 2013-05-28 12:13 - 08370337 ____A C:\Users\Drenalim\Downloads\fairy_tail_266.zip
2013-05-28 12:12 - 2013-05-28 12:13 - 07121416 ____A C:\Users\Drenalim\Downloads\fairy_tail_263.zip
2013-05-28 12:07 - 2013-05-28 12:09 - 10252117 ____A C:\Users\Drenalim\Downloads\fairy_tail_259.zip
2013-05-28 12:07 - 2013-05-28 12:09 - 08923937 ____A C:\Users\Drenalim\Downloads\fairy_tail_261.zip
2013-05-28 12:07 - 2013-05-28 12:09 - 08095716 ____A C:\Users\Drenalim\Downloads\fairy_tail_260.zip
2013-05-28 12:07 - 2013-05-28 12:09 - 07686716 ____A C:\Users\Drenalim\Downloads\fairy_tail_262.zip
2013-05-28 12:03 - 2013-05-28 12:04 - 09427506 ____A C:\Users\Drenalim\Downloads\fairy_tail_258.zip
2013-05-28 12:03 - 2013-05-28 12:04 - 09083243 ____A C:\Users\Drenalim\Downloads\fairy_tail_257.zip
2013-05-28 12:03 - 2013-05-28 12:04 - 08307296 ____A C:\Users\Drenalim\Downloads\fairy_tail_255.zip
2013-05-28 12:03 - 2013-05-28 12:04 - 08275580 ____A C:\Users\Drenalim\Downloads\fairy_tail_256.zip
2013-05-28 11:58 - 2013-05-28 11:59 - 09860239 ____A C:\Users\Drenalim\Downloads\fairy_tail_252.zip
2013-05-28 11:58 - 2013-05-28 11:59 - 09626432 ____A C:\Users\Drenalim\Downloads\fairy_tail_254.zip
2013-05-28 11:58 - 2013-05-28 11:59 - 09096973 ____A C:\Users\Drenalim\Downloads\fairy_tail_253.zip
2013-05-28 11:58 - 2013-05-28 11:59 - 07689842 ____A C:\Users\Drenalim\Downloads\fairy_tail_251.zip
2013-05-28 11:54 - 2013-05-28 11:55 - 09113842 ____A C:\Users\Drenalim\Downloads\fairy_tail_248.zip
2013-05-28 11:54 - 2013-05-28 11:55 - 08964381 ____A C:\Users\Drenalim\Downloads\fairy_tail_247.zip
2013-05-28 11:54 - 2013-05-28 11:55 - 08953074 ____A C:\Users\Drenalim\Downloads\fairy_tail_249.zip
2013-05-28 11:54 - 2013-05-28 11:55 - 06769384 ____A C:\Users\Drenalim\Downloads\fairy_tail_250.zip
==================== One Month Modified Files and Folders =======
2013-06-27 15:19 - 2013-01-28 14:21 - 01052944 ____A C:\Windows\WindowsUpdate.log
2013-06-27 14:53 - 2013-01-28 14:38 - 00001114 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-27 13:00 - 2013-06-27 13:00 - 00000000 ____D C:\Users\Drenalim\Desktop\bc rich
2013-06-27 12:59 - 2013-06-27 12:59 - 00890988 ____A C:\Users\Drenalim\Downloads\SecurityCheck.exe
2013-06-27 12:59 - 2013-06-27 12:59 - 00890988 ____A C:\Users\Drenalim\Desktop\SecurityCheck.exe
2013-06-27 12:56 - 2009-07-14 06:45 - 00014800 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-27 12:56 - 2009-07-14 06:45 - 00014800 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-27 12:55 - 2013-06-27 12:55 - 02347384 ____A (ESET) C:\Users\Drenalim\Downloads\esetsmartinstaller_enu.exe
2013-06-27 12:55 - 2013-06-27 12:55 - 02347384 ____A (ESET) C:\Users\Drenalim\Desktop\esetsmartinstaller_enu.exe
2013-06-27 12:55 - 2009-07-14 19:58 - 00653928 ____A C:\Windows\System32\perfh007.dat
2013-06-27 12:55 - 2009-07-14 19:58 - 00129800 ____A C:\Windows\System32\perfc007.dat
2013-06-27 12:55 - 2009-07-14 07:13 - 01498506 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-27 12:54 - 2013-05-02 11:14 - 00083672 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
2013-06-27 12:53 - 2013-01-28 14:38 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-27 12:49 - 2013-01-28 14:37 - 00000000 ____D C:\Users\Drenalim\AppData\Local\Deployment
2013-06-27 12:48 - 2013-02-16 14:35 - 00000000 ____D C:\Users\Drenalim\AppData\Local\TSVNCache
2013-06-27 12:48 - 2013-01-28 14:34 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-27 12:48 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-27 12:48 - 2009-07-14 06:51 - 00037965 ____A C:\Windows\setupact.log
2013-06-25 17:19 - 2013-06-25 17:19 - 00000628 ____A C:\Users\Drenalim\Desktop\JRT.txt
2013-06-25 17:17 - 2013-06-25 17:11 - 00000000 ____D C:\JRT
2013-06-25 17:15 - 2013-01-28 14:37 - 00000000 ____D C:\Users\Drenalim\AppData\Local\Apps\2.0
2013-06-25 17:14 - 2013-06-25 17:13 - 00000979 ____A C:\Users\Drenalim\Desktop\AdwCleaner[S3].txt
2013-06-25 17:14 - 2013-01-28 14:45 - 00101474 ____A C:\Windows\PFRO.log
2013-06-25 17:11 - 2013-06-25 17:11 - 00000000 ____D C:\Windows\ERUNT
2013-06-25 17:10 - 2013-06-25 17:10 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Drenalim\Downloads\JRT.exe
2013-06-25 17:10 - 2013-06-25 17:10 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Drenalim\Desktop\JRT.exe
2013-06-25 16:40 - 2013-06-25 16:40 - 00023153 ____A C:\ComboFix.txt
2013-06-25 16:40 - 2013-06-25 16:35 - 00000000 ____D C:\Qoobox
2013-06-25 16:40 - 2009-07-14 05:20 - 00000000 __RHD C:\users\Default
2013-06-25 16:39 - 2013-06-25 16:34 - 00000000 ____D C:\Windows\erdnt
2013-06-25 16:39 - 2009-07-14 04:34 - 00000215 ____A C:\Windows\system.ini
2013-06-25 16:33 - 2013-06-25 16:33 - 05082330 ____R (Swearware) C:\Users\Drenalim\Desktop\ComboFix.exe
2013-06-25 16:33 - 2013-06-25 16:33 - 05082330 ____A (Swearware) C:\Users\Drenalim\Downloads\ComboFix.exe
2013-06-25 16:10 - 2013-06-25 16:10 - 00000000 ____D C:\FRST
2013-06-25 16:09 - 2013-06-25 16:10 - 01931854 ____A (Farbar) C:\Users\Drenalim\Desktop\FRST64.exe
2013-06-25 16:09 - 2013-06-25 16:09 - 01931854 ____A (Farbar) C:\Users\Drenalim\Downloads\FRST64.exe
2013-06-25 15:59 - 2013-06-25 15:58 - 00000920 ____A C:\AdwCleaner[S2].txt
2013-06-25 15:41 - 2013-06-25 15:41 - 00377856 ____A C:\Users\Drenalim\Downloads\gmer_2.1.19163.exe
2013-06-25 15:41 - 2013-06-25 15:41 - 00377856 ____A C:\Users\Drenalim\Desktop\gmer_2.1.19163.exe
2013-06-25 15:34 - 2013-06-25 15:34 - 00602112 ____A (OldTimer Tools) C:\Users\Drenalim\Desktop\OTL.exe
2013-06-25 15:26 - 2013-06-25 15:26 - 00002163 ____A C:\AdwCleaner[S1].txt
2013-06-25 15:25 - 2013-06-25 15:25 - 00648201 ____A C:\Users\Drenalim\Desktop\adwcleaner2303.exe
2013-06-25 15:17 - 2013-03-19 17:51 - 00000000 ____D C:\Users\Drenalim\AppData\Roaming\Notepad++
2013-06-25 15:17 - 2013-03-19 17:51 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-06-24 16:10 - 2013-06-24 16:10 - 00000000 ____D C:\Users\Drenalim\AppData\Roaming\TuneUp Software
2013-06-24 16:10 - 2013-06-24 16:10 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-06-24 16:09 - 2013-06-24 16:09 - 00283200 ____A (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2013-06-24 16:09 - 2013-06-24 16:09 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-24 16:09 - 2013-06-24 16:09 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2013-06-20 01:33 - 2013-06-20 00:20 - 00000000 ____D C:\Users\Drenalim\Desktop\Queens of the Stoneage
2013-06-20 00:46 - 2013-06-20 00:45 - 40323433 ____A C:\Users\Drenalim\Downloads\QOTSA.zip
2013-06-20 00:07 - 2013-06-19 23:58 - 00000000 ____D C:\Users\Drenalim\Desktop\otl, extras, gmer
2013-06-19 23:53 - 2013-06-19 23:51 - 00000000 ____D C:\Users\Drenalim\Desktop\Sony
2013-06-18 21:48 - 2013-06-16 20:51 - 00000000 ____D C:\Users\Drenalim\Documents\Witcher 2
2013-06-18 21:45 - 2013-06-18 21:45 - 00000000 ____D C:\Users\Drenalim\Downloads\Turkish_mixed
2013-06-18 21:16 - 2013-06-18 20:24 - 225034551 ____A C:\Users\Drenalim\Downloads\Turkish_mixed.rar
2013-06-18 20:45 - 2013-06-18 20:45 - 00000000 ____D C:\Users\Drenalim\Downloads\orhasesmok
2013-06-18 19:11 - 2013-06-18 19:11 - 00000000 ____D C:\Users\Drenalim\Desktop\items
2013-06-18 12:45 - 2013-06-18 12:45 - 00000000 ____D C:\Users\Drenalim\Downloads\xen01
2013-06-16 20:51 - 2013-06-16 20:51 - 00000000 ____D C:\Users\Drenalim\AppData\Local\The Witcher 2
2013-06-16 20:51 - 2013-02-09 13:42 - 00102484 ____A C:\Windows\DirectX.log
2013-06-16 20:48 - 2013-06-16 20:47 - 00624648 ____A C:\Users\Drenalim\Downloads\W2_Triss_Nude_Patch.zip
2013-06-16 18:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-16 17:34 - 2013-06-16 17:34 - 00617312 ____A (www.download-sponsor.de) C:\Users\Drenalim\Downloads\W2_Triss_Nude_Patch_NCDownloader.exe
2013-06-16 17:25 - 2013-06-16 17:25 - 00000201 ____A C:\Users\Drenalim\Desktop\The Witcher 2 Assassins of Kings Enhanced Edition.url
2013-06-14 00:20 - 2013-02-06 14:01 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-10 22:18 - 2013-04-02 17:59 - 00000000 ____D C:\Users\Drenalim\AppData\Roaming\TS3Client
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\Program Files\iTunes
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\Program Files\iPod
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-08 16:08 - 2013-06-16 21:07 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-16 21:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-16 21:07 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-16 21:07 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-16 21:07 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-16 21:07 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-16 21:07 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-16 21:07 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-16 21:07 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-16 21:07 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-16 21:07 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-16 21:07 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-05 17:37 - 2013-05-20 23:07 - 00000000 ____D C:\Users\Drenalim\Downloads\fairy tail
2013-05-31 13:57 - 2013-05-31 13:55 - 00000000 ____D C:\Users\Drenalim\Desktop\iphone 31.05
2013-05-31 11:23 - 2013-05-31 11:22 - 00000000 ____D C:\Users\Drenalim\Desktop\Top100
2013-05-30 22:14 - 2013-05-30 22:14 - 00000000 ____D C:\Users\Drenalim\Downloads\Battle Angel Alita
2013-05-28 13:02 - 2013-05-28 12:59 - 17494653 ____A C:\Users\Drenalim\Downloads\fairy_tail_322.zip
2013-05-28 13:01 - 2013-05-28 12:59 - 11192702 ____A C:\Users\Drenalim\Downloads\fairy_tail_319.zip
2013-05-28 13:01 - 2013-05-28 12:59 - 10662310 ____A C:\Users\Drenalim\Downloads\fairy_tail_320.zip
2013-05-28 13:01 - 2013-05-28 12:59 - 09851850 ____A C:\Users\Drenalim\Downloads\fairy_tail_321.zip
2013-05-28 12:59 - 2013-05-28 12:57 - 11184758 ____A C:\Users\Drenalim\Downloads\fairy_tail_318.zip
2013-05-28 12:59 - 2013-05-28 12:57 - 11035501 ____A C:\Users\Drenalim\Downloads\fairy_tail_315.zip
2013-05-28 12:58 - 2013-05-28 12:57 - 10161981 ____A C:\Users\Drenalim\Downloads\fairy_tail_316.zip
2013-05-28 12:58 - 2013-05-28 12:57 - 09821258 ____A C:\Users\Drenalim\Downloads\fairy_tail_317.zip
2013-05-28 12:56 - 2013-05-28 12:54 - 13290768 ____A C:\Users\Drenalim\Downloads\fairy_tail_312.zip
2013-05-28 12:56 - 2013-05-28 12:54 - 10883220 ____A C:\Users\Drenalim\Downloads\fairy_tail_314.zip
2013-05-28 12:55 - 2013-05-28 12:54 - 09679402 ____A C:\Users\Drenalim\Downloads\fairy_tail_313.zip
2013-05-28 12:55 - 2013-05-28 12:54 - 09542024 ____A C:\Users\Drenalim\Downloads\fairy_tail_311.zip
2013-05-28 12:54 - 2013-05-28 12:52 - 10743801 ____A C:\Users\Drenalim\Downloads\fairy_tail_307.zip
2013-05-28 12:54 - 2013-05-28 12:52 - 09885327 ____A C:\Users\Drenalim\Downloads\fairy_tail_308.zip
2013-05-28 12:54 - 2013-05-28 12:52 - 09337082 ____A C:\Users\Drenalim\Downloads\fairy_tail_310.zip
2013-05-28 12:54 - 2013-05-28 12:52 - 08750327 ____A C:\Users\Drenalim\Downloads\fairy_tail_309.zip
2013-05-28 12:48 - 2013-05-28 12:47 - 10095821 ____A C:\Users\Drenalim\Downloads\fairy_tail_306.zip
2013-05-28 12:48 - 2013-05-28 12:47 - 09900564 ____A C:\Users\Drenalim\Downloads\fairy_tail_305.zip
2013-05-28 12:48 - 2013-05-28 12:47 - 09537966 ____A C:\Users\Drenalim\Downloads\fairy_tail_304.zip
2013-05-28 12:48 - 2013-05-28 12:47 - 08598684 ____A C:\Users\Drenalim\Downloads\fairy_tail_303.zip
2013-05-28 12:47 - 2013-05-28 12:45 - 11010760 ____A C:\Users\Drenalim\Downloads\fairy_tail_299.zip
2013-05-28 12:46 - 2013-05-28 12:45 - 10112162 ____A C:\Users\Drenalim\Downloads\fairy_tail_300.zip
2013-05-28 12:46 - 2013-05-28 12:45 - 09745158 ____A C:\Users\Drenalim\Downloads\fairy_tail_302.zip
2013-05-28 12:46 - 2013-05-28 12:45 - 09541797 ____A C:\Users\Drenalim\Downloads\fairy_tail_301.zip
2013-05-28 12:42 - 2013-05-28 12:40 - 13727892 ____A C:\Users\Drenalim\Downloads\fairy_tail_295.zip
2013-05-28 12:42 - 2013-05-28 12:40 - 11042799 ____A C:\Users\Drenalim\Downloads\fairy_tail_296.zip
2013-05-28 12:42 - 2013-05-28 12:40 - 10931657 ____A C:\Users\Drenalim\Downloads\fairy_tail_298.zip
2013-05-28 12:42 - 2013-05-28 12:40 - 10143891 ____A C:\Users\Drenalim\Downloads\fairy_tail_297.zip
2013-05-28 12:37 - 2013-05-28 12:35 - 15762255 ____A C:\Users\Drenalim\Downloads\fairy_tail_294.zip
2013-05-28 12:37 - 2013-05-28 12:35 - 12303084 ____A C:\Users\Drenalim\Downloads\fairy_tail_291.zip
2013-05-28 12:36 - 2013-05-28 12:35 - 09094292 ____A C:\Users\Drenalim\Downloads\fairy_tail_292.zip
2013-05-28 12:36 - 2013-05-28 12:35 - 08983579 ____A C:\Users\Drenalim\Downloads\fairy_tail_293.zip
2013-05-28 12:33 - 2013-05-28 12:32 - 09456982 ____A C:\Users\Drenalim\Downloads\fairy_tail_287.zip
2013-05-28 12:33 - 2013-05-28 12:32 - 08527885 ____A C:\Users\Drenalim\Downloads\fairy_tail_288.zip
2013-05-28 12:33 - 2013-05-28 12:32 - 08496045 ____A C:\Users\Drenalim\Downloads\fairy_tail_290.zip
2013-05-28 12:33 - 2013-05-28 12:32 - 07954078 ____A C:\Users\Drenalim\Downloads\fairy_tail_289.zip
2013-05-28 12:28 - 2013-05-28 12:27 - 08356739 ____A C:\Users\Drenalim\Downloads\fairy_tail_285.zip
2013-05-28 12:28 - 2013-05-28 12:27 - 07268357 ____A C:\Users\Drenalim\Downloads\fairy_tail_286.zip
2013-05-28 12:28 - 2013-05-28 12:26 - 07732548 ____A C:\Users\Drenalim\Downloads\fairy_tail_283.zip
2013-05-28 12:28 - 2013-05-28 12:26 - 07599022 ____A C:\Users\Drenalim\Downloads\fairy_tail_284.zip
2013-05-28 12:24 - 2013-05-28 12:22 - 08880350 ____A C:\Users\Drenalim\Downloads\fairy_tail_279.zip
2013-05-28 12:24 - 2013-05-28 12:22 - 08355404 ____A C:\Users\Drenalim\Downloads\fairy_tail_282.zip
2013-05-28 12:24 - 2013-05-28 12:22 - 07737961 ____A C:\Users\Drenalim\Downloads\fairy_tail_281.zip
2013-05-28 12:23 - 2013-05-28 12:22 - 07256018 ____A C:\Users\Drenalim\Downloads\fairy_tail_280.zip
2013-05-28 12:21 - 2013-05-28 12:20 - 08529176 ____A C:\Users\Drenalim\Downloads\fairy_tail_278.zip
2013-05-28 12:21 - 2013-05-28 12:20 - 06681535 ____A C:\Users\Drenalim\Downloads\fairy_tail_276.zip
2013-05-28 12:21 - 2013-05-28 12:20 - 06515855 ____A C:\Users\Drenalim\Downloads\fairy_tail_275.zip
2013-05-28 12:21 - 2013-05-28 12:20 - 05910571 ____A C:\Users\Drenalim\Downloads\fairy_tail_277.zip
2013-05-28 12:17 - 2013-05-28 12:15 - 06923232 ____A C:\Users\Drenalim\Downloads\fairy_tail_271.zip
2013-05-28 12:17 - 2013-05-28 12:15 - 06893552 ____A C:\Users\Drenalim\Downloads\fairy_tail_272.zip
2013-05-28 12:17 - 2013-05-28 12:15 - 06628564 ____A C:\Users\Drenalim\Downloads\fairy_tail_273.zip
2013-05-28 12:17 - 2013-05-28 12:15 - 06594431 ____A C:\Users\Drenalim\Downloads\fairy_tail_274.zip
2013-05-28 12:15 - 2013-05-28 12:14 - 09088739 ____A C:\Users\Drenalim\Downloads\fairy_tail_269.zip
2013-05-28 12:15 - 2013-05-28 12:14 - 08889900 ____A C:\Users\Drenalim\Downloads\fairy_tail_270.zip
2013-05-28 12:15 - 2013-05-28 12:14 - 07328724 ____A C:\Users\Drenalim\Downloads\fairy_tail_267.zip
2013-05-28 12:15 - 2013-05-28 12:14 - 06576113 ____A C:\Users\Drenalim\Downloads\fairy_tail_268.zip
2013-05-28 12:13 - 2013-05-28 12:12 - 09591499 ____A C:\Users\Drenalim\Downloads\fairy_tail_264.zip
2013-05-28 12:13 - 2013-05-28 12:12 - 09011613 ____A C:\Users\Drenalim\Downloads\fairy_tail_265.zip
2013-05-28 12:13 - 2013-05-28 12:12 - 08370337 ____A C:\Users\Drenalim\Downloads\fairy_tail_266.zip
2013-05-28 12:13 - 2013-05-28 12:12 - 07121416 ____A C:\Users\Drenalim\Downloads\fairy_tail_263.zip
2013-05-28 12:09 - 2013-05-28 12:07 - 10252117 ____A C:\Users\Drenalim\Downloads\fairy_tail_259.zip
2013-05-28 12:09 - 2013-05-28 12:07 - 08923937 ____A C:\Users\Drenalim\Downloads\fairy_tail_261.zip
2013-05-28 12:09 - 2013-05-28 12:07 - 08095716 ____A C:\Users\Drenalim\Downloads\fairy_tail_260.zip
2013-05-28 12:09 - 2013-05-28 12:07 - 07686716 ____A C:\Users\Drenalim\Downloads\fairy_tail_262.zip
2013-05-28 12:04 - 2013-05-28 12:03 - 09427506 ____A C:\Users\Drenalim\Downloads\fairy_tail_258.zip
2013-05-28 12:04 - 2013-05-28 12:03 - 09083243 ____A C:\Users\Drenalim\Downloads\fairy_tail_257.zip
2013-05-28 12:04 - 2013-05-28 12:03 - 08307296 ____A C:\Users\Drenalim\Downloads\fairy_tail_255.zip
2013-05-28 12:04 - 2013-05-28 12:03 - 08275580 ____A C:\Users\Drenalim\Downloads\fairy_tail_256.zip
2013-05-28 11:59 - 2013-05-28 11:58 - 09860239 ____A C:\Users\Drenalim\Downloads\fairy_tail_252.zip
2013-05-28 11:59 - 2013-05-28 11:58 - 09626432 ____A C:\Users\Drenalim\Downloads\fairy_tail_254.zip
2013-05-28 11:59 - 2013-05-28 11:58 - 09096973 ____A C:\Users\Drenalim\Downloads\fairy_tail_253.zip
2013-05-28 11:59 - 2013-05-28 11:58 - 07689842 ____A C:\Users\Drenalim\Downloads\fairy_tail_251.zip
2013-05-28 11:55 - 2013-05-28 11:54 - 09113842 ____A C:\Users\Drenalim\Downloads\fairy_tail_248.zip
2013-05-28 11:55 - 2013-05-28 11:54 - 08964381 ____A C:\Users\Drenalim\Downloads\fairy_tail_247.zip
2013-05-28 11:55 - 2013-05-28 11:54 - 08953074 ____A C:\Users\Drenalim\Downloads\fairy_tail_249.zip
2013-05-28 11:55 - 2013-05-28 11:54 - 06769384 ____A C:\Users\Drenalim\Downloads\fairy_tail_250.zip
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-06-24 15:44
==================== End Of Log ============================
--- --- --- Die Snap Tabs öffnen sich weiterhin bei jedem Browser Start. Greetz |
|
27.06.2013, 16:12
| #10 |
| /// the machine /// TB-Ausbilder | Snap.do löschen (Win 7 64 Bit) Fix mit FRST Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=671849f2-57e1-4930-8bb1-ee7a6496a329&searchtype=hp&installDate=24/06/2013
CHR HomePage: hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=671849f2-57e1-4930-8bb1-ee7a6496a329&searchtype=hp&installDate={installDate}
CHR RestoreOnStartup: "https://www.google.com/", "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=671849f2-57e1-4930-8bb1-ee7a6496a329&searchtype=hp&installDate={installDate}", "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=671849f2-57e1-4930-8bb1-ee7a6496a329&searchtype=hp&installDate=24/06/2013"
immer noch?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.06.2013, 18:02
| #11 |
| | Snap.do löschen (Win 7 64 Bit)Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-06-2013 01
Ran by Drenalim at 2013-06-27 19:02:05 Run:1
Running from C:\Users\Drenalim\Desktop
Boot Mode: Normal
==============================================
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value deleted successfully.
CHR HomePage: hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=671849f2-57e1-4930-8bb1-ee7a6496a329&searchtype=hp&installDate={installDate} ==> The Chrome "Settings" can be used to fix the entry.
CHR RestoreOnStartup: "https://www.google.com/", "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=671849f2-57e1-4930-8bb1-ee7a6496a329&searchtype=hp&installDate={installDate}", "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=671849f2-57e1-4930-8bb1-ee7a6496a329&searchtype=hp&installDate=24/06/2013" ==> The Chrome "Settings" can be used to fix the entry.
==== End of Fixlog ====
Lg |
|
27.06.2013, 19:28
| #12 |
| /// the machine /// TB-Ausbilder | Snap.do löschen (Win 7 64 Bit) Frisches FRST Log bitte. In welchem Browser?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.07.2013, 11:30
| #13 | |
| | Snap.do löschen (Win 7 64 Bit)Zitat:
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2013 01 (ATTENTION: FRST version is 6 days old)
Ran by Drenalim (administrator) on 01-07-2013 12:28:07
Running from C:\Users\Drenalim\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Curse) C:\Users\Drenalim\AppData\Local\Apps\2.0\Q6YJXG66.M1X\NWW1HN9T.ZDN\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6463592 2012-02-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2P [1158248 2012-02-08] (Realtek Semiconductor)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [ASUS WiFi GO! FileTransfer Execute] C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe [1376896 2012-03-01] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKU\UpdatusUser\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3672640 2013-03-14] (Disc Soft Ltd)
HKU\UpdatusUser\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [x]
Startup: C:\Users\Drenalim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Chrome:
=======
CHR HomePage: hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=671849f2-57e1-4930-8bb1-ee7a6496a329&searchtype=hp&installDate={installDate}
CHR RestoreOnStartup: "https://www.google.com/", "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=671849f2-57e1-4930-8bb1-ee7a6496a329&searchtype=hp&installDate={installDate}", "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=671849f2-57e1-4930-8bb1-ee7a6496a329&searchtype=hp&installDate=24/06/2013"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Extension: (Google Docs) - C:\Users\Drenalim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Drenalim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Drenalim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Drenalim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail) - C:\Users\Drenalim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [918448 2011-10-29] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-02-09] ()
==================== Drivers (Whitelisted) ====================
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-31] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-31] (Avira Operations GmbH & Co. KG)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-24] (DT Soft Ltd)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-27 13:00 - 2013-06-27 13:00 - 00000000 ____D C:\Users\Drenalim\Desktop\bc rich
2013-06-27 12:59 - 2013-06-27 12:59 - 00890988 ____A C:\Users\Drenalim\Downloads\SecurityCheck.exe
2013-06-27 12:59 - 2013-06-27 12:59 - 00890988 ____A C:\Users\Drenalim\Desktop\SecurityCheck.exe
2013-06-27 12:55 - 2013-06-27 12:55 - 02347384 ____A (ESET) C:\Users\Drenalim\Downloads\esetsmartinstaller_enu.exe
2013-06-27 12:55 - 2013-06-27 12:55 - 02347384 ____A (ESET) C:\Users\Drenalim\Desktop\esetsmartinstaller_enu.exe
2013-06-25 17:11 - 2013-06-25 17:17 - 00000000 ____D C:\JRT
2013-06-25 17:11 - 2013-06-25 17:11 - 00000000 ____D C:\Windows\ERUNT
2013-06-25 17:10 - 2013-06-25 17:10 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Drenalim\Downloads\JRT.exe
2013-06-25 17:10 - 2013-06-25 17:10 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Drenalim\Desktop\JRT.exe
2013-06-25 16:40 - 2013-06-25 16:40 - 00023153 ____A C:\ComboFix.txt
2013-06-25 16:35 - 2013-06-25 16:40 - 00000000 ____D C:\Qoobox
2013-06-25 16:35 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-25 16:35 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-25 16:35 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-25 16:35 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-25 16:35 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-25 16:35 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-25 16:35 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-25 16:35 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-25 16:34 - 2013-06-25 16:39 - 00000000 ____D C:\Windows\erdnt
2013-06-25 16:33 - 2013-06-25 16:33 - 05082330 ____R (Swearware) C:\Users\Drenalim\Desktop\ComboFix.exe
2013-06-25 16:33 - 2013-06-25 16:33 - 05082330 ____A (Swearware) C:\Users\Drenalim\Downloads\ComboFix.exe
2013-06-25 16:10 - 2013-06-25 16:10 - 00000000 ____D C:\FRST
2013-06-25 16:10 - 2013-06-25 16:09 - 01931854 ____A (Farbar) C:\Users\Drenalim\Desktop\FRST64.exe
2013-06-25 16:09 - 2013-06-25 16:09 - 01931854 ____A (Farbar) C:\Users\Drenalim\Downloads\FRST64.exe
2013-06-25 15:58 - 2013-06-25 15:59 - 00000920 ____A C:\AdwCleaner[S2].txt
2013-06-25 15:41 - 2013-06-25 15:41 - 00377856 ____A C:\Users\Drenalim\Downloads\gmer_2.1.19163.exe
2013-06-25 15:41 - 2013-06-25 15:41 - 00377856 ____A C:\Users\Drenalim\Desktop\gmer_2.1.19163.exe
2013-06-25 15:34 - 2013-06-25 15:34 - 00602112 ____A (OldTimer Tools) C:\Users\Drenalim\Desktop\OTL.exe
2013-06-25 15:26 - 2013-06-25 15:26 - 00002163 ____A C:\AdwCleaner[S1].txt
2013-06-25 15:25 - 2013-06-25 15:25 - 00648201 ____A C:\Users\Drenalim\Desktop\adwcleaner2303.exe
2013-06-24 16:10 - 2013-06-24 16:10 - 00000000 ____D C:\Users\Drenalim\AppData\Roaming\TuneUp Software
2013-06-24 16:10 - 2013-06-24 16:10 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-06-24 16:09 - 2013-06-24 16:09 - 00283200 ____A (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2013-06-24 16:09 - 2013-06-24 16:09 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-24 16:09 - 2013-06-24 16:09 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2013-06-20 00:45 - 2013-06-20 00:46 - 40323433 ____A C:\Users\Drenalim\Downloads\QOTSA.zip
2013-06-20 00:20 - 2013-06-20 01:33 - 00000000 ____D C:\Users\Drenalim\Desktop\Queens of the Stoneage
2013-06-19 23:51 - 2013-06-19 23:53 - 00000000 ____D C:\Users\Drenalim\Desktop\Sony
2013-06-18 21:45 - 2013-06-18 21:45 - 00000000 ____D C:\Users\Drenalim\Downloads\Turkish_mixed
2013-06-18 20:45 - 2013-06-18 20:45 - 00000000 ____D C:\Users\Drenalim\Downloads\orhasesmok
2013-06-18 20:24 - 2013-06-18 21:16 - 225034551 ____A C:\Users\Drenalim\Downloads\Turkish_mixed.rar
2013-06-18 19:11 - 2013-06-18 19:11 - 00000000 ____D C:\Users\Drenalim\Desktop\items
2013-06-18 12:45 - 2013-06-18 12:45 - 00000000 ____D C:\Users\Drenalim\Downloads\xen01
2013-06-16 21:07 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-16 21:07 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-16 21:07 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-16 21:07 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-16 21:07 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-16 21:07 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-16 21:07 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-16 21:07 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-16 21:07 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-16 21:07 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-16 21:07 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-16 21:07 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-16 20:51 - 2013-06-18 21:48 - 00000000 ____D C:\Users\Drenalim\Documents\Witcher 2
2013-06-16 20:51 - 2013-06-16 20:51 - 00000000 ____D C:\Users\Drenalim\AppData\Local\The Witcher 2
2013-06-16 20:47 - 2013-06-16 20:48 - 00624648 ____A C:\Users\Drenalim\Downloads\W2_Triss_Nude_Patch.zip
2013-06-16 17:34 - 2013-06-16 17:34 - 00617312 ____A (www.download-sponsor.de) C:\Users\Drenalim\Downloads\W2_Triss_Nude_Patch_NCDownloader.exe
2013-06-16 17:25 - 2013-06-16 17:25 - 00000201 ____A C:\Users\Drenalim\Desktop\The Witcher 2 Assassins of Kings Enhanced Edition.url
2013-06-14 00:19 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-14 00:19 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-14 00:19 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-14 00:19 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-14 00:19 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-14 00:19 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-14 00:19 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-14 00:19 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-14 00:19 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-14 00:19 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-14 00:19 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-14 00:19 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-14 00:19 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-14 00:19 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-14 00:19 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-14 00:19 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-14 00:19 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-14 00:19 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-14 00:19 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-13 19:44 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-13 19:44 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-13 19:44 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-13 19:44 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-13 19:44 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-13 19:44 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-13 19:44 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-13 19:44 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-13 19:44 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-13 19:44 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-13 19:44 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-13 19:44 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-13 19:44 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-13 19:44 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-13 19:44 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-13 19:44 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-13 19:44 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-13 19:44 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-13 19:44 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\Program Files\iTunes
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\Program Files\iPod
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\Program Files (x86)\iTunes
==================== One Month Modified Files and Folders =======
2013-07-01 12:26 - 2009-07-14 06:45 - 00014800 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-01 12:26 - 2009-07-14 06:45 - 00014800 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-01 12:25 - 2009-07-14 19:58 - 00653928 ____A C:\Windows\System32\perfh007.dat
2013-07-01 12:25 - 2009-07-14 19:58 - 00129800 ____A C:\Windows\System32\perfc007.dat
2013-07-01 12:25 - 2009-07-14 07:13 - 01498506 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-01 12:19 - 2013-01-28 14:38 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-01 12:19 - 2013-01-28 14:37 - 00000000 ____D C:\Users\Drenalim\AppData\Local\Deployment
2013-07-01 12:18 - 2013-01-28 14:34 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-01 12:18 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-01 12:18 - 2009-07-14 06:51 - 00038077 ____A C:\Windows\setupact.log
2013-06-28 20:22 - 2013-01-28 14:21 - 01116905 ____A C:\Windows\WindowsUpdate.log
2013-06-28 20:21 - 2013-04-02 17:59 - 00000000 ____D C:\Users\Drenalim\AppData\Roaming\TS3Client
2013-06-28 19:53 - 2013-01-28 14:38 - 00001114 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-28 13:49 - 2013-02-16 14:35 - 00000000 ____D C:\Users\Drenalim\AppData\Local\TSVNCache
2013-06-28 13:49 - 2013-01-28 14:45 - 00102300 ____A C:\Windows\PFRO.log
2013-06-27 13:00 - 2013-06-27 13:00 - 00000000 ____D C:\Users\Drenalim\Desktop\bc rich
2013-06-27 12:59 - 2013-06-27 12:59 - 00890988 ____A C:\Users\Drenalim\Downloads\SecurityCheck.exe
2013-06-27 12:59 - 2013-06-27 12:59 - 00890988 ____A C:\Users\Drenalim\Desktop\SecurityCheck.exe
2013-06-27 12:55 - 2013-06-27 12:55 - 02347384 ____A (ESET) C:\Users\Drenalim\Downloads\esetsmartinstaller_enu.exe
2013-06-27 12:55 - 2013-06-27 12:55 - 02347384 ____A (ESET) C:\Users\Drenalim\Desktop\esetsmartinstaller_enu.exe
2013-06-27 12:54 - 2013-05-02 11:14 - 00083672 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
2013-06-25 17:17 - 2013-06-25 17:11 - 00000000 ____D C:\JRT
2013-06-25 17:15 - 2013-01-28 14:37 - 00000000 ____D C:\Users\Drenalim\AppData\Local\Apps\2.0
2013-06-25 17:11 - 2013-06-25 17:11 - 00000000 ____D C:\Windows\ERUNT
2013-06-25 17:10 - 2013-06-25 17:10 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Drenalim\Downloads\JRT.exe
2013-06-25 17:10 - 2013-06-25 17:10 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Drenalim\Desktop\JRT.exe
2013-06-25 16:40 - 2013-06-25 16:40 - 00023153 ____A C:\ComboFix.txt
2013-06-25 16:40 - 2013-06-25 16:35 - 00000000 ____D C:\Qoobox
2013-06-25 16:40 - 2009-07-14 05:20 - 00000000 __RHD C:\users\Default
2013-06-25 16:39 - 2013-06-25 16:34 - 00000000 ____D C:\Windows\erdnt
2013-06-25 16:39 - 2009-07-14 04:34 - 00000215 ____A C:\Windows\system.ini
2013-06-25 16:33 - 2013-06-25 16:33 - 05082330 ____R (Swearware) C:\Users\Drenalim\Desktop\ComboFix.exe
2013-06-25 16:33 - 2013-06-25 16:33 - 05082330 ____A (Swearware) C:\Users\Drenalim\Downloads\ComboFix.exe
2013-06-25 16:10 - 2013-06-25 16:10 - 00000000 ____D C:\FRST
2013-06-25 16:09 - 2013-06-25 16:10 - 01931854 ____A (Farbar) C:\Users\Drenalim\Desktop\FRST64.exe
2013-06-25 16:09 - 2013-06-25 16:09 - 01931854 ____A (Farbar) C:\Users\Drenalim\Downloads\FRST64.exe
2013-06-25 15:59 - 2013-06-25 15:58 - 00000920 ____A C:\AdwCleaner[S2].txt
2013-06-25 15:41 - 2013-06-25 15:41 - 00377856 ____A C:\Users\Drenalim\Downloads\gmer_2.1.19163.exe
2013-06-25 15:41 - 2013-06-25 15:41 - 00377856 ____A C:\Users\Drenalim\Desktop\gmer_2.1.19163.exe
2013-06-25 15:34 - 2013-06-25 15:34 - 00602112 ____A (OldTimer Tools) C:\Users\Drenalim\Desktop\OTL.exe
2013-06-25 15:26 - 2013-06-25 15:26 - 00002163 ____A C:\AdwCleaner[S1].txt
2013-06-25 15:25 - 2013-06-25 15:25 - 00648201 ____A C:\Users\Drenalim\Desktop\adwcleaner2303.exe
2013-06-25 15:17 - 2013-03-19 17:51 - 00000000 ____D C:\Users\Drenalim\AppData\Roaming\Notepad++
2013-06-25 15:17 - 2013-03-19 17:51 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-06-24 16:10 - 2013-06-24 16:10 - 00000000 ____D C:\Users\Drenalim\AppData\Roaming\TuneUp Software
2013-06-24 16:10 - 2013-06-24 16:10 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-06-24 16:09 - 2013-06-24 16:09 - 00283200 ____A (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2013-06-24 16:09 - 2013-06-24 16:09 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-24 16:09 - 2013-06-24 16:09 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2013-06-20 01:33 - 2013-06-20 00:20 - 00000000 ____D C:\Users\Drenalim\Desktop\Queens of the Stoneage
2013-06-20 00:46 - 2013-06-20 00:45 - 40323433 ____A C:\Users\Drenalim\Downloads\QOTSA.zip
2013-06-19 23:53 - 2013-06-19 23:51 - 00000000 ____D C:\Users\Drenalim\Desktop\Sony
2013-06-18 21:48 - 2013-06-16 20:51 - 00000000 ____D C:\Users\Drenalim\Documents\Witcher 2
2013-06-18 21:45 - 2013-06-18 21:45 - 00000000 ____D C:\Users\Drenalim\Downloads\Turkish_mixed
2013-06-18 21:16 - 2013-06-18 20:24 - 225034551 ____A C:\Users\Drenalim\Downloads\Turkish_mixed.rar
2013-06-18 20:45 - 2013-06-18 20:45 - 00000000 ____D C:\Users\Drenalim\Downloads\orhasesmok
2013-06-18 19:11 - 2013-06-18 19:11 - 00000000 ____D C:\Users\Drenalim\Desktop\items
2013-06-18 12:45 - 2013-06-18 12:45 - 00000000 ____D C:\Users\Drenalim\Downloads\xen01
2013-06-16 20:51 - 2013-06-16 20:51 - 00000000 ____D C:\Users\Drenalim\AppData\Local\The Witcher 2
2013-06-16 20:51 - 2013-02-09 13:42 - 00102484 ____A C:\Windows\DirectX.log
2013-06-16 20:48 - 2013-06-16 20:47 - 00624648 ____A C:\Users\Drenalim\Downloads\W2_Triss_Nude_Patch.zip
2013-06-16 18:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-16 17:34 - 2013-06-16 17:34 - 00617312 ____A (www.download-sponsor.de) C:\Users\Drenalim\Downloads\W2_Triss_Nude_Patch_NCDownloader.exe
2013-06-16 17:25 - 2013-06-16 17:25 - 00000201 ____A C:\Users\Drenalim\Desktop\The Witcher 2 Assassins of Kings Enhanced Edition.url
2013-06-14 00:20 - 2013-02-06 14:01 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\Program Files\iTunes
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\Program Files\iPod
2013-06-10 15:41 - 2013-06-10 15:41 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-08 16:08 - 2013-06-16 21:07 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-16 21:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-16 21:07 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-16 21:07 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-16 21:07 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-16 21:07 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-16 21:07 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-16 21:07 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-16 21:07 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-16 21:07 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-16 21:07 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-16 21:07 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-05 17:37 - 2013-05-20 23:07 - 00000000 ____D C:\Users\Drenalim\Downloads\fairy tail
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-06-24 15:44
==================== End Of Log ============================
Grüße |
|
01.07.2013, 12:58
| #14 |
| /// the machine /// TB-Ausbilder | Snap.do löschen (Win 7 64 Bit) Chrome deinstallieren, keine DAten behalten, neu installieren. Besser?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.07.2013, 19:25
| #15 | |
| | Snap.do löschen (Win 7 64 Bit)Zitat:
Weiß nicht ob es hier her gehört aber auf meinem Desktop ist nach dem deinstallieren von Chrome aufeinmal eine versteckte Datei mit folgendem Inhalt aufgetaucht: Code:
ATTFilter [LocalizedFileNames]
Internet Explorer.lnk=@%windir%\System32\ie4uinit.exe,-734
An der Stelle schon mal vielen Dank für deine Ausdauer und Hilfe. Grüße |
|
| Themen zu Snap.do löschen (Win 7 64 Bit) |
| black, deinstallieren, direkt, eingefangen, einträge, farbar, farbar recovery scan tool, fenster, forum, frst.txt, funktionen, google, installiert, löschen, neustart, plug-in, problem, programm, programme, programme und funktionen, snap do, snap.do entfernen, snapdo, starten, suchmaschine, suchmaschinen, systemsteuerung, win32/packed.vmprotect.aah, zusätzliche |
Linear-Darstellung
