|
Log-Analyse und Auswertung: Windows 7 64bit: PC langsam und 50000 .tmp DateinWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
24.09.2013, 16:25 | #1 |
| Windows 7 64bit: PC langsam und 50000 .tmp Datein Hallo zusammen, mein PC ist in letzter Zeit sehr langsam geworden und so habe ich heute beschlossen einfach mal ein wenig aufzuräumen. Alles schön und gut, nun geht er gefühlt auch wieder flüssiger aber ich möchte einfach vorbeugend hier mal nachschauen lassen ob etwas ungewöhnlich ist, da ich beim aufräumen in meinem Eigene Bilder Ordner auf rund 50000 .tmp Datein gestoßen bin die 0 byte groß waren. Habe einfach alle gelöscht und bisher ist auch nichts neues da. Habe auch vorher schon Malewarebytes durchlaufen lassen und die funde gelöscht, Log ist mit dabei. FRST Log Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2013 Ran by ***** (administrator) on *****-PC on 24-09-2013 16:38:48 Running from C:\Users\*****\Sicherheit Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe () C:\Windows\SysWOW64\XSrvSetup.exe ( ) C:\Windows\system32\lxcccoms.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe () C:\Program Files (x86)\XSManager\WTGService.exe (Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe (NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [2342800 2009-05-21] (Microsoft Corporation) HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation) HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor) MountPoints2: {c48b0436-419b-11e0-a6b2-1c6f6582f198} - J:\autorun.exe MountPoints2: {d525353d-140b-11e0-b1b7-1c6f6582f198} - G:\autorun.exe MountPoints2: {e2e74cab-2069-11e2-a9db-1c6f6582f198} - I:\autorun.exe HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.) HKU\Administrator\...\Run: [ISUSPM Startup] - C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [221184 2005-02-17] (InstallShield Software Corporation) HKU\Administrator\...\Run: [Google Update] - C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-29] (Google Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.searchcompletion.com?si=10195&bs=true&q= HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3B13C14D8C9ECD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKCU\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://www.searchcompletion.com?si=10195&home=true HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q= HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.searchcompletion.com?si=10195&bs=true&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.searchcompletion.com?si=10195&bs=true&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://www.searchcompletion.com?si=10195&home=true HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.searchcompletion.com?si=10195&bs=true&q= SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q={searchTerms} SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q={searchTerms} SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q={searchTerms} SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q={searchTerms} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q={searchTerms} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119816&babsrc=SP_ss&mntrId=06d5fd690000000000001c6f6582f198 SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q={searchTerms} BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default FF user.js: detected! => C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\user.js FF SelectedSearchEngine: Delta Search FF Homepage: https://www.google.de/ FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_35 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\*****\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\*****\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\searchplugins\delta.xml FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\searchplugins\Web Search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: DownloadHelper - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF Extension: No Name - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: No Name - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} Chrome: ======= CHR RestoreOnStartup: "hxxp://www.google.de/" CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Users\J\u00F6rg\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\J\u00F6rg\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Users\J\u00F6rg\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Google Update) - C:\Users\J\u00F6rg\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Extension: (Wetter von wetter.com) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgapkfcninhaogfjjoohaleiclbhjmnp\1.21_0 CHR Extension: (YouTube) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Adblock Plus) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0 CHR Extension: (Google Search) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Gmail) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 CHR HKLM-x32\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - C:\Program Files (x86)\Movie2KDownloader.com\Movie2KDownloader10.crx CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx ==================== Services (Whitelisted) ================= R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] () S2 KMService; C:\Windows\SysWow64\srvany.exe [8192 2003-04-18] () R2 lxcc_device; C:\Windows\system32\lxcccoms.exe [566704 2007-03-26] ( ) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation) R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [329168 2010-04-12] () S2 XS Stick Service; C:\Windows\service4g.exe [x] S2 Yontoo Desktop Updater; "C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe" "C:\Users\*****\AppData\Roaming\Yontoo\YontooDesktop.exe" ==================== Drivers (Whitelisted) ==================== S3 AODDriver; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices) S3 AODDriver; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices) R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57512 2012-11-20] (Advanced Micro Devices) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] () R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-12-30] () S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2011-02-26] (Mobile Connector) S3 DVBUSB_0064_Sevice; C:\Windows\System32\DRIVERS\usb_0064.sys [170016 2008-04-08] () S3 gdrv; C:\Windows\gdrv.sys [25640 2011-01-16] (Windows (R) Server 2003 DDK provider) S3 gdrv; C:\Windows\gdrv.sys [25640 2011-01-16] (Windows (R) Server 2003 DDK provider) S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-01-16] () S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-01-16] () S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-12-30] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation) S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10693120 2007-10-16] (Sonix Co. Ltd.) S4 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2012-04-08] (Duplex Secure Ltd.) S3 vhidmini; C:\Windows\System32\DRIVERS\vjoy.sys [15104 2012-10-15] (Headsoft) S3 ALSysIO; \??\C:\Users\JRG~1\AppData\Local\Temp\ALSysIO64.sys [x] S3 OSFMount; \??\C:\Program Files\OSFMount\OSFMount.sys [x] S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013\WNt500x64\Sandra.sys [x] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x] S3 tsusbhub; system32\drivers\tsusbhub.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-24 16:38 - 2013-09-24 16:38 - 00000000 ____D C:\FRST 2013-09-24 16:35 - 2013-09-24 16:35 - 00000020 _____ C:\Users\*****\defogger_reenable 2013-09-24 16:13 - 2013-09-24 16:36 - 00000112 _____ C:\Windows\setupact.log 2013-09-24 16:13 - 2013-09-24 16:13 - 00003722 _____ C:\Windows\PFRO.log 2013-09-24 16:13 - 2013-09-24 16:13 - 00000000 _____ C:\Windows\setuperr.log 2013-09-24 15:48 - 2013-09-24 16:36 - 00026402 _____ C:\Windows\WindowsUpdate.log 2013-09-24 15:42 - 2013-09-24 15:43 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2013-09-24 15:41 - 2013-03-29 21:42 - 03379272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2013-09-24 15:41 - 2013-03-29 18:04 - 21170176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2013-09-24 15:41 - 2013-03-29 17:52 - 00914992 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2013-09-24 15:41 - 2013-03-29 17:10 - 00449481 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2013-09-24 15:41 - 2013-03-27 16:57 - 00135240 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2013-09-24 15:41 - 2013-03-26 17:06 - 02797128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2013-09-24 15:41 - 2013-03-26 15:40 - 03693128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2013-09-24 15:41 - 2013-03-26 14:38 - 01659464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2013-09-24 15:41 - 2013-03-25 17:32 - 03180264 _____ C:\Windows\system32\Drivers\rtvienna.dat 2013-09-24 15:41 - 2013-03-20 13:17 - 09123608 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll 2013-09-24 15:41 - 2013-03-20 13:16 - 02102040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2013-09-24 15:41 - 2013-03-20 13:16 - 01900312 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll 2013-09-24 15:41 - 2013-03-20 13:16 - 00910104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2013-09-24 15:41 - 2013-03-15 19:34 - 04957976 _____ (A-volute) C:\Windows\system32\RTKSMlfx.dll 2013-09-24 15:41 - 2013-03-15 19:33 - 00887640 _____ (A-Volute) C:\Windows\system32\RTKSMSettingsIPC.dll 2013-09-24 15:41 - 2013-03-12 18:16 - 00613448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2013-09-24 15:41 - 2013-03-08 12:51 - 00904752 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2013-09-24 15:41 - 2013-02-28 13:10 - 14021912 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2013-09-24 15:41 - 2013-02-28 13:10 - 02032408 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2013-09-24 15:41 - 2013-02-27 05:37 - 00823072 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll 2013-09-24 15:41 - 2013-02-27 05:37 - 00633632 _____ (SRS Labs, Inc.) C:\Windows\system32\sltech64.dll 2013-09-24 15:41 - 2013-02-27 05:37 - 00517408 _____ (SRS Labs, Inc.) C:\Windows\system32\sl3apo64.dll 2013-09-24 15:41 - 2013-02-27 05:37 - 00213792 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll 2013-09-24 15:41 - 2013-02-21 17:26 - 00858032 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll 2013-09-24 15:41 - 2013-02-21 17:26 - 00148912 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll 2013-09-24 15:41 - 2013-02-21 17:25 - 00569256 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll 2013-09-24 15:41 - 2013-02-20 18:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2013-09-24 15:41 - 2013-02-19 18:52 - 00991816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2013-09-24 15:41 - 2013-01-17 19:32 - 00719640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2013-09-24 15:41 - 2012-12-12 11:17 - 00395208 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2013-09-24 15:41 - 2012-09-10 20:06 - 00612728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2013-09-24 15:41 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2013-09-24 15:41 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2013-09-24 15:41 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2013-09-24 15:41 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2013-09-24 15:41 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2013-09-24 15:41 - 2012-07-15 21:13 - 00394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2013-09-24 15:41 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2013-09-24 15:41 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2013-09-24 15:41 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2013-09-24 15:41 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2013-09-24 15:41 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2013-09-24 15:41 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2013-09-24 15:41 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2013-09-24 15:41 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2013-09-24 15:41 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2013-09-24 15:41 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2013-09-24 15:41 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2013-09-24 15:41 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2013-09-24 15:41 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2013-09-24 15:41 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2013-09-24 15:41 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2013-09-24 15:41 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2013-09-24 15:41 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2013-09-24 15:41 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2013-09-24 15:41 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2013-09-24 15:41 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2013-09-24 15:41 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2013-09-24 15:41 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2013-09-24 15:40 - 2013-03-26 17:04 - 02734624 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2013-09-24 15:40 - 2013-03-23 03:43 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2013-09-24 15:40 - 2012-10-02 14:41 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2013-09-24 15:40 - 2012-10-02 14:41 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2013-09-24 15:40 - 2012-10-02 14:41 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2013-09-24 15:40 - 2012-06-20 17:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2013-09-24 15:40 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2013-09-24 15:40 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2013-09-24 15:34 - 2013-08-27 14:08 - 00883928 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys 2013-09-24 15:34 - 2013-08-27 14:08 - 00108760 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll 2013-09-24 15:34 - 2013-08-27 14:08 - 00074456 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll 2013-09-24 15:32 - 2013-09-24 15:32 - 00000000 ____D C:\ProgramData\ATI 2013-09-24 15:31 - 2013-09-24 15:31 - 00060777 _____ C:\Windows\SysWOW64\CCCInstall_201309241531329455.log 2013-09-24 15:31 - 2013-09-24 15:31 - 00000000 ____D C:\Program Files (x86)\AMD AVT 2013-09-24 15:18 - 2013-09-24 15:24 - 00000000 ____D C:\ProgramData\Package Cache 2013-09-24 15:11 - 2012-08-28 14:27 - 00058536 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys 2013-09-24 14:57 - 2013-09-24 14:57 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-09-24 14:57 - 2013-09-24 14:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-09-24 14:56 - 2013-09-24 14:56 - 00281896 _____ (Mozilla) C:\Users\*****\Downloads\Firefox Setup Stub 24.0.exe 2013-09-24 14:55 - 2013-09-24 14:55 - 00000000 ____D C:\Users\*****\AppData\Roaming\Win7codecs 2013-09-24 14:35 - 2013-09-24 14:35 - 00000000 ____D C:\Program Files (x86)\FinalWire 2013-09-24 14:34 - 2013-09-24 14:35 - 15273288 _____ (FinalWire Ltd. ) C:\Users\*****\Downloads\aida64extreme320.exe 2013-09-20 17:36 - 2013-09-22 14:17 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2013-09-13 21:05 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-13 21:05 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-13 21:05 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-09-13 21:05 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-13 21:05 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-13 21:05 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-13 21:05 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-13 21:05 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-13 21:05 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-13 21:05 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-13 21:05 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-09-13 21:05 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-09-13 21:05 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-09-13 21:05 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-09-13 21:05 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-13 21:05 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-09-13 21:05 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-13 21:05 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-13 21:05 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-09-13 21:05 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-09-12 17:16 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-09-12 17:16 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-09-12 17:16 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-09-12 17:16 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2013-09-12 17:16 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-09-12 17:16 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2013-09-12 17:16 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2013-09-12 17:16 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2013-09-12 17:16 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2013-09-12 17:16 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-09-12 17:16 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-09-12 17:16 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-09-12 17:16 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2013-09-12 17:16 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2013-09-12 17:16 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2013-09-12 17:16 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2013-09-12 17:16 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-09-12 17:16 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-09-12 17:16 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-09-12 17:16 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-09-12 17:16 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2013-09-12 17:16 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2013-09-12 17:16 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2013-09-12 17:16 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-09-12 17:16 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2013-09-10 18:28 - 2013-09-20 14:28 - 03723656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2013-09-10 17:46 - 2013-09-13 21:05 - 00000000 ____D C:\Windows\system32\MRT 2013-08-31 02:14 - 2013-08-31 02:14 - 00125824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll 2013-08-31 02:14 - 2013-08-31 02:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll 2013-08-31 02:14 - 2013-08-31 02:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll 2013-08-31 02:14 - 2013-08-31 02:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll 2013-08-31 02:14 - 2013-08-31 02:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 08215992 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 07256496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 06767240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 06189416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 06176008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 01027544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 00114488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 00097984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll 2013-08-31 02:11 - 2013-08-31 02:11 - 12528640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys 2013-08-31 01:48 - 2013-08-31 01:48 - 00229376 _____ C:\Windows\system32\clinfo.exe 2013-08-31 01:48 - 2013-08-31 01:48 - 00127488 _____ (AMD) C:\Windows\system32\coinst_13.152.dll 2013-08-31 01:47 - 2013-08-31 01:47 - 28192256 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll 2013-08-31 01:47 - 2013-08-31 01:47 - 01187342 _____ C:\Windows\system32\amdocl_as64.exe 2013-08-31 01:47 - 2013-08-31 01:47 - 01061902 _____ C:\Windows\system32\amdocl_ld64.exe 2013-08-31 01:47 - 2013-08-31 01:47 - 00995342 _____ C:\Windows\SysWOW64\amdocl_as32.exe 2013-08-31 01:47 - 2013-08-31 01:47 - 00798734 _____ C:\Windows\SysWOW64\amdocl_ld32.exe 2013-08-31 01:47 - 2013-08-31 01:47 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll 2013-08-31 01:47 - 2013-08-31 01:47 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll 2013-08-31 01:47 - 2013-08-31 01:47 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll 2013-08-31 01:47 - 2013-08-31 01:47 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll 2013-08-31 01:45 - 2013-08-31 01:45 - 23760896 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll 2013-08-31 01:43 - 2013-08-31 01:43 - 00063488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2013-08-31 01:43 - 2013-08-31 01:43 - 00057344 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2013-08-31 01:35 - 2013-08-31 01:35 - 25387520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll 2013-08-31 01:18 - 2013-08-31 01:18 - 00530824 _____ C:\Windows\SysWOW64\atiapfxx.blb 2013-08-31 01:18 - 2013-08-31 01:18 - 00530824 _____ C:\Windows\system32\atiapfxx.blb 2013-08-31 01:18 - 2013-08-31 01:18 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe 2013-08-31 01:18 - 2013-08-31 01:18 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll 2013-08-31 01:18 - 2013-08-31 01:18 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll 2013-08-31 01:18 - 2013-08-31 01:18 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll 2013-08-31 01:18 - 2013-08-31 01:18 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll 2013-08-31 01:17 - 2013-08-31 01:17 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll 2013-08-31 01:14 - 2013-08-31 01:14 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll 2013-08-31 01:13 - 2013-08-31 01:13 - 21400064 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll 2013-08-31 01:04 - 2013-08-31 01:04 - 03388672 _____ C:\Windows\system32\atiumd6a.cap 2013-08-31 00:59 - 2013-08-31 00:59 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll 2013-08-31 00:58 - 2013-08-31 00:58 - 00571904 _____ (AMD) C:\Windows\system32\atieclxx.exe 2013-08-31 00:58 - 2013-08-31 00:58 - 00026112 _____ (AMD) C:\Windows\system32\atimuixx.dll 2013-08-31 00:57 - 2013-08-31 00:57 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe 2013-08-31 00:56 - 2013-08-31 00:56 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll 2013-08-31 00:50 - 2013-08-31 00:50 - 03422720 _____ C:\Windows\SysWOW64\atiumdva.cap 2013-08-31 00:33 - 2013-08-31 00:33 - 00784384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll 2013-08-31 00:33 - 2013-08-31 00:33 - 00594944 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll 2013-08-31 00:33 - 2013-08-31 00:33 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll 2013-08-31 00:32 - 2013-08-31 00:32 - 00618496 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys 2013-08-31 00:32 - 2013-08-31 00:32 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll 2013-08-31 00:32 - 2013-08-31 00:32 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll 2013-08-31 00:32 - 2013-08-31 00:32 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll 2013-08-31 00:32 - 2013-08-31 00:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll 2013-08-31 00:32 - 2013-08-31 00:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll 2013-08-30 19:58 - 2013-08-30 19:58 - 00051200 _____ C:\Windows\system32\kdbsdk64.dll 2013-08-30 19:53 - 2013-08-30 19:53 - 00038912 _____ C:\Windows\SysWOW64\kdbsdk32.dll 2013-08-27 21:06 - 2013-08-27 21:06 - 00233652 _____ C:\Windows\system32\ativvaxy_cik.dat 2013-08-27 19:27 - 2013-08-27 19:27 - 00082336 _____ C:\Windows\system32\ativce02.dat 2013-08-26 12:06 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-08-26 12:06 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2013-08-26 12:06 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-08-26 12:06 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-08-26 12:06 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-08-26 12:06 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2013-08-26 12:06 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2013-08-26 12:06 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-08-26 12:06 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2013-08-26 12:06 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-08-26 12:05 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-08-26 12:05 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-08-26 12:05 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-08-26 12:05 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2013-08-26 12:05 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-08-26 12:05 - 2013-06-15 06:35 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2013-08-26 12:05 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys ==================== One Month Modified Files and Folders ======= 2013-09-24 16:38 - 2013-09-24 16:38 - 00000000 ____D C:\FRST 2013-09-24 16:36 - 2013-09-24 16:13 - 00000112 _____ C:\Windows\setupact.log 2013-09-24 16:36 - 2013-09-24 15:48 - 00026402 _____ C:\Windows\WindowsUpdate.log 2013-09-24 16:36 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-24 16:35 - 2013-09-24 16:35 - 00000020 _____ C:\Users\*****\defogger_reenable 2013-09-24 16:35 - 2012-01-22 19:07 - 00000000 ___RD C:\Users\*****\Sicherheit 2013-09-24 16:35 - 2010-12-29 16:22 - 00000000 ____D C:\Users\***** 2013-09-24 16:28 - 2012-09-29 22:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-24 16:20 - 2009-07-14 06:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-24 16:20 - 2009-07-14 06:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-24 16:13 - 2013-09-24 16:13 - 00003722 _____ C:\Windows\PFRO.log 2013-09-24 16:13 - 2013-09-24 16:13 - 00000000 _____ C:\Windows\setuperr.log 2013-09-24 16:11 - 2012-09-29 16:41 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071852959-998558986-2337029572-1000UA.job 2013-09-24 16:04 - 2011-02-27 18:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-24 16:02 - 2013-02-10 11:39 - 00096256 ___SH C:\Users\*****\Thumbs.db 2013-09-24 15:48 - 2011-03-01 12:46 - 00000000 ____D C:\Windows\Minidump 2013-09-24 15:43 - 2013-09-24 15:42 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2013-09-24 15:39 - 2010-12-29 16:44 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-09-24 15:36 - 2010-12-29 16:44 - 00000000 ____D C:\Program Files (x86)\Realtek 2013-09-24 15:32 - 2013-09-24 15:32 - 00000000 ____D C:\ProgramData\ATI 2013-09-24 15:31 - 2013-09-24 15:31 - 00060777 _____ C:\Windows\SysWOW64\CCCInstall_201309241531329455.log 2013-09-24 15:31 - 2013-09-24 15:31 - 00000000 ____D C:\Program Files (x86)\AMD AVT 2013-09-24 15:31 - 2012-11-11 11:32 - 00000000 ____D C:\ProgramData\AMD 2013-09-24 15:30 - 2010-12-29 16:33 - 00000000 ____D C:\Program Files\ATI Technologies 2013-09-24 15:24 - 2013-09-24 15:18 - 00000000 ____D C:\ProgramData\Package Cache 2013-09-24 15:22 - 2011-02-27 17:47 - 01584728 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-09-24 15:22 - 2009-07-14 19:58 - 00698986 _____ C:\Windows\system32\perfh007.dat 2013-09-24 15:22 - 2009-07-14 19:58 - 00149126 _____ C:\Windows\system32\perfc007.dat 2013-09-24 15:22 - 2009-07-14 07:13 - 01639746 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-24 14:57 - 2013-09-24 14:57 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-09-24 14:57 - 2013-09-24 14:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-09-24 14:57 - 2012-12-09 14:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-24 14:56 - 2013-09-24 14:56 - 00281896 _____ (Mozilla) C:\Users\*****\Downloads\Firefox Setup Stub 24.0.exe 2013-09-24 14:55 - 2013-09-24 14:55 - 00000000 ____D C:\Users\*****\AppData\Roaming\Win7codecs 2013-09-24 14:55 - 2010-12-30 13:53 - 00000000 ____D C:\ProgramData\Win7codecs 2013-09-24 14:35 - 2013-09-24 14:35 - 00000000 ____D C:\Program Files (x86)\FinalWire 2013-09-24 14:35 - 2013-09-24 14:34 - 15273288 _____ (FinalWire Ltd. ) C:\Users\*****\Downloads\aida64extreme320.exe 2013-09-24 14:11 - 2012-09-29 16:41 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071852959-998558986-2337029572-1000Core.job 2013-09-24 13:59 - 2012-03-04 19:04 - 00000000 ____D C:\Users\*****\AppData\Roaming\GHISLER 2013-09-24 13:58 - 2012-02-10 11:52 - 00000000 ____D C:\Users\*****\AppData\Local\Samsung 2013-09-24 13:58 - 2012-02-09 13:50 - 00000000 ____D C:\ProgramData\Samsung 2013-09-24 13:55 - 2012-01-22 17:14 - 00000000 ____D C:\Program Files (x86)\Polar 2013-09-24 13:54 - 2013-01-01 17:17 - 00000000 ____D C:\ProgramData\BlueStacks 2013-09-24 13:54 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries 2013-09-24 13:51 - 2012-04-06 09:48 - 00000000 ____D C:\Users\*****\AppData\Local\Thunderbird 2013-09-24 13:44 - 2011-11-27 16:31 - 00000000 ____D C:\Program Files (x86)\JDownloader 2013-09-24 13:42 - 2012-05-16 11:39 - 00000000 ____D C:\Users\*****\AppData\Roaming\uTorrent 2013-09-22 14:17 - 2013-09-20 17:36 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2013-09-20 16:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-09-20 14:28 - 2013-09-10 18:28 - 03723656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2013-09-20 14:28 - 2012-09-29 22:58 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-20 14:28 - 2012-09-29 22:58 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-20 14:28 - 2011-11-18 12:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-13 21:28 - 2010-12-29 16:23 - 00000000 ___RD C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-13 21:28 - 2010-12-29 16:23 - 00000000 ___RD C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-09-13 21:28 - 2009-07-14 06:45 - 00340120 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-13 21:05 - 2013-09-10 17:46 - 00000000 ____D C:\Windows\system32\MRT 2013-09-13 21:02 - 2011-03-06 11:34 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-13 21:02 - 2011-01-09 16:49 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-09-11 16:59 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-08-31 02:14 - 2013-08-31 02:14 - 00125824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll 2013-08-31 02:14 - 2013-08-31 02:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll 2013-08-31 02:14 - 2013-08-31 02:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll 2013-08-31 02:14 - 2013-08-31 02:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll 2013-08-31 02:14 - 2013-08-31 02:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll 2013-08-31 02:14 - 2010-11-26 04:16 - 00142792 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 08215992 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 07256496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 06767240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 06189416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 06176008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 01027544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 00114488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 00097984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll 2013-08-31 02:13 - 2010-11-26 04:57 - 01233080 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll 2013-08-31 02:13 - 2010-11-26 04:40 - 09464840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll 2013-08-31 02:11 - 2013-08-31 02:11 - 12528640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys 2013-08-31 01:48 - 2013-08-31 01:48 - 00229376 _____ C:\Windows\system32\clinfo.exe 2013-08-31 01:48 - 2013-08-31 01:48 - 00127488 _____ (AMD) C:\Windows\system32\coinst_13.152.dll 2013-08-31 01:47 - 2013-08-31 01:47 - 28192256 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll 2013-08-31 01:47 - 2013-08-31 01:47 - 01187342 _____ C:\Windows\system32\amdocl_as64.exe 2013-08-31 01:47 - 2013-08-31 01:47 - 01061902 _____ C:\Windows\system32\amdocl_ld64.exe 2013-08-31 01:47 - 2013-08-31 01:47 - 00995342 _____ C:\Windows\SysWOW64\amdocl_as32.exe 2013-08-31 01:47 - 2013-08-31 01:47 - 00798734 _____ C:\Windows\SysWOW64\amdocl_ld32.exe 2013-08-31 01:47 - 2013-08-31 01:47 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll 2013-08-31 01:47 - 2013-08-31 01:47 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll 2013-08-31 01:47 - 2013-08-31 01:47 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll 2013-08-31 01:47 - 2013-08-31 01:47 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll 2013-08-31 01:45 - 2013-08-31 01:45 - 23760896 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll 2013-08-31 01:43 - 2013-08-31 01:43 - 00063488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2013-08-31 01:43 - 2013-08-31 01:43 - 00057344 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2013-08-31 01:35 - 2013-08-31 01:35 - 25387520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll 2013-08-31 01:18 - 2013-08-31 01:18 - 00530824 _____ C:\Windows\SysWOW64\atiapfxx.blb 2013-08-31 01:18 - 2013-08-31 01:18 - 00530824 _____ C:\Windows\system32\atiapfxx.blb 2013-08-31 01:18 - 2013-08-31 01:18 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe 2013-08-31 01:18 - 2013-08-31 01:18 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll 2013-08-31 01:18 - 2013-08-31 01:18 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll 2013-08-31 01:18 - 2013-08-31 01:18 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll 2013-08-31 01:18 - 2013-08-31 01:18 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll 2013-08-31 01:17 - 2013-08-31 01:17 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll 2013-08-31 01:14 - 2013-08-31 01:14 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll 2013-08-31 01:13 - 2013-08-31 01:13 - 21400064 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll 2013-08-31 01:04 - 2013-08-31 01:04 - 03388672 _____ C:\Windows\system32\atiumd6a.cap 2013-08-31 00:59 - 2013-08-31 00:59 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll 2013-08-31 00:58 - 2013-08-31 00:58 - 00571904 _____ (AMD) C:\Windows\system32\atieclxx.exe 2013-08-31 00:58 - 2013-08-31 00:58 - 00026112 _____ (AMD) C:\Windows\system32\atimuixx.dll 2013-08-31 00:57 - 2013-08-31 00:57 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe 2013-08-31 00:56 - 2013-08-31 00:56 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll 2013-08-31 00:50 - 2013-08-31 00:50 - 03422720 _____ C:\Windows\SysWOW64\atiumdva.cap 2013-08-31 00:33 - 2013-08-31 00:33 - 00784384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll 2013-08-31 00:33 - 2013-08-31 00:33 - 00594944 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll 2013-08-31 00:33 - 2013-08-31 00:33 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll 2013-08-31 00:32 - 2013-08-31 00:32 - 00618496 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys 2013-08-31 00:32 - 2013-08-31 00:32 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll 2013-08-31 00:32 - 2013-08-31 00:32 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll 2013-08-31 00:32 - 2013-08-31 00:32 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll 2013-08-31 00:32 - 2013-08-31 00:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll 2013-08-31 00:32 - 2013-08-31 00:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll 2013-08-30 19:58 - 2013-08-30 19:58 - 00051200 _____ C:\Windows\system32\kdbsdk64.dll 2013-08-30 19:53 - 2013-08-30 19:53 - 00038912 _____ C:\Windows\SysWOW64\kdbsdk32.dll 2013-08-27 21:06 - 2013-08-27 21:06 - 00233652 _____ C:\Windows\system32\ativvaxy_cik.dat 2013-08-27 19:27 - 2013-08-27 19:27 - 00082336 _____ C:\Windows\system32\ativce02.dat 2013-08-27 14:08 - 2013-09-24 15:34 - 00883928 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys 2013-08-27 14:08 - 2013-09-24 15:34 - 00108760 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll 2013-08-27 14:08 - 2013-09-24 15:34 - 00074456 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll 2013-08-26 11:58 - 2011-01-14 19:06 - 00000000 ____D C:\Program Files\Lx_cats Some content of TEMP: ==================== C:\Users\*****\AppData\Local\Temp\SpotifyUninstall.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-21 12:56 ==================== End Of Log ============================ Addition Log Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-09-2013 Ran by ***** at 2013-09-24 16:40:28 Running from C:\Users\*****\Sicherheit Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168) Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04) AGEIA PhysX v7.07.24 (x32 Version: 7.07.24) AIDA64 Extreme Edition v3.20 (x32 Version: 3.20) Alt.Binz 0.39.4 (x32 Version: 0.39.4) AMD Accelerated Video Transcoding (Version: 13.15.100.30830) AMD APP SDK Runtime (Version: 10.0.1084.4) AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589) AMD Catalyst Install Manager (Version: 8.0.915.0) AMD Drag and Drop Transcoding (Version: 2.00.0000) AMD Fuel (Version: 2013.0830.1944.33589) AMD Media Foundation Decoders (Version: 1.0.80830.1925) Amnesia - The Dark Descent (x32 Version: 1.0.0) Assassin's Creed (x32 Version: 1.00) ATI AVIVO64 Codecs (Version: 11.6.0.51125) ATI Problem Report Wizard (Version: 3.0.804.0) Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000) Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.7) Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6) Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32) Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7) Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589) Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589) Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589) CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589) CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589) CCC Help Czech (x32 Version: 2013.0830.1943.33589) CCC Help Danish (x32 Version: 2013.0830.1943.33589) CCC Help Dutch (x32 Version: 2013.0830.1943.33589) CCC Help English (x32 Version: 2013.0830.1943.33589) CCC Help Finnish (x32 Version: 2013.0830.1943.33589) CCC Help French (x32 Version: 2013.0830.1943.33589) CCC Help German (x32 Version: 2013.0830.1943.33589) CCC Help Greek (x32 Version: 2013.0830.1943.33589) CCC Help Hungarian (x32 Version: 2013.0830.1943.33589) CCC Help Italian (x32 Version: 2013.0830.1943.33589) CCC Help Japanese (x32 Version: 2013.0830.1943.33589) CCC Help Korean (x32 Version: 2013.0830.1943.33589) CCC Help Norwegian (x32 Version: 2013.0830.1943.33589) CCC Help Polish (x32 Version: 2013.0830.1943.33589) CCC Help Portuguese (x32 Version: 2013.0830.1943.33589) CCC Help Russian (x32 Version: 2013.0830.1943.33589) CCC Help Spanish (x32 Version: 2013.0830.1943.33589) CCC Help Swedish (x32 Version: 2013.0830.1943.33589) CCC Help Thai (x32 Version: 2013.0830.1943.33589) CCC Help Turkish (x32 Version: 2013.0830.1943.33589) ccc-utility64 (Version: 2013.0830.1944.33589) CCleaner (Version: 3.03) CDBurnerXP (x32 Version: 4.4.1.3099) Cinergy S USB V1.04.02.04 (x32 Version: 1.04.02.04) Cold War Crisis Release 1.5 (x32 Version: Release 1.5) Command & Conquer Generals (x32 Version: 0.50.0000) Command and ConquerTM Generals Zero Hour (x32 Version: 1.00.0000) Counter-Strike 1.6 DiGiTALZONE (x32) Crazy Machines II (x32 Version: 1.00) Crysis WARHEAD(R) (x32 Version: 1.0) Crysis WARHEAD(R) (x32) Crysis(R) (x32 Version: 1.20.0000) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32) Defraggler (Version: 2.02) DIE SIEDLER - Das Erbe der Könige - Gold Edition (x32 Version: 1.00.0000) Easy Tune 6 B10.0516.1 (x32 Version: 1.00.0000) Epson Easy Photo Print 2 (x32 Version: 2.2.4.0) Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (x32 Version: 1.00.0000) EPSON Scan (x32) EPSON SX130 Series Printer Uninstall FIFA 13 (x32 Version: 1.5.0.0) Gigabyte Raid Configurer (x32 Version: 1.00.0001) Google Chrome (HKCU Version: 29.0.1547.76) Hama Webcam AC-150 (x32 Version: Hama Webcam AC-150) HijackThis 2.0.2 (x32 Version: 2.0.2) ImgBurn (x32 Version: 2.5.6.0) IrfanView (remove only) (x32 Version: 4.32) Java Auto Updater (x32 Version: 2.0.7.1) Java(TM) 6 Update 35 (x32 Version: 6.0.350) Lexmark 3300 Series Lexmark Fax-Lösungen Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft .NET Framework 4.5 (Version: 4.5.50709) Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft IntelliType Pro 7.0 (Version: 7.0.260.0) Microsoft Office 2010 Service Pack 1 (SP1) (x32) Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000) Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Security Client (Version: 4.3.0215.0) Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0) Microsoft Security Essentials (Version: 4.3.215.0) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727) Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0) mIRC (x32 Version: 7.22) Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0) Mozilla Maintenance Service (x32 Version: 24.0) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0) ON_OFF Charge B10.0427.1 (x32 Version: 1.00.0001) PlanetSide 2 (2) (HKCU Version: 1.0.3.183) PlanetSide 2 PSG (HKCU Version: 1.0.3.183) Pro Evolution Soccer 2013 (x32 Version: 1.00.0000) Realtek Ethernet Controller Driver (x32 Version: 7.75.827.2013) Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6034) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6873) S.T.A.L.K.E.R. - Clear Sky (x32 Version: 1.0001) SAMSUNG USB Driver for Mobile Phones (Version: 1.4.103.0) Skispringen 2007 (x32) Sniper - Art of Victory (x32) SopCast 3.5.0 (x32 Version: 3.5.0) StarCraft II (x32 Version: 1.0.0.16117) TeamSpeak 3 Client (x32 Version: 3.0.6) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32) Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2494150) (x32) Update for Microsoft Office 2010 (KB2553065) (x32) Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2566458) (x32) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32) Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32) Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32) Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32) Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32) Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32) Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32) Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32) VLC media player 2.0.0 (x32 Version: 2.0.0) Win7codecs (x32 Version: 2.7.1) Windows Mobile-Gerätecenter (Version: 6.1.6965.0) WinRAR 4.01 (64-Bit) (Version: 4.01.0) XSManager (x32 Version: 3.0) ==================== Restore Points ========================= 10-09-2013 18:21:33 Windows Update 12-09-2013 18:42:09 Windows Update 13-09-2013 18:47:00 Windows Update 18-09-2013 15:52:21 Windows Update 22-09-2013 11:40:28 Windows Update 24-09-2013 11:52:12 Removed Notification Center 24-09-2013 11:55:02 Removed Polar Daemon. 24-09-2013 11:55:24 Removed Polar WebSync. 24-09-2013 11:57:06 Removed Samsung Kies 24-09-2013 11:59:56 WER WIRD MILLIONÄR VIERTE EDITION wird entfernt 24-09-2013 12:55:41 SiSoftware Sandra Lite 24-09-2013 13:18:06 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 24-09-2013 13:24:38 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 24-09-2013 13:33:52 Entfernt Realtek Ethernet Controller Driver 24-09-2013 13:34:31 Installiert Realtek Ethernet Controller Driver ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {159AA9AD-6F40-4717-B1B5-527D1F778A9B} - System32\Tasks\{A752A1DF-7355-4BA8-8620-9550E8FFB555} => C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe [2007-11-11] (Crytek GmbH) Task: {5CD63A29-D66F-4D11-A6A1-F9F437C9714B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {5E62CEDF-C2DA-4731-9BDC-DC18BAA7BBCF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20] (Adobe Systems Incorporated) Task: {6431D238-BA4B-49B9-AE0A-93EF8D598317} - System32\Tasks\{24C69FE3-49D3-4297-B8F7-2CE8DEEBE81F} => C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe [2007-11-11] (Crytek GmbH) Task: {644E1B77-43A7-4173-B993-490427384072} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-05-21] (Microsoft Corporation) Task: {761A72C1-5FC9-4FCA-A439-2F6D389C37FA} - System32\Tasks\{6DE7DD77-671E-407C-8567-B9F93AD89618} => C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\LaunchPad.exe [2013-03-05] (Sony Online Entertainment) Task: {A619AC91-90A1-4DBC-BFBF-C02945915525} - \DealPlyUpdate No Task File Task: {A95F15A7-58CA-4036-B222-F38024FFD8A8} - System32\Tasks\{5FCB2E70-3758-4377-9DDD-414BB2757FD4} => C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe [2007-11-11] (Crytek GmbH) Task: {C4F7C3DB-C4D1-4442-928D-0159EA612900} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4071852959-998558986-2337029572-1000UA => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-29] (Google Inc.) Task: {F911B24B-02FD-4C18-AB78-90BEAF0BBE3B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4071852959-998558986-2337029572-1000Core => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-29] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071852959-998558986-2337029572-1000Core.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071852959-998558986-2337029572-1000UA.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-09-17 17:43 - 2009-08-24 10:10 - 00430592 _____ (SEIKO EPSON CORPORATION / CyCom Technology Corp.) C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll 2009-07-14 02:22 - 2009-07-14 03:38 - 00081408 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm 2011-11-27 16:12 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll 2011-01-03 12:29 - 2011-01-03 12:29 - 00178800 _____ (Sony DADC Austria AG.) c:\windows\SysWOW64\cmdlineext_x64.dll 2013-08-30 19:46 - 2013-08-30 19:46 - 00037888 _____ (AMD) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\FUEL.ImplementationNet4.dll 2013-08-30 19:47 - 2013-08-30 19:47 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2013-09-12 17:16 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-09-12 17:16 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\syswow64\kernel32.dll 2013-09-12 17:16 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\syswow64\KERNELBASE.dll 2012-02-18 17:52 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\syswow64\msvcrt.dll 2011-07-23 10:15 - 2010-11-20 14:08 - 00311296 _____ (Microsoft Corporation) C:\Windows\syswow64\GDI32.dll 2011-07-23 10:15 - 2010-11-20 14:08 - 00833024 _____ (Microsoft Corporation) C:\Windows\syswow64\USER32.dll 2011-07-23 10:15 - 2010-11-20 14:18 - 00640512 _____ (Microsoft Corporation) C:\Windows\syswow64\ADVAPI32.dll 2009-07-14 01:11 - 2009-07-14 03:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll 2013-08-26 12:05 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\syswow64\RPCRT4.dll 2012-09-15 09:42 - 2012-06-02 06:34 - 00096768 _____ (Microsoft Corporation) C:\Windows\syswow64\SspiCli.dll 2009-07-14 01:12 - 2009-07-14 03:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\syswow64\CRYPTBASE.dll 2009-07-14 01:25 - 2009-07-14 03:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\syswow64\LPK.dll 2011-07-23 10:15 - 2010-11-20 14:21 - 00626176 _____ (Microsoft Corporation) C:\Windows\syswow64\USP10.dll 2011-07-23 10:15 - 2010-11-20 14:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\syswow64\SHLWAPI.dll 2011-07-23 10:15 - 2010-11-20 14:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\syswow64\SETUPAPI.dll 2011-07-22 12:52 - 2011-05-24 12:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\syswow64\CFGMGR32.dll 2011-10-14 19:51 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\syswow64\OLEAUT32.dll 2011-07-23 10:15 - 2010-11-20 14:20 - 01414144 _____ (Microsoft Corporation) C:\Windows\syswow64\ole32.dll 2011-07-22 12:52 - 2011-05-24 12:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\syswow64\DEVOBJ.dll 2013-09-12 17:16 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\syswow64\SHELL32.dll 2009-07-14 01:28 - 2009-07-14 03:15 - 00828928 _____ (Microsoft Corporation) C:\Windows\syswow64\MSCTF.dll 2011-07-23 10:15 - 2010-11-20 14:21 - 00269824 _____ (Microsoft Corporation) C:\Windows\syswow64\WLDAP32.dll 2013-08-26 12:06 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\syswow64\WINTRUST.dll 2013-08-26 12:06 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\syswow64\CRYPT32.dll 2011-07-23 10:15 - 2010-11-20 14:19 - 00034304 _____ (Microsoft Corporation) C:\Windows\syswow64\MSASN1.dll 2011-07-23 10:15 - 2010-11-20 14:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\syswow64\WS2_32.dll 2009-07-14 01:12 - 2009-07-14 03:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\syswow64\NSI.dll 2013-09-24 14:57 - 2013-09-11 04:26 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2009-07-14 01:15 - 2009-07-14 03:16 - 00006144 _____ (Microsoft Corporation) C:\Windows\syswow64\PSAPI.DLL 2009-07-14 01:44 - 2009-07-14 03:15 - 00522240 _____ (Microsoft Corporation) C:\Windows\syswow64\CLBCatQ.DLL 2013-09-13 21:05 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\syswow64\WININET.dll 2009-07-14 01:15 - 2009-07-14 03:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\syswow64\normaliz.DLL 2013-09-13 21:05 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\syswow64\iertutil.dll 2011-07-23 10:15 - 2010-11-20 14:18 - 00485888 _____ (Microsoft Corporation) C:\Windows\syswow64\COMDLG32.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/24/2013 04:02:38 PM) (Source: Application Hang) (User: ) Description: Programm Explorer.EXE, Version 6.1.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 694 Startzeit: 01ceb92c4e849e9b Endzeit: 31 Anwendungspfad: C:\Windows\Explorer.EXE Berichts-ID: efde515a-2521-11e3-8c78-1c6f6582f198 Error: (09/23/2013 09:11:15 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: PlanetSide2.exe, Version: 0.0.0.0, Zeitstempel: 0x5233a3bb Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000c41f ID des fehlerhaften Prozesses: 0x1310 Startzeit der fehlerhaften Anwendung: 0xPlanetSide2.exe0 Pfad der fehlerhaften Anwendung: PlanetSide2.exe1 Pfad des fehlerhaften Moduls: PlanetSide2.exe2 Berichtskennung: PlanetSide2.exe3 Error: (09/22/2013 08:32:01 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: PlanetSide2.exe, Version: 0.0.0.0, Zeitstempel: 0x5233a3bb Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000c41f ID des fehlerhaften Prozesses: 0x988 Startzeit der fehlerhaften Anwendung: 0xPlanetSide2.exe0 Pfad der fehlerhaften Anwendung: PlanetSide2.exe1 Pfad des fehlerhaften Moduls: PlanetSide2.exe2 Berichtskennung: PlanetSide2.exe3 Error: (09/22/2013 05:45:10 PM) (Source: BstHdAndroidSvc) (User: ) Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet --- Ende der internen Ausnahmestapelüberwachung --- bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (09/22/2013 03:35:10 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: PlanetSide2.exe, Version: 0.0.0.0, Zeitstempel: 0x5233a3bb Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000c41f ID des fehlerhaften Prozesses: 0xc80 Startzeit der fehlerhaften Anwendung: 0xPlanetSide2.exe0 Pfad der fehlerhaften Anwendung: PlanetSide2.exe1 Pfad des fehlerhaften Moduls: PlanetSide2.exe2 Berichtskennung: PlanetSide2.exe3 Error: (09/22/2013 10:55:07 AM) (Source: BstHdAndroidSvc) (User: ) Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet --- Ende der internen Ausnahmestapelüberwachung --- bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (09/21/2013 02:59:25 PM) (Source: BstHdAndroidSvc) (User: ) Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet --- Ende der internen Ausnahmestapelüberwachung --- bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (09/21/2013 02:55:45 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: PlanetSide2.exe, Version: 0.0.0.0, Zeitstempel: 0x5233a3bb Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000c41f ID des fehlerhaften Prozesses: 0xdbc Startzeit der fehlerhaften Anwendung: 0xPlanetSide2.exe0 Pfad der fehlerhaften Anwendung: PlanetSide2.exe1 Pfad des fehlerhaften Moduls: PlanetSide2.exe2 Berichtskennung: PlanetSide2.exe3 Error: (09/21/2013 00:11:36 PM) (Source: BstHdAndroidSvc) (User: ) Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet --- Ende der internen Ausnahmestapelüberwachung --- bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (09/20/2013 08:59:43 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: PlanetSide2.exe, Version: 0.0.0.0, Zeitstempel: 0x5233a3bb Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000c41f ID des fehlerhaften Prozesses: 0x1064 Startzeit der fehlerhaften Anwendung: 0xPlanetSide2.exe0 Pfad der fehlerhaften Anwendung: PlanetSide2.exe1 Pfad des fehlerhaften Moduls: PlanetSide2.exe2 Berichtskennung: PlanetSide2.exe3 System errors: ============= Error: (09/24/2013 04:15:01 PM) (Source: Service Control Manager) (User: ) Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/24/2013 03:57:05 PM) (Source: Service Control Manager) (User: ) Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/24/2013 03:07:32 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 24.09.2013 um 15:05:39 unerwartet heruntergefahren. Error: (09/24/2013 02:03:23 PM) (Source: Service Control Manager) (User: ) Description: Dienst "JMB36X" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/24/2013 02:03:16 PM) (Source: Service Control Manager) (User: ) Description: Dienst "XS Stick Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/24/2013 01:42:12 PM) (Source: Service Control Manager) (User: ) Description: Dienst "Polar Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/24/2013 01:41:54 PM) (Source: Service Control Manager) (User: ) Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/22/2013 05:45:10 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: %%1064 Error: (09/22/2013 05:44:44 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 22.09.2013 um 17:42:31 unerwartet heruntergefahren. Error: (09/22/2013 01:28:30 PM) (Source: Microsoft Antimalware) (User: ) Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt. Neue Signaturversion: Vorherige Signaturversion: 1.159.415.0 Aktualisierungsquelle: %NT-AUTORITÄT59 Aktualisierungsphase: 4.3.0215.00 Quellpfad: 4.3.0215.01 Signaturtyp: %NT-AUTORITÄT602 Aktualisierungstyp: %NT-AUTORITÄT604 Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %NT-AUTORITÄT605 Vorherige Modulversion: %NT-AUTORITÄT606 Fehlercode: %NT-AUTORITÄT607 Fehlerbeschreibung: %NT-AUTORITÄT608 Microsoft Office Sessions: ========================= Error: (09/24/2013 04:02:38 PM) (Source: Application Hang)(User: ) Description: Explorer.EXE6.1.7601.1751469401ceb92c4e849e9b31C:\Windows\Explorer.EXEefde515a-2521-11e3-8c78-1c6f6582f198 Error: (09/23/2013 09:11:15 PM) (Source: Application Error)(User: ) Description: PlanetSide2.exe0.0.0.05233a3bbKERNELBASE.dll6.1.7601.1822951fb1116c00000050000c41f131001ceb8750a854127C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\PlanetSide2.exeC:\Windows\syswow64\KERNELBASE.dllea33e047-2483-11e3-9de2-1c6f6582f198 Error: (09/22/2013 08:32:01 PM) (Source: Application Error)(User: ) Description: PlanetSide2.exe0.0.0.05233a3bbKERNELBASE.dll6.1.7601.1822951fb1116c00000050000c41f98801ceb7ab3e439f7aC:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\PlanetSide2.exeC:\Windows\syswow64\KERNELBASE.dll44fb1a2c-23b5-11e3-a097-1c6f6582f198 Error: (09/22/2013 05:45:10 PM) (Source: BstHdAndroidSvc)(User: ) Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet --- Ende der internen Ausnahmestapelüberwachung --- bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (09/22/2013 03:35:10 PM) (Source: Application Error)(User: ) Description: PlanetSide2.exe0.0.0.05233a3bbKERNELBASE.dll6.1.7601.1822951fb1116c00000050000c41fc8001ceb78c558f4044C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\PlanetSide2.exeC:\Windows\syswow64\KERNELBASE.dllccc120e2-238b-11e3-aec1-1c6f6582f198 Error: (09/22/2013 10:55:07 AM) (Source: BstHdAndroidSvc)(User: ) Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet --- Ende der internen Ausnahmestapelüberwachung --- bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (09/21/2013 02:59:25 PM) (Source: BstHdAndroidSvc)(User: ) Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet --- Ende der internen Ausnahmestapelüberwachung --- bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (09/21/2013 02:55:45 PM) (Source: Application Error)(User: ) Description: PlanetSide2.exe0.0.0.05233a3bbKERNELBASE.dll6.1.7601.1822951fb1116c00000050000c41fdbc01ceb6ba8beedc33C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\PlanetSide2.exeC:\Windows\syswow64\KERNELBASE.dll207be4bb-22bd-11e3-8acb-1c6f6582f198 Error: (09/21/2013 00:11:36 PM) (Source: BstHdAndroidSvc)(User: ) Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet --- Ende der internen Ausnahmestapelüberwachung --- bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (09/20/2013 08:59:43 PM) (Source: Application Error)(User: ) Description: PlanetSide2.exe0.0.0.05233a3bbKERNELBASE.dll6.1.7601.1822951fb1116c00000050000c41f106401ceb630711e67b7C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\PlanetSide2.exeC:\Windows\syswow64\KERNELBASE.dllcea7602c-2226-11e3-8aa2-1c6f6582f198 ==================== Memory info =========================== Percentage of memory in use: 36% Total physical RAM: 4093.55 MB Available physical RAM: 2618.32 MB Total Pagefile: 8185.29 MB Available Pagefile: 6532.53 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:365.66 GB) (Free:134.94 GB) NTFS Drive d: () (Fixed) (Total:100 GB) (Free:99.58 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 55DA9CB0) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=366 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=100 GB) - (Type=07 NTFS) ==================== End Of Log ============================ GMER Log Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net Rootkit scan 2013-09-24 16:55:53 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000AAKX-001CA0 rev.15.01H15 465,76GB Running: gmer_2.1.19163.exe; Driver: C:\Users\JRG~1\AppData\Local\Temp\kxldypod.sys ---- Threads - GMER 2.1 ---- Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3200:1560] 0000000077823e85 Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3200:2144] 0000000075507587 Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3200:3212] 000000007277758a Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3200:3980] 0000000077822e65 Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3200:964] 0000000077823e85 Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3200:4780] 0000000077823e85 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xFF 0x7E 0x47 0xCE ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x5A 0xE7 0xB5 0xD5 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x05 0xFA 0x8D 0xC1 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x36 0x80 0xC3 0x2D ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x36 0x80 0xC3 0x2D ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1 Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xFF 0x7E 0x47 0xCE ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x5A 0xE7 0xB5 0xD5 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x05 0xFA 0x8D 0xC1 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x36 0x80 0xC3 0x2D ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x36 0x80 0xC3 0x2D ... ---- EOF - GMER 2.1 ---- Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.24.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16686 ***** :: *****-PC [Administrator] 24.09.2013 16:06:04 mbam-log-2013-09-24 (16-06-04).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 223236 Laufzeit: 5 Minute(n), 4 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 14 HKCR\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB} (PUP.Optional.BabylonToolBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\delta LTD (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\DEALPLY (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Google\Chrome\Extensions\bgnnidmnbdkmhfkjgdnngciimpdgohok (PUP.Optional.ATDheNetTVAp.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 3 HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: 11111111 -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\DealPly|ChromeCrxPath (PUP.Optional.DealPly.A) -> Daten: C:\Program Files (x86)\DealPly\DealPly.crx -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: 11111111 -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 1 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Bösartig: (hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=06d5fd690000000000001c6f6582f198) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. Infizierte Verzeichnisse: 4 C:\Users\*****\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 9 C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\*****\Downloads\DTLite4461-0328.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Public\Downloads\DTLite4461-0328.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\*****\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage (PUP.Optional.BrowserDefender.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
24.09.2013, 17:28 | #2 |
/// the machine /// TB-Ausbilder | Windows 7 64bit: PC langsam und 50000 .tmp Datein hi,
__________________Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ |
25.09.2013, 12:24 | #3 |
| Windows 7 64bit: PC langsam und 50000 .tmp Datein ADWCleaner Log
__________________Code:
ATTFilter # AdwCleaner v3.005 - Bericht erstellt am 25/09/2013 um 12:56:59 # Updated 22/09/2013 von Xplode # Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits) # Benutzername : ***** - *****-PC # Gestartet von : C:\Users\*****\Sicherheit\adwcleaner\adwcleaner.exe # Option : Löschen ***** [ Dienste ] ***** [#] Dienst Gelöscht : Yontoo Desktop Updater ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\ProgramData\Babylon Ordner Gelöscht : C:\Program Files (x86)\Gophoto.it Ordner Gelöscht : C:\Users\*****\AppData\Local\Babylon Ordner Gelöscht : C:\Users\*****\AppData\Local\PackageAware Ordner Gelöscht : C:\Users\*****\AppData\Local\PutLockerDownloader Ordner Gelöscht : C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movie2KDownloader.com Ordner Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\jetpack Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\bProtector_extensions.rdf Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\searchplugins\delta.xml Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\searchplugins\Web Search.xml Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Web Search.xml Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\user.js ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Movie2KDownloader Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Schlüssel Gelöscht : HKCU\Software\5b08adce268ea48 Schlüssel Gelöscht : HKLM\SOFTWARE\5b08adce268ea48 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Schlüssel Gelöscht : HKCU\Software\BI Schlüssel Gelöscht : HKLM\Software\Babylon Schlüssel Gelöscht : HKLM\Software\DataMngr Schlüssel Gelöscht : HKLM\Software\SimplyGen Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer ***** [ Browser ] ***** -\\ Internet Explorer v10.0.9200.16686 Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)] -\\ Mozilla Firefox v24.0 (de) [ Datei : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\prefs.js ] Zeile gelöscht : user_pref("browser.search.defaultengine", "Web Search"); Zeile gelöscht : user_pref("browser.search.selectedEngine", "Delta Search"); Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", true); Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.delta-search.com/?affID=119816&babsrc=NT_ss&mntrId=06d5fd690000000000001c6f6582f198"); Zeile gelöscht : user_pref("extensions.delta.admin", false); Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst"); Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false"); Zeile gelöscht : user_pref("extensions.delta.bbDpng", "25"); Zeile gelöscht : user_pref("extensions.delta.cntry", "DE"); Zeile gelöscht : user_pref("extensions.delta.dfltLng", "en"); Zeile gelöscht : user_pref("extensions.delta.excTlbr", false); Zeile gelöscht : user_pref("extensions.delta.hdrMd5", "F87317787A2762A8601D437A95E4FCC2"); Zeile gelöscht : user_pref("extensions.delta.id", "06d5fd690000000000001c6f6582f198"); Zeile gelöscht : user_pref("extensions.delta.instlDay", "15762"); Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst"); Zeile gelöscht : user_pref("extensions.delta.lastVrsnTs", "1.8.10.021:41:36"); Zeile gelöscht : user_pref("extensions.delta.newTab", false); Zeile gelöscht : user_pref("extensions.delta.prdct", "delta"); Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta"); Zeile gelöscht : user_pref("extensions.delta.rvrt", "false"); Zeile gelöscht : user_pref("extensions.delta.sg", "azb"); Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none"); Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base"); Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", ""); Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.10.0"); Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.10.010:48:15"); Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.10.0"); Zeile gelöscht : user_pref("extensions.ffxtlbr@delta.com.install-event-fired", true); -\\ Google Chrome v [ Datei : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [9776 octets] - [25/09/2013 12:54:46] AdwCleaner[S0].txt - [8482 octets] - [25/09/2013 12:56:59] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8542 octets] ########## JRT Log Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.2 (09.22.2013:1) OS: Windows 7 Ultimate x64 Ran by ***** on 25.09.2013 at 13:04:03,49 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4071852959-998558986-2337029572-1000\Software\SweetIM Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Program Files (x86)\firstrowsportapp.com" ~~~ FireFox Emptied folder: C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\vz4gw313.default\minidumps [19 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 25.09.2013 at 13:08:16,83 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST Log FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2013 Ran by ***** (administrator) on *****-PC on 25-09-2013 13:11:31 Running from C:\Users\*****\Sicherheit\FRST64 Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe () C:\Windows\SysWOW64\XSrvSetup.exe ( ) C:\Windows\system32\lxcccoms.exe () C:\Program Files (x86)\XSManager\WTGService.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\system32\msiexec.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [2342800 2009-05-21] (Microsoft Corporation) HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor) MountPoints2: {c48b0436-419b-11e0-a6b2-1c6f6582f198} - J:\autorun.exe MountPoints2: {d525353d-140b-11e0-b1b7-1c6f6582f198} - G:\autorun.exe MountPoints2: {e2e74cab-2069-11e2-a9db-1c6f6582f198} - I:\autorun.exe HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.) HKU\Administrator\...\Run: [ISUSPM Startup] - C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [221184 2005-02-17] (InstallShield Software Corporation) HKU\Administrator\...\Run: [Google Update] - C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-29] (Google Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3B13C14D8C9ECD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default FF Homepage: https://www.google.de/ FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_35 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\*****\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\*****\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: DownloadHelper - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF Extension: No Name - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: No Name - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} Chrome: ======= CHR RestoreOnStartup: "hxxp://www.google.de/" CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Users\J\u00F6rg\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\J\u00F6rg\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Users\J\u00F6rg\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Google Update) - C:\Users\J\u00F6rg\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Extension: (Wetter von wetter.com) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgapkfcninhaogfjjoohaleiclbhjmnp\1.21_0 CHR Extension: (YouTube) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Adblock Plus) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0 CHR Extension: (Google Search) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Gmail) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 ==================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] () S2 KMService; C:\Windows\SysWow64\srvany.exe [8192 2003-04-18] () R2 lxcc_device; C:\Windows\system32\lxcccoms.exe [566704 2007-03-26] ( ) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [329168 2010-04-12] () S2 XS Stick Service; C:\Windows\service4g.exe [x] ==================== Drivers (Whitelisted) ==================== S3 AODDriver; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices) S3 AODDriver; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices) R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57512 2012-11-20] (Advanced Micro Devices) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] () R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-12-30] () S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2011-02-26] (Mobile Connector) S3 DVBUSB_0064_Sevice; C:\Windows\System32\DRIVERS\usb_0064.sys [170016 2008-04-08] () S3 gdrv; C:\Windows\gdrv.sys [25640 2011-01-16] (Windows (R) Server 2003 DDK provider) S3 gdrv; C:\Windows\gdrv.sys [25640 2011-01-16] (Windows (R) Server 2003 DDK provider) S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-01-16] () S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-01-16] () S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-12-30] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10693120 2007-10-16] (Sonix Co. Ltd.) S4 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2012-04-08] (Duplex Secure Ltd.) S3 vhidmini; C:\Windows\System32\DRIVERS\vjoy.sys [15104 2012-10-15] (Headsoft) S3 ALSysIO; \??\C:\Users\JRG~1\AppData\Local\Temp\ALSysIO64.sys [x] S3 OSFMount; \??\C:\Program Files\OSFMount\OSFMount.sys [x] S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013\WNt500x64\Sandra.sys [x] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x] S3 tsusbhub; system32\drivers\tsusbhub.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-25 13:08 - 2013-09-25 13:08 - 00001532 _____ C:\Users\*****\Desktop\JRT.txt 2013-09-25 13:03 - 2013-09-25 13:03 - 00001443 _____ C:\Users\*****\Desktop\JRT.exe - Verknüpfung.lnk 2013-09-25 13:03 - 2013-09-25 13:03 - 00000000 ____D C:\Windows\ERUNT 2013-09-25 12:54 - 2013-09-25 12:57 - 00000000 ____D C:\AdwCleaner 2013-09-24 16:38 - 2013-09-24 16:38 - 00000000 ____D C:\FRST 2013-09-24 16:35 - 2013-09-24 16:35 - 00000020 _____ C:\Users\*****\defogger_reenable 2013-09-24 16:13 - 2013-09-25 12:59 - 00001008 _____ C:\Windows\setupact.log 2013-09-24 16:13 - 2013-09-24 16:13 - 00003722 _____ C:\Windows\PFRO.log 2013-09-24 16:13 - 2013-09-24 16:13 - 00000000 _____ C:\Windows\setuperr.log 2013-09-24 15:48 - 2013-09-25 12:58 - 00158771 _____ C:\Windows\WindowsUpdate.log 2013-09-24 15:42 - 2013-09-24 15:43 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2013-09-24 15:41 - 2013-03-29 21:42 - 03379272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2013-09-24 15:41 - 2013-03-29 18:04 - 21170176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2013-09-24 15:41 - 2013-03-29 17:52 - 00914992 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2013-09-24 15:41 - 2013-03-29 17:10 - 00449481 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2013-09-24 15:41 - 2013-03-27 16:57 - 00135240 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2013-09-24 15:41 - 2013-03-26 17:06 - 02797128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2013-09-24 15:41 - 2013-03-26 15:40 - 03693128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2013-09-24 15:41 - 2013-03-26 14:38 - 01659464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2013-09-24 15:41 - 2013-03-25 17:32 - 03180264 _____ C:\Windows\system32\Drivers\rtvienna.dat 2013-09-24 15:41 - 2013-03-20 13:17 - 09123608 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll 2013-09-24 15:41 - 2013-03-20 13:16 - 02102040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2013-09-24 15:41 - 2013-03-20 13:16 - 01900312 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll 2013-09-24 15:41 - 2013-03-20 13:16 - 00910104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2013-09-24 15:41 - 2013-03-15 19:34 - 04957976 _____ (A-volute) C:\Windows\system32\RTKSMlfx.dll 2013-09-24 15:41 - 2013-03-15 19:33 - 00887640 _____ (A-Volute) C:\Windows\system32\RTKSMSettingsIPC.dll 2013-09-24 15:41 - 2013-03-12 18:16 - 00613448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2013-09-24 15:41 - 2013-03-08 12:51 - 00904752 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2013-09-24 15:41 - 2013-02-28 13:10 - 14021912 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2013-09-24 15:41 - 2013-02-28 13:10 - 02032408 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2013-09-24 15:41 - 2013-02-27 05:37 - 00823072 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll 2013-09-24 15:41 - 2013-02-27 05:37 - 00633632 _____ (SRS Labs, Inc.) C:\Windows\system32\sltech64.dll 2013-09-24 15:41 - 2013-02-27 05:37 - 00517408 _____ (SRS Labs, Inc.) C:\Windows\system32\sl3apo64.dll 2013-09-24 15:41 - 2013-02-27 05:37 - 00213792 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll 2013-09-24 15:41 - 2013-02-21 17:26 - 00858032 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll 2013-09-24 15:41 - 2013-02-21 17:26 - 00148912 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll 2013-09-24 15:41 - 2013-02-21 17:25 - 00569256 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll 2013-09-24 15:41 - 2013-02-20 18:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2013-09-24 15:41 - 2013-02-19 18:52 - 00991816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2013-09-24 15:41 - 2013-01-17 19:32 - 00719640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2013-09-24 15:41 - 2012-12-12 11:17 - 00395208 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2013-09-24 15:41 - 2012-09-10 20:06 - 00612728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2013-09-24 15:41 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2013-09-24 15:41 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2013-09-24 15:41 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2013-09-24 15:41 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2013-09-24 15:41 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2013-09-24 15:41 - 2012-07-15 21:13 - 00394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2013-09-24 15:41 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2013-09-24 15:41 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2013-09-24 15:41 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2013-09-24 15:41 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2013-09-24 15:41 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2013-09-24 15:41 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2013-09-24 15:41 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2013-09-24 15:41 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2013-09-24 15:41 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2013-09-24 15:41 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2013-09-24 15:41 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2013-09-24 15:41 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2013-09-24 15:41 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2013-09-24 15:41 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2013-09-24 15:41 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2013-09-24 15:41 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2013-09-24 15:41 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2013-09-24 15:41 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2013-09-24 15:41 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2013-09-24 15:41 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2013-09-24 15:41 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2013-09-24 15:41 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2013-09-24 15:40 - 2013-03-26 17:04 - 02734624 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2013-09-24 15:40 - 2013-03-23 03:43 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2013-09-24 15:40 - 2012-10-02 14:41 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2013-09-24 15:40 - 2012-10-02 14:41 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2013-09-24 15:40 - 2012-10-02 14:41 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2013-09-24 15:40 - 2012-06-20 17:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2013-09-24 15:40 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2013-09-24 15:40 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2013-09-24 15:40 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2013-09-24 15:34 - 2013-08-27 14:08 - 00883928 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys 2013-09-24 15:34 - 2013-08-27 14:08 - 00108760 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll 2013-09-24 15:34 - 2013-08-27 14:08 - 00074456 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll 2013-09-24 15:32 - 2013-09-24 15:32 - 00000000 ____D C:\ProgramData\ATI 2013-09-24 15:31 - 2013-09-24 15:31 - 00060777 _____ C:\Windows\SysWOW64\CCCInstall_201309241531329455.log 2013-09-24 15:31 - 2013-09-24 15:31 - 00000000 ____D C:\Program Files (x86)\AMD AVT 2013-09-24 15:18 - 2013-09-24 15:24 - 00000000 ____D C:\ProgramData\Package Cache 2013-09-24 15:11 - 2012-08-28 14:27 - 00058536 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys 2013-09-24 14:57 - 2013-09-24 14:57 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-09-24 14:57 - 2013-09-24 14:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-09-24 14:56 - 2013-09-24 14:56 - 00281896 _____ (Mozilla) C:\Users\*****\Downloads\Firefox Setup Stub 24.0.exe 2013-09-24 14:55 - 2013-09-24 14:55 - 00000000 ____D C:\Users\*****\AppData\Roaming\Win7codecs 2013-09-24 14:35 - 2013-09-24 14:35 - 00000000 ____D C:\Program Files (x86)\FinalWire 2013-09-24 14:34 - 2013-09-24 14:35 - 15273288 _____ (FinalWire Ltd. ) C:\Users\*****\Downloads\aida64extreme320.exe 2013-09-20 17:36 - 2013-09-22 14:17 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2013-09-13 21:05 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-13 21:05 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-13 21:05 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-09-13 21:05 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-13 21:05 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-13 21:05 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-13 21:05 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-13 21:05 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-13 21:05 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-13 21:05 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-13 21:05 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-09-13 21:05 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-09-13 21:05 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-09-13 21:05 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-09-13 21:05 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-13 21:05 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-13 21:05 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-09-13 21:05 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-13 21:05 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-13 21:05 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-09-13 21:05 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-09-12 17:16 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-09-12 17:16 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-09-12 17:16 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-09-12 17:16 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2013-09-12 17:16 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-09-12 17:16 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2013-09-12 17:16 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2013-09-12 17:16 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2013-09-12 17:16 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2013-09-12 17:16 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-09-12 17:16 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-09-12 17:16 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-09-12 17:16 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2013-09-12 17:16 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2013-09-12 17:16 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2013-09-12 17:16 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2013-09-12 17:16 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-09-12 17:16 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-09-12 17:16 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-09-12 17:16 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-09-12 17:16 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2013-09-12 17:16 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2013-09-12 17:16 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2013-09-12 17:16 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2013-09-12 17:16 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-09-12 17:16 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2013-09-10 18:28 - 2013-09-20 14:28 - 03723656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2013-09-10 17:46 - 2013-09-13 21:05 - 00000000 ____D C:\Windows\system32\MRT 2013-08-31 02:14 - 2013-08-31 02:14 - 00125824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll 2013-08-31 02:14 - 2013-08-31 02:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll 2013-08-31 02:14 - 2013-08-31 02:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll 2013-08-31 02:14 - 2013-08-31 02:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll 2013-08-31 02:14 - 2013-08-31 02:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 08215992 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 07256496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 06767240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 06189416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 06176008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 01027544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 00114488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 00097984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll 2013-08-31 02:11 - 2013-08-31 02:11 - 12528640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys 2013-08-31 01:48 - 2013-08-31 01:48 - 00229376 _____ C:\Windows\system32\clinfo.exe 2013-08-31 01:48 - 2013-08-31 01:48 - 00127488 _____ (AMD) C:\Windows\system32\coinst_13.152.dll 2013-08-31 01:47 - 2013-08-31 01:47 - 28192256 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll 2013-08-31 01:47 - 2013-08-31 01:47 - 01187342 _____ C:\Windows\system32\amdocl_as64.exe 2013-08-31 01:47 - 2013-08-31 01:47 - 01061902 _____ C:\Windows\system32\amdocl_ld64.exe 2013-08-31 01:47 - 2013-08-31 01:47 - 00995342 _____ C:\Windows\SysWOW64\amdocl_as32.exe 2013-08-31 01:47 - 2013-08-31 01:47 - 00798734 _____ C:\Windows\SysWOW64\amdocl_ld32.exe 2013-08-31 01:47 - 2013-08-31 01:47 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll 2013-08-31 01:47 - 2013-08-31 01:47 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll 2013-08-31 01:47 - 2013-08-31 01:47 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll 2013-08-31 01:47 - 2013-08-31 01:47 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll 2013-08-31 01:45 - 2013-08-31 01:45 - 23760896 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll 2013-08-31 01:43 - 2013-08-31 01:43 - 00063488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2013-08-31 01:43 - 2013-08-31 01:43 - 00057344 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2013-08-31 01:35 - 2013-08-31 01:35 - 25387520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll 2013-08-31 01:18 - 2013-08-31 01:18 - 00530824 _____ C:\Windows\SysWOW64\atiapfxx.blb 2013-08-31 01:18 - 2013-08-31 01:18 - 00530824 _____ C:\Windows\system32\atiapfxx.blb 2013-08-31 01:18 - 2013-08-31 01:18 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe 2013-08-31 01:18 - 2013-08-31 01:18 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll 2013-08-31 01:18 - 2013-08-31 01:18 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll 2013-08-31 01:18 - 2013-08-31 01:18 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll 2013-08-31 01:18 - 2013-08-31 01:18 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll 2013-08-31 01:17 - 2013-08-31 01:17 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll 2013-08-31 01:14 - 2013-08-31 01:14 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll 2013-08-31 01:13 - 2013-08-31 01:13 - 21400064 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll 2013-08-31 01:04 - 2013-08-31 01:04 - 03388672 _____ C:\Windows\system32\atiumd6a.cap 2013-08-31 00:59 - 2013-08-31 00:59 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll 2013-08-31 00:58 - 2013-08-31 00:58 - 00571904 _____ (AMD) C:\Windows\system32\atieclxx.exe 2013-08-31 00:58 - 2013-08-31 00:58 - 00026112 _____ (AMD) C:\Windows\system32\atimuixx.dll 2013-08-31 00:57 - 2013-08-31 00:57 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe 2013-08-31 00:56 - 2013-08-31 00:56 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll 2013-08-31 00:50 - 2013-08-31 00:50 - 03422720 _____ C:\Windows\SysWOW64\atiumdva.cap 2013-08-31 00:33 - 2013-08-31 00:33 - 00784384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll 2013-08-31 00:33 - 2013-08-31 00:33 - 00594944 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll 2013-08-31 00:33 - 2013-08-31 00:33 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll 2013-08-31 00:32 - 2013-08-31 00:32 - 00618496 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys 2013-08-31 00:32 - 2013-08-31 00:32 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll 2013-08-31 00:32 - 2013-08-31 00:32 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll 2013-08-31 00:32 - 2013-08-31 00:32 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll 2013-08-31 00:32 - 2013-08-31 00:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll 2013-08-31 00:32 - 2013-08-31 00:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll 2013-08-30 19:58 - 2013-08-30 19:58 - 00051200 _____ C:\Windows\system32\kdbsdk64.dll 2013-08-30 19:53 - 2013-08-30 19:53 - 00038912 _____ C:\Windows\SysWOW64\kdbsdk32.dll 2013-08-27 21:06 - 2013-08-27 21:06 - 00233652 _____ C:\Windows\system32\ativvaxy_cik.dat 2013-08-27 19:27 - 2013-08-27 19:27 - 00082336 _____ C:\Windows\system32\ativce02.dat 2013-08-26 12:06 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-08-26 12:06 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2013-08-26 12:06 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-08-26 12:06 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-08-26 12:06 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-08-26 12:06 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2013-08-26 12:06 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2013-08-26 12:06 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-08-26 12:06 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2013-08-26 12:06 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-08-26 12:05 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-08-26 12:05 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-08-26 12:05 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-08-26 12:05 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2013-08-26 12:05 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-08-26 12:05 - 2013-06-15 06:35 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2013-08-26 12:05 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys ==================== One Month Modified Files and Folders ======= 2013-09-25 13:11 - 2012-09-29 16:41 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071852959-998558986-2337029572-1000UA.job 2013-09-25 13:08 - 2013-09-25 13:08 - 00001532 _____ C:\Users\*****\Desktop\JRT.txt 2013-09-25 13:06 - 2009-07-14 06:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-25 13:06 - 2009-07-14 06:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-25 13:03 - 2013-09-25 13:03 - 00001443 _____ C:\Users\*****\Desktop\JRT.exe - Verknüpfung.lnk 2013-09-25 13:03 - 2013-09-25 13:03 - 00000000 ____D C:\Windows\ERUNT 2013-09-25 13:02 - 2013-09-24 15:48 - 00158771 _____ C:\Windows\WindowsUpdate.log 2013-09-25 13:02 - 2012-01-22 19:07 - 00000000 ___RD C:\Users\*****\Sicherheit 2013-09-25 13:01 - 2012-09-17 17:46 - 00000000 ____D C:\ProgramData\ABBYY 2013-09-25 12:59 - 2013-09-24 16:13 - 00001008 _____ C:\Windows\setupact.log 2013-09-25 12:59 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-25 12:57 - 2013-09-25 12:54 - 00000000 ____D C:\AdwCleaner 2013-09-24 22:28 - 2012-09-29 22:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-24 19:09 - 2011-01-03 19:22 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc 2013-09-24 17:28 - 2009-07-14 19:58 - 00699154 _____ C:\Windows\system32\perfh007.dat 2013-09-24 17:28 - 2009-07-14 19:58 - 00149294 _____ C:\Windows\system32\perfc007.dat 2013-09-24 17:28 - 2009-07-14 07:13 - 01619544 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-24 16:44 - 2011-02-27 17:47 - 00001912 _____ C:\Windows\epplauncher.mif 2013-09-24 16:44 - 2011-02-27 17:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client 2013-09-24 16:38 - 2013-09-24 16:38 - 00000000 ____D C:\FRST 2013-09-24 16:35 - 2013-09-24 16:35 - 00000020 _____ C:\Users\*****\defogger_reenable 2013-09-24 16:35 - 2010-12-29 16:22 - 00000000 ____D C:\Users\***** 2013-09-24 16:13 - 2013-09-24 16:13 - 00003722 _____ C:\Windows\PFRO.log 2013-09-24 16:13 - 2013-09-24 16:13 - 00000000 _____ C:\Windows\setuperr.log 2013-09-24 16:04 - 2011-02-27 18:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-24 16:02 - 2013-02-10 11:39 - 00096256 ___SH C:\Users\*****\Thumbs.db 2013-09-24 15:48 - 2011-03-01 12:46 - 00000000 ____D C:\Windows\Minidump 2013-09-24 15:43 - 2013-09-24 15:42 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2013-09-24 15:39 - 2010-12-29 16:44 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-09-24 15:36 - 2010-12-29 16:44 - 00000000 ____D C:\Program Files (x86)\Realtek 2013-09-24 15:32 - 2013-09-24 15:32 - 00000000 ____D C:\ProgramData\ATI 2013-09-24 15:31 - 2013-09-24 15:31 - 00060777 _____ C:\Windows\SysWOW64\CCCInstall_201309241531329455.log 2013-09-24 15:31 - 2013-09-24 15:31 - 00000000 ____D C:\Program Files (x86)\AMD AVT 2013-09-24 15:31 - 2012-11-11 11:32 - 00000000 ____D C:\ProgramData\AMD 2013-09-24 15:30 - 2010-12-29 16:33 - 00000000 ____D C:\Program Files\ATI Technologies 2013-09-24 15:24 - 2013-09-24 15:18 - 00000000 ____D C:\ProgramData\Package Cache 2013-09-24 15:22 - 2011-02-27 17:47 - 01584728 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-09-24 14:57 - 2013-09-24 14:57 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-09-24 14:57 - 2013-09-24 14:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-09-24 14:57 - 2012-12-09 14:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-24 14:56 - 2013-09-24 14:56 - 00281896 _____ (Mozilla) C:\Users\*****\Downloads\Firefox Setup Stub 24.0.exe 2013-09-24 14:55 - 2013-09-24 14:55 - 00000000 ____D C:\Users\*****\AppData\Roaming\Win7codecs 2013-09-24 14:55 - 2010-12-30 13:53 - 00000000 ____D C:\ProgramData\Win7codecs 2013-09-24 14:35 - 2013-09-24 14:35 - 00000000 ____D C:\Program Files (x86)\FinalWire 2013-09-24 14:35 - 2013-09-24 14:34 - 15273288 _____ (FinalWire Ltd. ) C:\Users\*****\Downloads\aida64extreme320.exe 2013-09-24 14:11 - 2012-09-29 16:41 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071852959-998558986-2337029572-1000Core.job 2013-09-24 13:59 - 2012-03-04 19:04 - 00000000 ____D C:\Users\*****\AppData\Roaming\GHISLER 2013-09-24 13:58 - 2012-02-10 11:52 - 00000000 ____D C:\Users\*****\AppData\Local\Samsung 2013-09-24 13:58 - 2012-02-09 13:50 - 00000000 ____D C:\ProgramData\Samsung 2013-09-24 13:55 - 2012-01-22 17:14 - 00000000 ____D C:\Program Files (x86)\Polar 2013-09-24 13:54 - 2013-01-01 17:17 - 00000000 ____D C:\ProgramData\BlueStacks 2013-09-24 13:54 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries 2013-09-24 13:51 - 2012-04-06 09:48 - 00000000 ____D C:\Users\*****\AppData\Local\Thunderbird 2013-09-24 13:44 - 2011-11-27 16:31 - 00000000 ____D C:\Program Files (x86)\JDownloader 2013-09-24 13:42 - 2012-05-16 11:39 - 00000000 ____D C:\Users\*****\AppData\Roaming\uTorrent 2013-09-22 14:17 - 2013-09-20 17:36 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2013-09-20 16:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-09-20 14:28 - 2013-09-10 18:28 - 03723656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2013-09-20 14:28 - 2012-09-29 22:58 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-20 14:28 - 2012-09-29 22:58 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-20 14:28 - 2011-11-18 12:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-13 21:28 - 2010-12-29 16:23 - 00000000 ___RD C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-13 21:28 - 2010-12-29 16:23 - 00000000 ___RD C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-09-13 21:28 - 2009-07-14 06:45 - 00340120 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-13 21:05 - 2013-09-10 17:46 - 00000000 ____D C:\Windows\system32\MRT 2013-09-13 21:02 - 2011-03-06 11:34 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-13 21:02 - 2011-01-09 16:49 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-09-11 16:59 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-08-31 02:14 - 2013-08-31 02:14 - 00125824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll 2013-08-31 02:14 - 2013-08-31 02:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll 2013-08-31 02:14 - 2013-08-31 02:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll 2013-08-31 02:14 - 2013-08-31 02:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll 2013-08-31 02:14 - 2013-08-31 02:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll 2013-08-31 02:14 - 2010-11-26 04:16 - 00142792 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 08215992 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 07256496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 06767240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 06189416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 06176008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 01027544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 00114488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll 2013-08-31 02:13 - 2013-08-31 02:13 - 00097984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll 2013-08-31 02:13 - 2010-11-26 04:57 - 01233080 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll 2013-08-31 02:13 - 2010-11-26 04:40 - 09464840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll 2013-08-31 02:11 - 2013-08-31 02:11 - 12528640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys 2013-08-31 01:48 - 2013-08-31 01:48 - 00229376 _____ C:\Windows\system32\clinfo.exe 2013-08-31 01:48 - 2013-08-31 01:48 - 00127488 _____ (AMD) C:\Windows\system32\coinst_13.152.dll 2013-08-31 01:47 - 2013-08-31 01:47 - 28192256 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll 2013-08-31 01:47 - 2013-08-31 01:47 - 01187342 _____ C:\Windows\system32\amdocl_as64.exe 2013-08-31 01:47 - 2013-08-31 01:47 - 01061902 _____ C:\Windows\system32\amdocl_ld64.exe 2013-08-31 01:47 - 2013-08-31 01:47 - 00995342 _____ C:\Windows\SysWOW64\amdocl_as32.exe 2013-08-31 01:47 - 2013-08-31 01:47 - 00798734 _____ C:\Windows\SysWOW64\amdocl_ld32.exe 2013-08-31 01:47 - 2013-08-31 01:47 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll 2013-08-31 01:47 - 2013-08-31 01:47 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll 2013-08-31 01:47 - 2013-08-31 01:47 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll 2013-08-31 01:47 - 2013-08-31 01:47 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll 2013-08-31 01:45 - 2013-08-31 01:45 - 23760896 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll 2013-08-31 01:43 - 2013-08-31 01:43 - 00063488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2013-08-31 01:43 - 2013-08-31 01:43 - 00057344 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2013-08-31 01:35 - 2013-08-31 01:35 - 25387520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll 2013-08-31 01:18 - 2013-08-31 01:18 - 00530824 _____ C:\Windows\SysWOW64\atiapfxx.blb 2013-08-31 01:18 - 2013-08-31 01:18 - 00530824 _____ C:\Windows\system32\atiapfxx.blb 2013-08-31 01:18 - 2013-08-31 01:18 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe 2013-08-31 01:18 - 2013-08-31 01:18 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll 2013-08-31 01:18 - 2013-08-31 01:18 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll 2013-08-31 01:18 - 2013-08-31 01:18 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll 2013-08-31 01:18 - 2013-08-31 01:18 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll 2013-08-31 01:17 - 2013-08-31 01:17 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll 2013-08-31 01:14 - 2013-08-31 01:14 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll 2013-08-31 01:13 - 2013-08-31 01:13 - 21400064 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll 2013-08-31 01:04 - 2013-08-31 01:04 - 03388672 _____ C:\Windows\system32\atiumd6a.cap 2013-08-31 00:59 - 2013-08-31 00:59 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll 2013-08-31 00:58 - 2013-08-31 00:58 - 00571904 _____ (AMD) C:\Windows\system32\atieclxx.exe 2013-08-31 00:58 - 2013-08-31 00:58 - 00026112 _____ (AMD) C:\Windows\system32\atimuixx.dll 2013-08-31 00:57 - 2013-08-31 00:57 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe 2013-08-31 00:56 - 2013-08-31 00:56 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll 2013-08-31 00:50 - 2013-08-31 00:50 - 03422720 _____ C:\Windows\SysWOW64\atiumdva.cap 2013-08-31 00:33 - 2013-08-31 00:33 - 00784384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll 2013-08-31 00:33 - 2013-08-31 00:33 - 00594944 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll 2013-08-31 00:33 - 2013-08-31 00:33 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll 2013-08-31 00:32 - 2013-08-31 00:32 - 00618496 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys 2013-08-31 00:32 - 2013-08-31 00:32 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll 2013-08-31 00:32 - 2013-08-31 00:32 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll 2013-08-31 00:32 - 2013-08-31 00:32 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll 2013-08-31 00:32 - 2013-08-31 00:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll 2013-08-31 00:32 - 2013-08-31 00:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll 2013-08-30 19:58 - 2013-08-30 19:58 - 00051200 _____ C:\Windows\system32\kdbsdk64.dll 2013-08-30 19:53 - 2013-08-30 19:53 - 00038912 _____ C:\Windows\SysWOW64\kdbsdk32.dll 2013-08-27 21:06 - 2013-08-27 21:06 - 00233652 _____ C:\Windows\system32\ativvaxy_cik.dat 2013-08-27 19:27 - 2013-08-27 19:27 - 00082336 _____ C:\Windows\system32\ativce02.dat 2013-08-27 14:08 - 2013-09-24 15:34 - 00883928 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys 2013-08-27 14:08 - 2013-09-24 15:34 - 00108760 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll 2013-08-27 14:08 - 2013-09-24 15:34 - 00074456 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll 2013-08-26 11:58 - 2011-01-14 19:06 - 00000000 ____D C:\Program Files\Lx_cats Some content of TEMP: ==================== C:\Users\*****\AppData\Local\Temp\Quarantine.exe C:\Users\*****\AppData\Local\Temp\SpotifyUninstall.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-21 12:56 ==================== End Of Log ============================ |
25.09.2013, 18:22 | #4 |
/// the machine /// TB-Ausbilder | Windows 7 64bit: PC langsam und 50000 .tmp DateinESET Online Scanner
Downloade Dir bitte SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |