| |
| |||||||
Log-Analyse und Auswertung: Schon wieder 3 Funde mit Emsisoft (Adware.Win32.Adlop)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
14.02.2014, 15:12
| #1 |
 |  Schon wieder 3 Funde mit Emsisoft (Adware.Win32.Adlop) Hallo Leute Ich hab leider schon wieder 3 Funde mit Emsisoft Antimalware. 1) Adware.Win32.Adlop 2) Setting.DisableTaskMgr 3) Setting.DisableRegistryTools Anbei der Logfile. Vielen Dank schon einmal im vorraus Code:
ATTFilter Emsisoft Anti-Malware - Version 8.1
Letztes Update: 14.02.2014 12:36:09
Benutzerkonto: Chris-PC\Chris
Scan Einstellungen:
Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\
PUPs-Erkennung: Aus
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus
Scan Beginn: 14.02.2014 12:49:24
C:\Program Files (x86)\creati~1\ gefunden: Adware.Win32.Adlop (A)
Value: HKEY_USERS\S-1-5-21-2700037141-328788384-127891080-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR gefunden: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-2700037141-328788384-127891080-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS gefunden: Setting.DisableRegistryTools (A)
Gescannt 653150
Gefunden 3
Scan Ende: 14.02.2014 15:07:11
Scan Zeit: 2:17:47
|
|
14.02.2014, 17:22
| #2 |
| /// the machine /// TB-Ausbilder    |  Schon wieder 3 Funde mit Emsisoft (Adware.Win32.Adlop) hi,
__________________Emsi hatte nen riesen Update in Sachen PUP und Adware. Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
14.02.2014, 19:35
| #3 | |
| | Schon wieder 3 Funde mit Emsisoft (Adware.Win32.Adlop)Zitat:
Hier die Logs: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01
Ran by Chris (administrator) on CHRIS-PC on 14-02-2014 19:28:06
Running from C:\Users\Chris\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Andere\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
() C:\Windows\SysWOW64\PnkBstrA.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Sitecom\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Sitecom\Common\RaRegistry64.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Seiko Epson Corporation) C:\Windows\system32\EscSvc64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Panda Security) C:\Program Files (x86)\Andere\Panda USB Vaccine\USBVaccine.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(Sandboxie Holdings, LLC) C:\Program Files\Andere\Sandboxie\SbieCtrl.exe
(FileHippo.com) C:\Program Files (x86)\Andere\FileHippo.com\UpdateChecker.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(Sitecom Europe BV) C:\Program Files (x86)\Sitecom\Common\RaUI.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(NewSoft Technology Corporation) C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMSpeed.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Valve Corporation) C:\Program Files (x86)\Andere\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13213840 2012-10-26] (Realtek Semiconductor)
HKLM\...\Run: [WrtMon.exe] - C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [emsisoft anti-malware] - c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4329408 2013-12-04] (Emsisoft GmbH)
HKLM-x32\...\Run: [FUFAXRCV] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502952 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863400 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PMSpeed] - C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [KMCONFIG] - "C:\Program Files (x86)\Spiele\Mouse Driver\StartAutorun.exe" KMConfig.exe
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\Andere\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-06] (Microsoft Corporation)
HKU\S-1-5-21-2700037141-328788384-127891080-1000\...\Run: [SandboxieControl] - C:\Program Files\Andere\Sandboxie\SbieCtrl.exe [759496 2014-01-17] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-2700037141-328788384-127891080-1000\...\Run: [FileHippo.com] - C:\Program Files (x86)\Andere\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKU\S-1-5-21-2700037141-328788384-127891080-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\Andere\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2700037141-328788384-127891080-1000\...\Run: [] - C:\Program Files (x86)\Andere\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
HKU\S-1-5-21-2700037141-328788384-127891080-1000\...\Run: [RoboForm] - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2013-09-26] (Siber Systems)
HKU\S-1-5-21-2700037141-328788384-127891080-1000\...\Run: [Raptr] - C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-01-23] (Raptr, Inc)
HKU\S-1-5-21-2700037141-328788384-127891080-1000\...\MountPoints2: {c3ecfcb8-65cd-11e3-8d4c-1c6f65806f76} - G:\HTC_Sync_Manager_PC.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.roboform.com
BHO: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Chrome:
=======
CHR HomePage: hxxp://start.roboform.com
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (RoboForm Plugin for Google Chrome/Opera/etc.) - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\plugin/np-rf-plugin.dll (Siber Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Andere\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Andere\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Andere\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Andere\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Andere\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Battlelog Game Launcher) - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Andere\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (ProxTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2013-07-01]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-06]
CHR Extension: (Google-Suche) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-06]
CHR Extension: (Proxy SwitchySharp) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2013-09-27]
CHR Extension: (HTTPS Everywhere) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2013-06-10]
CHR Extension: (AdBlock) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-06-10]
CHR Extension: (Google Maps) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-07-05]
CHR Extension: (Ghostery) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2013-06-10]
CHR Extension: (Unofficial Walking Dead Theme) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncieondinlhgaapbkmbnmdmmamchoiin [2013-06-06]
CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (Google Mail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-06]
==================== Services (Whitelisted) =================
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4161512 2013-12-04] (Emsisoft GmbH)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-11] (Seiko Epson Corporation)
S2 NETGEARGenieDaemon; C:\Program Files (x86)\Andere\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2013-04-07] (NETGEAR)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-09-12] ()
R2 RalinkRegistryWriter; C:\Program Files (x86)\Sitecom\Common\RaRegistry.exe [185632 2009-10-20] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Sitecom\Common\RaRegistry64.exe [212256 2009-10-20] (Ralink Technology, Corp.)
R2 SbieSvc; C:\Program Files\Andere\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
==================== Drivers (Whitelisted) ====================
R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [70960 2013-08-26] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [17384 2013-03-28] (Emsisoft GmbH)
S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [40808 2013-12-15] (Google Inc)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-18] (DT Soft Ltd)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
R3 SbieDrv; C:\Program Files\Andere\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2013-03-15] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2013-03-15] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2013-03-15] (Paragon)
R3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-14 19:28 - 2014-02-14 19:28 - 00015576 _____ () C:\Users\Chris\Desktop\FRST.txt
2014-02-14 19:28 - 2014-02-14 19:28 - 00000000 ____D () C:\FRST
2014-02-14 19:27 - 2014-02-14 19:27 - 02152960 _____ (Farbar) C:\Users\Chris\Desktop\FRST64.exe
2014-02-14 15:12 - 2014-02-14 15:12 - 00000000 ____D () C:\Users\Chris\Desktop\Neuer Ordner
2014-02-14 12:45 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-02-14 12:45 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-02-14 12:45 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-02-14 12:45 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-02-14 12:45 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-02-14 12:45 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-02-14 12:45 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-02-14 12:45 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-02-14 12:45 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-02-14 12:45 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-02-14 12:45 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-02-14 12:45 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-02-14 12:45 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-02-14 12:45 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-02-14 12:45 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-02-14 12:45 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-02-14 12:45 - 2013-10-01 21:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-14 12:45 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-14 12:44 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-02-14 12:44 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-02-14 01:22 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 01:22 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-14 01:21 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 01:21 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 01:21 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 01:21 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 01:21 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-14 01:21 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-14 01:21 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 01:21 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-14 01:21 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 01:21 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 01:21 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-14 01:21 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-14 01:21 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-14 01:21 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-14 01:21 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-14 01:21 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-14 01:21 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 01:21 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-14 01:21 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-14 01:21 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-14 01:21 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 01:21 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-14 01:21 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-14 01:21 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 01:21 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-14 01:21 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-14 01:21 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-14 01:21 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-14 01:21 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-14 01:21 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 01:21 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 01:21 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-14 01:21 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-14 01:21 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-14 01:21 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 01:21 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-14 01:21 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-14 01:21 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-14 01:21 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 23:00 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 23:00 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 23:00 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 23:00 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 23:00 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 23:00 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 23:00 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 23:00 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 23:00 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 23:00 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 23:00 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 23:00 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 23:00 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 23:00 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 23:00 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 23:00 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 23:00 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 23:00 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 23:00 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 23:00 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 23:00 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 23:00 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 23:00 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 23:00 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 23:00 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 23:00 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 23:00 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 23:00 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-10 22:45 - 2014-02-10 22:45 - 00078828 _____ () C:\EamClean.log
2014-02-05 19:31 - 2014-02-05 19:31 - 03544968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-05 17:15 - 2014-02-05 17:15 - 00055617 _____ () C:\Windows\SysWOW64\CCCInstall_201402051715332678.log
2014-02-05 17:15 - 2014-02-05 17:15 - 00000000 ____D () C:\ProgramData\ATI
2014-02-05 17:15 - 2014-02-05 17:15 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-02-05 17:13 - 2014-02-05 17:13 - 00000000 ____D () C:\Program Files\AMD
2014-02-05 17:09 - 2014-02-05 17:09 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-02-05 17:09 - 2014-02-05 17:09 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\library_dir
2014-02-05 17:08 - 2014-02-14 16:48 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Raptr
2014-02-05 17:08 - 2014-02-05 17:09 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-02-05 17:08 - 2014-02-05 17:08 - 01012920 _____ () C:\Users\Chris\Downloads\amddriverdownloader.exe
2014-02-02 14:01 - 2014-02-04 18:24 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\IcoFX2X
2014-02-02 14:01 - 2014-02-02 14:01 - 00000000 ____D () C:\ProgramData\IcoFX2X
2014-02-02 14:01 - 2014-02-02 14:01 - 00000000 ____D () C:\Program Files (x86)\IcoFX 2
2014-01-18 23:43 - 2014-01-18 23:43 - 00000000 ____D () C:\ProgramData\Bohemia Interactive Studio
2014-01-18 21:35 - 2014-02-14 18:31 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-18 21:35 - 2014-02-05 19:31 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-18 21:35 - 2014-02-05 19:31 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-18 21:35 - 2014-02-05 19:31 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-17 14:13 - 2014-01-17 14:13 - 00001336 _____ () C:\Users\Public\Desktop\DayZ Commander.lnk
2014-01-17 14:13 - 2014-01-17 14:13 - 00000000 ____D () C:\Users\Chris\AppData\Local\DayZCommander
2014-01-17 14:13 - 2014-01-17 14:13 - 00000000 ____D () C:\Program Files (x86)\Dotjosh Studios
2014-01-17 14:12 - 2014-01-17 14:12 - 02945024 _____ () C:\Users\Chris\Downloads\Dotjosh.DayZCommander.Installer.msi
2014-01-17 14:06 - 2014-01-24 23:21 - 00000000 ____D () C:\Users\Chris\AppData\Local\ArmA 2 OA
2014-01-17 14:01 - 2014-01-19 00:10 - 00000000 ____D () C:\Users\Chris\Documents\ArmA 2
2014-01-17 14:01 - 2014-01-17 14:06 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-01-17 14:01 - 2014-01-17 14:01 - 00000000 ____D () C:\Users\Chris\AppData\Local\ArmA 2
2014-01-15 22:40 - 2014-01-15 22:40 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-15 22:40 - 2014-01-15 22:40 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-15 22:40 - 2014-01-15 22:40 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-15 22:40 - 2014-01-15 22:40 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-15 22:40 - 2014-01-15 22:40 - 00000000 ____D () C:\Program Files\Java
2014-01-15 22:29 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 22:29 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 22:29 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 22:29 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 22:29 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 22:29 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 22:29 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 22:29 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 22:29 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
==================== One Month Modified Files and Folders =======
2014-02-14 19:28 - 2014-02-14 19:28 - 00015576 _____ () C:\Users\Chris\Desktop\FRST.txt
2014-02-14 19:28 - 2014-02-14 19:28 - 00000000 ____D () C:\FRST
2014-02-14 19:27 - 2014-02-14 19:27 - 02152960 _____ (Farbar) C:\Users\Chris\Desktop\FRST64.exe
2014-02-14 19:10 - 2013-06-06 21:11 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-14 18:40 - 2013-06-06 22:11 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-02-14 18:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-14 18:31 - 2014-01-18 21:35 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-14 18:16 - 2013-06-06 21:11 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-14 16:48 - 2014-02-05 17:08 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Raptr
2014-02-14 15:12 - 2014-02-14 15:12 - 00000000 ____D () C:\Users\Chris\Desktop\Neuer Ordner
2014-02-14 12:55 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-14 12:55 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-14 12:52 - 2013-06-06 19:18 - 01755898 _____ () C:\Windows\WindowsUpdate.log
2014-02-14 12:48 - 2013-09-27 19:15 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\.oit
2014-02-14 12:47 - 2013-11-17 13:07 - 00022166 _____ () C:\Windows\setupact.log
2014-02-14 12:47 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-14 01:29 - 2013-07-13 00:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-14 01:27 - 2013-06-06 20:24 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-14 01:23 - 2013-11-05 18:06 - 01594028 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-14 01:23 - 2009-07-14 18:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-02-14 01:23 - 2009-07-14 18:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-02-14 01:23 - 2009-07-14 06:13 - 01594028 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-12 19:00 - 2013-06-06 19:39 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-02-11 18:05 - 2013-06-06 21:11 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-11 18:05 - 2013-06-06 21:11 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-10 22:55 - 2013-11-13 12:39 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Ghosts FoV Changer
2014-02-10 22:45 - 2014-02-10 22:45 - 00078828 _____ () C:\EamClean.log
2014-02-10 17:58 - 2013-06-06 22:18 - 00000827 _____ () C:\Users\Chris\Desktop\Chris.lnk
2014-02-07 13:46 - 2013-12-19 18:30 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\vlc
2014-02-06 17:12 - 2013-06-06 23:33 - 00003786 _____ () C:\Windows\Sandboxie.ini
2014-02-06 13:16 - 2014-02-14 01:21 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-14 01:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-14 01:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-14 01:21 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-14 01:21 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-14 01:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-14 01:21 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-14 01:21 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-14 01:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-14 01:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-14 01:21 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-14 01:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-14 01:21 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-14 01:21 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-14 01:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-14 01:21 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-14 01:21 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-14 01:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-14 01:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-14 01:21 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-14 01:21 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-14 01:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-14 01:21 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-14 01:21 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-14 01:21 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-14 01:21 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-14 01:21 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-14 01:21 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-14 01:21 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-14 01:21 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-14 01:21 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-14 01:21 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-14 01:21 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-14 01:21 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-14 01:21 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-14 01:21 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-14 01:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-14 01:21 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-14 01:21 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 19:31 - 2014-02-05 19:31 - 03544968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-05 19:31 - 2014-01-18 21:35 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 19:31 - 2014-01-18 21:35 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 19:31 - 2014-01-18 21:35 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 17:15 - 2014-02-05 17:15 - 00055617 _____ () C:\Windows\SysWOW64\CCCInstall_201402051715332678.log
2014-02-05 17:15 - 2014-02-05 17:15 - 00000000 ____D () C:\ProgramData\ATI
2014-02-05 17:15 - 2014-02-05 17:15 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-02-05 17:15 - 2013-06-06 19:37 - 00000000 ____D () C:\ProgramData\AMD
2014-02-05 17:15 - 2013-06-06 19:36 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-02-05 17:13 - 2014-02-05 17:13 - 00000000 ____D () C:\Program Files\AMD
2014-02-05 17:09 - 2014-02-05 17:09 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-02-05 17:09 - 2014-02-05 17:09 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\library_dir
2014-02-05 17:09 - 2014-02-05 17:08 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-02-05 17:08 - 2014-02-05 17:08 - 01012920 _____ () C:\Users\Chris\Downloads\amddriverdownloader.exe
2014-02-05 00:18 - 2013-06-07 21:19 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\TS3Client
2014-02-05 00:05 - 2013-06-07 01:00 - 00422661 _____ () C:\Windows\DirectX.log
2014-02-05 00:00 - 2013-06-07 00:32 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-02-04 22:32 - 2013-06-10 22:35 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-02-04 22:32 - 2013-06-07 01:05 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-02-04 22:32 - 2013-06-07 01:05 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-02-04 18:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-02-04 18:24 - 2014-02-02 14:01 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\IcoFX2X
2014-02-04 00:58 - 2013-06-06 21:48 - 00000000 ___RD () C:\Users\Chris\Desktop\Programme
2014-02-02 20:00 - 2013-06-07 00:30 - 00000000 ____D () C:\ProgramData\Origin
2014-02-02 15:43 - 2013-06-06 19:22 - 00000000 ___RD () C:\Users\Chris
2014-02-02 15:36 - 2014-01-05 16:55 - 00000000 ___RD () C:\Users\Chris\Desktop\ebay- PC-Spiele Chris
2014-02-02 15:36 - 2013-10-30 20:32 - 00000000 ___RD () C:\Users\Chris\Desktop\GTA
2014-02-02 15:35 - 2013-06-06 21:44 - 00000721 _____ () C:\Users\Chris\Desktop\Eigene Dateien (D).lnk
2014-02-02 14:43 - 2013-06-06 19:40 - 00000495 _____ () C:\Users\Chris\Desktop\Computer.lnk
2014-02-02 14:34 - 2013-06-07 21:18 - 00001468 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-02-02 14:23 - 2013-06-07 00:30 - 00001232 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-02-02 14:10 - 2013-06-07 00:32 - 00001233 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-02-02 14:01 - 2014-02-02 14:01 - 00000000 ____D () C:\ProgramData\IcoFX2X
2014-02-02 14:01 - 2014-02-02 14:01 - 00000000 ____D () C:\Program Files (x86)\IcoFX 2
2014-01-24 23:21 - 2014-01-17 14:06 - 00000000 ____D () C:\Users\Chris\AppData\Local\ArmA 2 OA
2014-01-20 15:28 - 2013-06-07 00:11 - 00000000 ____D () C:\Users\Chris\AppData\Local\Adobe
2014-01-20 09:38 - 2013-06-06 21:55 - 00305270 _____ () C:\Windows\PFRO.log
2014-01-19 00:10 - 2014-01-17 14:01 - 00000000 ____D () C:\Users\Chris\Documents\ArmA 2
2014-01-18 23:43 - 2014-01-18 23:43 - 00000000 ____D () C:\ProgramData\Bohemia Interactive Studio
2014-01-18 21:28 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-17 14:13 - 2014-01-17 14:13 - 00001336 _____ () C:\Users\Public\Desktop\DayZ Commander.lnk
2014-01-17 14:13 - 2014-01-17 14:13 - 00000000 ____D () C:\Users\Chris\AppData\Local\DayZCommander
2014-01-17 14:13 - 2014-01-17 14:13 - 00000000 ____D () C:\Program Files (x86)\Dotjosh Studios
2014-01-17 14:12 - 2014-01-17 14:12 - 02945024 _____ () C:\Users\Chris\Downloads\Dotjosh.DayZCommander.Installer.msi
2014-01-17 14:06 - 2014-01-17 14:01 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-01-17 14:01 - 2014-01-17 14:01 - 00000000 ____D () C:\Users\Chris\AppData\Local\ArmA 2
2014-01-16 09:59 - 2013-06-06 20:06 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-15 22:41 - 2009-07-14 05:45 - 00305296 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-15 22:40 - 2014-01-15 22:40 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-15 22:40 - 2014-01-15 22:40 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-15 22:40 - 2014-01-15 22:40 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-15 22:40 - 2014-01-15 22:40 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-15 22:40 - 2014-01-15 22:40 - 00000000 ____D () C:\Program Files\Java
2014-01-15 22:40 - 2014-01-07 18:57 - 00000000 ____D () C:\Users\Chris\Downloads\Skyrim
2014-01-15 22:35 - 2013-12-08 16:41 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-15 22:34 - 2013-06-10 10:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
Some content of TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\551a835cd3aeaee94f9e1e206c685299.dll
C:\Users\Chris\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Chris\AppData\Local\Temp\ose00000.exe
C:\Users\Chris\AppData\Local\Temp\Quarantine.exe
C:\Users\Chris\AppData\Local\Temp\raptrpatch.exe
C:\Users\Chris\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\Chris\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Chris\AppData\Local\Temp\sonarinst.exe
C:\Users\Chris\AppData\Local\Temp\vlc-2.1.1-win64.exe
C:\Users\Chris\AppData\Local\Temp\vlc-2.1.2-win64.exe
C:\Users\Chris\AppData\Local\Temp\_is2A99.exe
C:\Users\Chris\AppData\Local\Temp\_is3B89.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-10 10:51
==================== End Of Log ============================
--- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2014 01
Ran by Chris at 2014-02-14 19:28:35
Running from C:\Users\Chris\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
==================== Installed Programs ======================
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (x32 Version: 2.3 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ArchiCAD 17 GER (Version: 17.0 - GRAPHISOFT)
Arma 2 (x32 Version: - Bohemia Interactive)
Arma 2: DayZ Mod (x32 Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (x32 Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (x32 Version: - )
Battlefield 1942™ (x32 Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (x32 Version: 1.6.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (x32 Version: 1.0.1.0 - Electronic Arts)
Battlelog Web Plugins (x32 Version: 2.3.2 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (x32 Version: - )
BattlEye Uninstall (x32 Version: - )
Call of Duty: Black Ops II - Multiplayer (x32 Version: - )
Call of Duty: Black Ops II - Zombies (x32 Version: - )
Call of Duty: Black Ops II (x32 Version: - )
Call of Duty: Ghosts - Multiplayer (x32 Version: - )
Call of Duty: Ghosts (x32 Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 - Multiplayer (x32 Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (x32 Version: - Infinity Ward)
Call of Duty: Modern Warfare 3 - Dedicated Server (x32 Version: - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 - Multiplayer (x32 Version: - Infinity Ward)
Call of Duty: Modern Warfare 3 (x32 Version: - Infinity Ward)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (x32 Version: 4.5.2.4291 - CDBurnerXP)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
CPUID HWMonitor 1.23 (Version: - )
Creative Systeminformationen (x32 Version: 1.10 - Creative Technology Limited)
Crysis®3 (x32 Version: 1.0.0.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (x32 Version: 4.47.1.0333 - Disc Soft Ltd)
DayZ Commander (x32 Version: 0.92.91 - Dotjosh Studios)
Dead Island (x32 Version: - Techland)
Dropbox (HKCU Version: 2.0.26 - Dropbox, Inc.)
Emsisoft Anti-Malware (x32 Version: 7.0 - Emsisoft GmbH)
Epson Benutzerhandbuch WF-2530 Series (x32 Version: - )
Epson Connect Guide (x32 Version: - )
Epson Event Manager (x32 Version: 3.01.0005 - Seiko Epson Corporation)
Epson FAX Utility (x32 Version: 1.31.00 - SEIKO EPSON CORPORATION)
Epson Netzwerkhandbuch WF-2530 Series (x32 Version: - )
Epson PC-FAX Driver (x32 Version: - )
EPSON Scan (x32 Version: - Seiko Epson Corporation)
EPSON WF-2530 Series Printer Uninstall (Version: - SEIKO EPSON Corporation)
EpsonNet Print (x32 Version: 2.6.0 - SEIKO EPSON CORPORATION)
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
FileHippo.com Update Checker (x32 Version: - )
Free Studio version 2013 (x32 Version: 6.1.2.610 - DVDVideoSoft Ltd.)
Gameforge Live 1.9.0 "Legend" (x32 Version: 1.9.0 - Gameforge)
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.00.0000 - Rockstar Games)
GTA IV Vehicle Mod Installer v1.5 (x32 Version: - MobileD2)
Hama Black Force Pad (x32 Version: 2007.01.01 - )
IcoFX 2.6 (x32 Version: - )
Java 7 Update 51 (64-bit) (Version: 7.0.510 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Left 4 Dead 2 (x32 Version: - Valve)
Left 4 Dead 2 Beta (x32 Version: - )
LIMBO (x32 Version: - Playdead)
MATLAB R2012a (Version: 7.14 - The MathWorks, Inc.)
Max Payne 3 (x32 Version: - Rockstar Studios)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Excel 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
Need for Speed™ ProStreet (x32 Version: 1.0.1.0 - Electronic Arts)
NETGEAR Genie (x32 Version: 2.2.28.24.exe - NETGEAR Inc.)
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation)
Origin (x32 Version: 9.2.1.4399 - Electronic Arts, Inc.)
Panda USB Vaccine 1.0.1.4 (x32 Version: - Panda Security)
Paragon Backup & Recovery™ 2013 Free (x32 Version: 90.00.0003 - Paragon Software)
PAYDAY: The Heist (x32 Version: - OVERKILL Software)
PDF-Viewer (Version: 2.5.213.1 - Tracker Software Products Ltd)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Presto! PageManager 9.03 SE (x32 Version: 9.03.06 - Newsoft Technology Corporation)
PunkBuster Services (x32 Version: 0.991 - Even Balance, Inc.)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Raptr (x32 Version: - )
Realtek Ethernet Controller Driver (x32 Version: 7.49.927.2011 - Realtek)
Realtek Ethernet Diagnostic Utility (x32 Version: 1.006 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6767 - Realtek Semiconductor Corp.)
RoboForm 7-9-2-2 (All Users) (x32 Version: 7-9-2-2 - Siber Systems)
Rockstar Games Social Club (x32 Version: 1.00.0000 - Rockstar Games)
S.K.I.L.L. - Special Force 2 (x32 Version: - )
Samsung Kies3 (x32 Version: 3.2.13114.22 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.13114.22 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 4.08 (64-bit) (Version: 4.08 - Sandboxie Holdings, LLC)
Secunia PSI (3.0.0.7009) (x32 Version: 3.0.0.7009 - Secunia)
Siemens NX 8.0 (Version: 8.0.0.25 - Siemens)
Sitecom Wireless Network 300N Adapter (x32 Version: 1.5.5.0 - Sitecom)
Sound Blaster Tactic(3D) Alpha (x32 Version: 1.0 - Creative Technology Limited)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (x32 Version: - Bethesda Game Studios)
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft)
VLC media player 2.1.2 (Version: 2.1.2 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)
==================== Restore Points =========================
04-02-2014 23:04:44 DirectX wurde installiert
05-02-2014 16:10:21 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
05-02-2014 16:11:27 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
07-02-2014 13:39:05 Windows Update
11-02-2014 16:23:27 Windows Update
14-02-2014 00:20:52 Windows Update
14-02-2014 11:44:52 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {02FDB864-D33B-4833-8955-C1410C38DAF4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {23E6FC4A-4C50-467D-AF28-237D7F7620A9} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMKJMMJJMJOJJJIMLMCNLJLMOJKJCNLMLMKMLMCNOJOJHMIMCNJMLJIMKMNMMMNJPMPMHMKJNJJNJICMIMCNGMCNNMFMGMCNOMPMCNGMNMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMMJBJKJLIMJFMOMPMIMJNHICMMJBJKJLIMJJNBJCMMLHJNIGJMIJNKJCMJNNICMJNDJCMLJKJ"
Task: {414A968E-C6C4-4560-9819-D4D9518B2750} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-06] (Google Inc.)
Task: {53B4DC45-E9B9-435A-B71A-C4F66B445622} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-06] (Google Inc.)
Task: {826A6C55-E561-4EC9-A196-CA1457F267C0} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Andere\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {98906AFA-1564-45E1-B2D1-0814D895A3B5} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2013-09-26] (Siber Systems)
Task: {DE92F4F3-EDC7-4A38-85F8-CF4F282DA649} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-06-07 01:05 - 2013-09-12 00:01 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-08-14 15:09 - 2009-11-09 11:35 - 00913408 _____ () C:\Program Files (x86)\Sitecom\Common\RaWLAPI.dll
2013-09-27 19:13 - 2008-11-17 13:56 - 00102400 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\nsSign.dll
2013-09-27 19:13 - 2010-05-07 10:46 - 00057344 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PerformOcr.dll
2013-09-27 19:13 - 2010-12-23 12:17 - 00057344 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMISM.dll
2013-09-27 19:13 - 2007-03-30 09:24 - 00104528 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\Qem.dll
2013-09-27 19:13 - 2010-12-29 16:52 - 00147456 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMCommon.dll
2013-09-27 19:13 - 2008-08-25 16:19 - 00069632 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PHooKDlg.dll
2013-09-27 19:13 - 2009-11-26 16:49 - 00081920 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\NetFun2k.dll
2013-09-27 19:13 - 2011-03-11 09:47 - 00151040 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\ScanModule.dll
2013-09-27 19:13 - 2009-09-09 13:44 - 00151552 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMANO.dll
2013-09-27 19:13 - 2007-03-30 08:49 - 00104528 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\ComClass.dll
2013-09-27 19:13 - 2010-11-30 15:42 - 00352256 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMTree.dll
2013-09-27 19:13 - 2010-10-22 09:01 - 00139264 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMSet.dll
2013-09-27 19:13 - 2010-12-29 17:32 - 00614400 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMDB_N.dll
2013-09-27 19:13 - 2009-08-06 09:22 - 00421888 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\FT.dll
2013-09-27 19:13 - 2010-09-09 17:00 - 00061440 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMINSO.dll
2013-09-27 19:13 - 2010-07-13 09:48 - 00106496 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMProp.dll
2013-09-27 19:13 - 2007-08-31 16:51 - 00040960 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMVoice.dll
2013-09-27 19:13 - 2010-09-08 16:10 - 00073728 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\OutlookVBA.dll
2013-09-27 19:13 - 2009-11-27 16:38 - 00331776 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMAppBar.dll
2013-09-27 19:13 - 2010-11-26 09:33 - 04583424 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMView.dll
2013-09-27 19:13 - 2007-03-30 09:01 - 00038992 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\NsOEMKey.dll
2013-09-27 19:13 - 2010-10-22 09:22 - 00090112 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMSave.dll
2013-09-27 19:13 - 2010-08-03 09:44 - 00049152 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMOffice.dll
2013-09-27 19:13 - 2010-09-26 10:13 - 00430080 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMPageVW.dll
2013-09-27 19:13 - 2010-03-02 14:09 - 00102400 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMDocVW.dll
2013-09-27 19:13 - 2009-06-26 08:03 - 00086016 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMApSet.dll
2013-09-27 19:13 - 2010-08-03 09:51 - 01036288 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\SlideBarDLL.dll
2013-09-27 19:13 - 2009-12-04 16:20 - 00323584 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMAnoSet.dll
2013-09-27 19:13 - 2010-09-26 10:13 - 00184320 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMImgVW.dll
2013-09-27 19:13 - 2008-08-25 15:16 - 00040960 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMIEVW.dll
2013-09-27 19:13 - 2010-09-08 09:52 - 00036864 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMPDFView.dll
2013-09-27 19:13 - 2010-04-27 14:20 - 00065536 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMStatus.dll
2013-09-27 19:13 - 2011-01-21 14:05 - 00258048 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMScnSet.dll
2013-09-27 19:13 - 2007-03-30 08:57 - 00034896 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\Import.dll
2013-09-27 19:13 - 2010-11-26 09:45 - 00090112 _____ () C:\Program Files (x86)\Andere\NewSoft\Presto! PageManager 9.03\PMImageSplitter.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2012-06-22 22:53 - 2012-06-22 22:53 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2012-06-22 22:24 - 2012-06-22 22:24 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2012-06-22 22:39 - 2012-06-22 22:39 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2012-06-22 22:55 - 2012-06-22 22:55 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00124928 _____ () C:\Program Files (x86)\Raptr\_elementtree.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2012-02-06 21:28 - 2012-02-06 21:28 - 00031744 _____ () C:\Program Files (x86)\Raptr\Crypto.Cipher.AES.pyd
2012-02-06 21:28 - 2012-02-06 21:28 - 00010752 _____ () C:\Program Files (x86)\Raptr\Crypto.Random.OSRNG.winrandom.pyd
2012-02-06 21:28 - 2012-02-06 21:28 - 00011264 _____ () C:\Program Files (x86)\Raptr\Crypto.Util._counter.pyd
2011-05-10 20:01 - 2011-05-10 20:01 - 00030208 _____ () C:\Program Files (x86)\Raptr\simplejson._speedups.pyd
2012-06-22 22:59 - 2012-06-22 22:59 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2013-11-21 01:05 - 2013-11-21 01:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2012-10-27 08:53 - 2012-10-27 08:53 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-01-08 14:03 - 2013-12-12 23:19 - 00142848 _____ () C:\Program Files (x86)\Andere\Steam\libavresample-1.dll
2014-01-08 14:03 - 2013-11-05 02:12 - 00890592 _____ () C:\Program Files (x86)\Andere\Steam\libavutil-52.dll
2013-05-06 16:05 - 2014-01-11 00:33 - 00717312 _____ () C:\Program Files (x86)\Andere\Steam\SDL2.dll
2013-06-06 13:06 - 2014-01-27 20:02 - 01138088 _____ () C:\Program Files (x86)\Andere\Steam\bin\chromehtml.DLL
2013-03-26 15:16 - 2014-01-11 00:33 - 20625832 _____ () C:\Program Files (x86)\Andere\Steam\bin\libcef.dll
2012-12-11 08:51 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Andere\Steam\bin\avcodec-53.dll
2012-12-11 08:51 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Andere\Steam\bin\avutil-51.dll
2012-12-11 08:51 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Andere\Steam\bin\avformat-53.dll
2014-02-04 11:05 - 2014-02-02 00:41 - 00715592 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
2014-02-04 11:05 - 2014-02-02 00:41 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll
2014-02-04 11:05 - 2014-02-02 00:42 - 04055368 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-04 11:05 - 2014-02-02 00:42 - 00399688 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-04 11:05 - 2014-02-02 00:41 - 01634632 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/14/2014 07:25:16 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (02/14/2014 03:19:57 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (02/14/2014 03:18:07 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (02/13/2014 01:24:31 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (02/12/2014 06:35:12 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (02/12/2014 09:59:20 AM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (02/11/2014 05:24:30 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (02/10/2014 10:47:41 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (02/10/2014 10:41:43 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (02/07/2014 07:27:28 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
System errors:
=============
Error: (02/14/2014 00:54:34 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (02/14/2014 00:54:34 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (02/14/2014 00:54:30 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (02/14/2014 00:54:26 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (02/14/2014 00:54:15 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (02/14/2014 00:54:15 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (02/14/2014 00:47:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NETGEARGenieDaemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/14/2014 00:47:49 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NETGEARGenieDaemon erreicht.
Error: (02/14/2014 00:39:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NETGEARGenieDaemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/14/2014 00:39:01 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NETGEARGenieDaemon erreicht.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 34%
Total physical RAM: 8151.49 MB
Available physical RAM: 5331.86 MB
Total Pagefile: 16301.16 MB
Available Pagefile: 12628.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.51 GB) (Free:585.95 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:232.88 GB) (Free:112.6 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 00060E90)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: D278C47A)
Partition 1: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
15.02.2014, 18:03
| #4 |
| /// the machine /// TB-Ausbilder | Schon wieder 3 Funde mit Emsisoft (Adware.Win32.Adlop) Das bedeutet es wurde eine GRoße Menge an Signaturen zusätzlich eingebaut, was gut ist  Alles gut, lass die Funde von Emsisoft löschen, dann passt das
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.02.2014, 23:19
| #5 |
| | Schon wieder 3 Funde mit Emsisoft (Adware.Win32.Adlop) Ok. Ich habe die Funde gelöscht. Komischerweise wurde die Adware nicht mehr gefunden. Hatte erst nur per Schnellscan (die Adware wurde dabei nicht entdeckt) die beiden Settings gelöscht und danach beim kompletten Scan wurde die Adware ebenfalls nicht gefunden. |
|
16.02.2014, 08:13
| #6 |
| /// the machine /// TB-Ausbilder | Schon wieder 3 Funde mit Emsisoft (Adware.Win32.Adlop) passt doch
__________________ --> Schon wieder 3 Funde mit Emsisoft (Adware.Win32.Adlop) |
|
16.02.2014, 21:01
| #7 |
| | Schon wieder 3 Funde mit Emsisoft (Adware.Win32.Adlop) Super. Dann vielen Dank für die schnelle Hilfe und schönes Restwochenende noch. Mfg |
|
17.02.2014, 14:27
| #8 |
| /// the machine /// TB-Ausbilder | Schon wieder 3 Funde mit Emsisoft (Adware.Win32.Adlop) Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Schon wieder 3 Funde mit Emsisoft (Adware.Win32.Adlop) |
| 80-100, adware.win32.adlop, anti-malware, caching, code, emsisoft, emsisoft anti-malware, festplattenzugriff, files, gen, methode, platte, program, setting.disableregistrytools, setting.disabletaskmgr, software, speicher, traces, update, users, windows, zugriff |
Linear-Darstellung
