|
Plagegeister aller Art und deren Bekämpfung: AdwCleaner hat einen Schlüssel gefunden, den ich nicht zuorndnen kann.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
01.06.2014, 09:49 | #1 | ||
| AdwCleaner hat einen Schlüssel gefunden, den ich nicht zuorndnen kann. Morgen zusammen. Ich hab vorhin Just 4 Fun mal ein Scan mit dem Adwcleaner gemacht, um mein System mal zu überprüfen. Gefunden hat er was. Adwcleaner hat mir Zitat:
Diesen Schlüssel kann ich nicht meinem System zu ordnen Doch als ich Dr.Google gefragt habe, was dieser Schlüssel bedeutet, sagt man mir folgendes Zitat:
Ich weiß es nicht und wollte mal ganz gern andere Meinungen hören, da meine Kentnisse ausgeschöpft sind. |
01.06.2014, 11:25 | #2 |
/// TB-Ausbilder | AdwCleaner hat einen Schlüssel gefunden, den ich nicht zuorndnen kann. Servus,
__________________scheint eine Fehlalarm zu sein, ich denke, Xplode wird es mit Sicherheit mit der nächsten Version ausbessern. Sonst Probleme/Auffälligkeiten mit dem Rechner? |
01.06.2014, 12:37 | #3 | |
| AdwCleaner hat einen Schlüssel gefunden, den ich nicht zuorndnen kann.Zitat:
Gute Frage... also mir ist jetzts großartiges aufgefallen und auch mein AVG Internet Security, sowie MBAM haben nichts auffälliges gefunden. Beschäftige mich seit mehrern Jahren mit Pc's von daher hoffe ich doch, dass mir was auffallen würde Ansonsten hatte ich jetzt nicht vorgehabt, mal eure Tools zu durchlaufen, da ich denke, dass die oben genannten Programme reichen? :-). Falls du einen kleinen Hinweiß hast, kannst du ihn mir gerne mitteilen, bin immer für eine zweite Meinung offen |
01.06.2014, 12:58 | #4 |
/// TB-Ausbilder | AdwCleaner hat einen Schlüssel gefunden, den ich nicht zuorndnen kann. Servus, hört sich alles gut für mich an. Ich bin froh, dass wir helfen konnten In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest: Lob, Kritik und Wünsche Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank! Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
01.06.2014, 13:25 | #5 |
| AdwCleaner hat einen Schlüssel gefunden, den ich nicht zuorndnen kann. [CODE] FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-06-2014 Ran by Administrator (administrator) on HP8750P on 01-06-2014 14:15:12 Running from C:\Users\Administrator\Desktop Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Greenshot) C:\Program Files\Greenshot\Greenshot.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Spotify Ltd) C:\Users\Administrator\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe (Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Last.fm) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe (Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated) HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company) HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2014-03-23] (Greenshot) HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2013-04-23] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 89.246.64.8 62.220.18.8 FireFox: ======== FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\81a6pm8w.default FF Homepage: www.google.de FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: ProxTube - Unblock YouTube - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\81a6pm8w.default\Extensions\ich@maltegoetz.de [2014-05-23] FF Extension: WOT - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\81a6pm8w.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-05-22] FF Extension: Adblock Plus Pop-up Addon - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\81a6pm8w.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-05-24] FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\81a6pm8w.default\Extensions\elemhidehelper@adblockplus.org.xpi [2014-05-23] FF Extension: Adblock Plus - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\81a6pm8w.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-13] ==================== Services (Whitelisted) ================= R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1473792 2014-05-13] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2140984 2014-04-15] (TuneUp Software) ==================== Drivers (Whitelisted) ==================== R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-05-13] (AVG Technologies CZ, s.r.o.) R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [236312 2014-05-13] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [191768 2014-05-13] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-05-13] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [323352 2014-05-13] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130328 2014-05-13] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-05-13] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [273176 2014-05-13] (AVG Technologies CZ, s.r.o.) R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-06-15] (Broadcom Corporation.) R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-26] (CyberLink) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-28] () R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-03-26] (TuneUp Software) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-01 14:15 - 2014-06-01 14:15 - 00009754 _____ () C:\Users\Administrator\Desktop\FRST.txt 2014-06-01 14:15 - 2014-06-01 14:15 - 00000000 ____D () C:\FRST 2014-06-01 14:14 - 2014-06-01 14:14 - 02067456 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe 2014-06-01 11:05 - 2014-06-01 11:05 - 00002438 _____ () C:\Users\Administrator\Desktop\Tiberum Sun.lnk 2014-06-01 09:34 - 2014-06-01 09:37 - 38317276 _____ () C:\Users\Administrator\Downloads\Tulisa Amateur Tape (Full version).rar 2014-05-31 10:19 - 2014-06-01 11:44 - 00000672 _____ () C:\Windows\setupact.log 2014-05-31 10:19 - 2014-05-31 10:19 - 00000000 _____ () C:\Windows\setuperr.log 2014-05-31 10:04 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-31 10:04 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-31 10:01 - 2014-05-31 10:01 - 00961360 _____ (Chip Digital GmbH) C:\Users\Administrator\Downloads\HijackThis - CHIP-Installer.exe 2014-05-30 18:29 - 2014-05-30 18:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\WinRAR 2014-05-30 18:24 - 2014-05-30 18:28 - 156406942 _____ () C:\Users\Administrator\Downloads\19608_clbndlx.rar 2014-05-30 13:44 - 2014-05-30 13:44 - 01916960 _____ () C:\Users\Administrator\Downloads\winrar-x64-51b4.exe 2014-05-30 13:44 - 2014-05-30 13:44 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-05-30 13:44 - 2014-05-30 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-05-30 13:44 - 2014-05-30 13:44 - 00000000 ____D () C:\Program Files\WinRAR 2014-05-30 12:33 - 2014-05-30 12:33 - 00818001 _____ () C:\Users\Administrator\Downloads\Unlocker1.9.1-x64.exe 2014-05-29 11:52 - 2014-05-29 12:00 - 00000000 ____D () C:\Program Files (x86)\JDownloader 2014-05-28 12:23 - 2014-05-28 12:23 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software 2014-05-28 12:23 - 2014-05-28 12:23 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software 2014-05-27 18:57 - 2014-05-27 18:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-05-27 15:00 - 2014-05-27 15:02 - 00000000 ____D () C:\Users\Administrator\Documents\GTA Vice City User Files 2014-05-27 15:00 - 2014-05-27 15:00 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt.dll 2014-05-26 19:48 - 2014-05-31 10:48 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-26 19:48 - 2014-05-31 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-26 19:48 - 2014-05-31 10:48 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-26 19:48 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-26 19:48 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-26 19:48 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-26 19:42 - 2014-05-26 19:42 - 01327971 _____ () C:\Users\Administrator\Desktop\adwcleaner_3.211.exe 2014-05-26 09:01 - 2014-05-26 09:01 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2014-05-25 18:54 - 2014-05-25 18:55 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Winamp 2014-05-25 18:54 - 2014-05-25 18:54 - 00000979 _____ () C:\Users\Public\Desktop\Winamp.lnk 2014-05-25 18:54 - 2014-05-25 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp 2014-05-25 18:54 - 2014-05-25 18:54 - 00000000 ____D () C:\Program Files (x86)\Winamp 2014-05-25 18:54 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll 2014-05-25 18:46 - 2014-05-25 18:46 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2014-05-25 18:46 - 2014-05-25 18:46 - 00001162 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk 2014-05-25 18:46 - 2014-05-25 18:46 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2014-05-25 15:30 - 2014-05-25 15:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Greenshot 2014-05-25 15:29 - 2014-05-25 15:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot 2014-05-25 15:29 - 2014-05-25 15:29 - 00000000 ____D () C:\Program Files\Greenshot 2014-05-25 13:21 - 2014-05-25 13:21 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler 2014-05-25 13:21 - 2014-05-25 13:21 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm 2014-05-25 13:17 - 2014-05-25 13:17 - 00002209 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk 2014-05-25 13:17 - 2014-05-25 13:17 - 00002201 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk 2014-05-25 13:17 - 2014-05-25 13:17 - 00002189 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk 2014-05-25 13:17 - 2014-05-25 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014 2014-05-25 13:17 - 2014-05-25 13:17 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar 2014-05-25 13:17 - 2014-05-25 13:17 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014 2014-05-25 13:17 - 2014-04-15 15:59 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe 2014-05-25 13:17 - 2014-04-15 15:59 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll 2014-05-25 13:17 - 2014-04-15 15:59 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll 2014-05-25 13:16 - 2014-05-25 13:21 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2014-05-25 13:16 - 2014-05-25 13:17 - 00000000 ____D () C:\ProgramData\TuneUp Software 2014-05-24 22:04 - 2014-05-30 20:18 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Mp3tag 2014-05-24 20:54 - 2014-05-24 21:00 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\dBpoweramp 2014-05-24 20:53 - 2014-05-24 20:58 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AccurateRip 2014-05-24 20:53 - 2014-05-24 20:53 - 07261768 _____ () C:\Windows\SysWOW64\SpoonUninstall.exe 2014-05-24 20:53 - 2014-05-24 20:53 - 00017870 _____ () C:\Windows\SysWOW64\SpoonUninstall-dBpoweramp Music Converter.dat 2014-05-24 20:53 - 2014-05-24 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dBpoweramp Music Converter 2014-05-24 20:53 - 2014-05-24 20:53 - 00000000 ____D () C:\Program Files (x86)\Illustrate 2014-05-24 20:52 - 2014-05-24 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag 2014-05-24 20:52 - 2014-05-24 20:52 - 00000000 ____D () C:\Program Files (x86)\Mp3tag 2014-05-24 20:50 - 2014-05-24 20:50 - 00000000 ____D () C:\Users\Public\Documents\CyberLink 2014-05-24 20:50 - 2014-05-24 20:50 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\CyberLink 2014-05-24 19:19 - 2014-05-24 19:19 - 00000040 _____ () C:\ProgramData\ra3.ini 2014-05-24 14:56 - 2014-05-24 14:56 - 00000000 ____D () C:\Windows\ERUNT 2014-05-24 13:42 - 2014-05-24 15:00 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU 2014-05-24 11:23 - 2014-05-24 11:23 - 00000000 ____D () C:\Users\Administrator\.thumbnails 2014-05-24 11:21 - 2014-05-24 11:36 - 00000000 ____D () C:\Users\Administrator\.gimp-2.8 2014-05-24 10:34 - 2014-05-24 10:34 - 00000000 ____D () C:\Program Files (x86)\dumps 2014-05-24 01:26 - 2014-05-24 01:35 - 00000000 ____D () C:\Program Files (x86)\EA SPORTS 2014-05-23 23:01 - 2014-05-23 23:25 - 00000032 _____ () C:\Users\Administrator\Desktop\shutdown timer.txt 2014-05-23 20:13 - 2014-05-23 20:13 - 00000425 _____ () C:\Windows\BRWMARK.INI 2014-05-23 18:18 - 2014-05-23 18:18 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-05-23 18:18 - 2014-05-23 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-05-23 18:18 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-05-23 18:18 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-05-23 18:18 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-05-23 18:18 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-05-23 16:01 - 2014-05-23 20:13 - 00000050 _____ () C:\Windows\system32\BRIDF10A.DAT 2014-05-23 16:01 - 2014-05-23 16:01 - 00000000 ____D () C:\ProgramData\Brother 2014-05-23 16:01 - 2010-01-22 09:52 - 00061440 _____ (Brother Industries Ltd.) C:\Windows\SysWOW64\brprtink.dll 2014-05-23 15:47 - 2014-05-31 10:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-23 15:46 - 2014-05-23 15:46 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-23 13:27 - 2014-05-24 01:35 - 00000000 ___RD () C:\Users\Administrator\Desktop\Games 2014-05-22 21:25 - 2014-05-22 21:25 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2014-05-22 21:25 - 2014-05-22 21:25 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2014-05-22 21:25 - 2014-05-22 21:25 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Thunderbird 2014-05-22 21:25 - 2014-05-22 21:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-05-20 21:29 - 2014-05-20 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES 2014-05-20 21:15 - 2014-05-24 19:58 - 00000000 ____D () C:\Program Files (x86)\EA GAMES 2014-05-20 21:15 - 2009-07-13 22:59 - 00445504 ____R (On2.com) C:\Windows\SysWOW64\vp6vfw.dll 2014-05-16 15:56 - 2014-05-23 17:28 - 00000000 ____D () C:\Users\Administrator\Documents\Amnesia 2014-05-16 15:56 - 2014-05-16 15:56 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\fltk.org 2014-05-16 15:56 - 2014-05-16 15:56 - 00000000 ____D () C:\ProgramData\fltk.org 2014-05-16 15:52 - 2014-05-16 16:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amnesia - The Dark Descent 2014-05-16 15:48 - 2014-05-16 16:04 - 00000000 ____D () C:\Program Files (x86)\Amnesia - The Dark Descent 2014-05-16 13:11 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-16 13:11 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-16 13:11 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-16 13:11 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-16 13:11 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-16 13:11 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-16 12:53 - 2014-05-16 12:54 - 00000000 ____D () C:\Users\Administrator\Documents\RCT3 2014-05-16 12:53 - 2014-05-16 12:53 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Atari 2014-05-16 12:52 - 2014-05-16 12:52 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Leadertech 2014-05-16 12:52 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2014-05-16 12:52 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll 2014-05-16 12:52 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll 2014-05-16 12:52 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2014-05-16 12:52 - 2006-09-28 16:04 - 00091928 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2014-05-16 12:52 - 2006-09-28 16:04 - 00068888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll 2014-05-16 12:52 - 2006-09-28 16:03 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2014-05-16 12:52 - 2006-09-28 16:03 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll 2014-05-16 12:52 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2014-05-16 12:52 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2014-05-16 12:52 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll 2014-05-16 12:52 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll 2014-05-16 12:52 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll 2014-05-16 12:52 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2014-05-16 12:52 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2014-05-16 12:52 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll 2014-05-16 12:52 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2014-05-16 12:52 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll 2014-05-16 12:52 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2014-05-16 12:52 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll 2014-05-16 12:52 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2014-05-16 12:52 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2014-05-16 12:52 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2014-05-16 12:52 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2014-05-16 12:52 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2014-05-16 12:52 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2014-05-16 12:52 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2014-05-16 12:52 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2014-05-16 12:52 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2014-05-16 12:52 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2014-05-16 12:52 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2014-05-16 12:52 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2014-05-16 12:52 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2014-05-16 12:52 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2014-05-16 12:52 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2014-05-16 12:52 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll 2014-05-16 12:51 - 2014-05-16 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari 2014-05-16 12:47 - 2014-05-16 12:47 - 00000000 ____D () C:\Program Files (x86)\Atari 2014-05-16 12:17 - 2014-05-16 12:17 - 00000981 _____ () C:\Users\Public\Desktop\Last.fm Scrobbler.lnk 2014-05-16 12:17 - 2014-05-16 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm 2014-05-16 12:17 - 2014-05-16 12:17 - 00000000 ____D () C:\ProgramData\Last.fm 2014-05-16 12:17 - 2014-05-16 12:17 - 00000000 ____D () C:\Program Files (x86)\Last.fm 2014-05-16 12:14 - 2014-05-16 12:14 - 00000000 __RHD () C:\Users\Administrator\AppData\Roaming\SecuROM 2014-05-16 12:14 - 2014-05-16 12:14 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Red Alert 3 2014-05-16 11:55 - 2014-05-30 21:57 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Skype 2014-05-16 11:55 - 2014-05-16 11:55 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-05-16 11:55 - 2014-05-16 11:55 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-05-16 11:55 - 2014-05-16 11:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-05-16 11:42 - 2014-05-16 11:42 - 00003156 _____ () C:\Windows\System32\Tasks\{EA7A2B63-00AF-4049-9E56-586E8394868D} 2014-05-16 11:41 - 2014-05-16 11:55 - 00000000 ____D () C:\ProgramData\Skype 2014-05-16 11:31 - 2014-05-16 11:31 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts 2014-05-16 11:31 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2014-05-16 11:31 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll 2014-05-16 11:31 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2014-05-16 11:31 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll 2014-05-16 11:31 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2014-05-16 11:31 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll 2014-05-16 11:31 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2014-05-16 11:31 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll 2014-05-16 11:31 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2014-05-16 11:31 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll 2014-05-16 11:31 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2014-05-16 11:31 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll 2014-05-16 10:45 - 2014-05-20 21:38 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-05-16 10:44 - 2014-05-20 21:39 - 00000000 ____D () C:\Users\Public\Documents\EA Games 2014-05-16 10:44 - 2014-05-20 21:29 - 00000000 ____D () C:\Users\Administrator\Documents\EA Games 2014-05-16 10:44 - 2014-05-16 10:44 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll 2014-05-16 09:49 - 2014-05-16 09:49 - 00000000 ____D () C:\Windows\Sun 2014-05-16 09:49 - 2014-05-16 09:49 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab 2014-05-16 09:49 - 2014-05-16 09:49 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab 2014-05-16 08:33 - 2014-05-16 08:33 - 00000000 ____D () C:\Windows\System32\Tasks\Games 2014-05-16 08:30 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-05-16 08:30 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-05-16 08:30 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-05-16 08:30 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-05-16 08:30 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-05-16 08:30 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-05-16 08:30 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-05-16 08:30 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-05-16 08:30 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-05-16 08:30 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-16 08:30 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-05-16 08:30 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-05-16 08:30 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-05-16 08:30 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-05-16 08:30 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-05-16 08:30 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-05-16 08:30 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-05-16 08:30 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-05-16 08:30 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-05-16 08:30 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-05-16 08:30 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-05-16 08:30 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-05-16 08:30 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-05-16 08:30 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-05-16 08:30 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-05-16 08:30 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-05-16 08:30 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-05-16 08:30 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-05-16 08:30 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-05-16 08:30 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-05-16 08:30 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2014-05-16 08:30 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-05-16 08:30 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-05-16 08:30 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-05-16 08:30 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-05-16 08:30 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2014-05-16 08:30 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2014-05-16 08:30 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2014-05-16 08:30 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2014-05-16 08:30 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2014-05-16 08:30 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2014-05-16 08:30 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-05-16 08:30 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-05-14 12:36 - 2014-05-14 12:37 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\vlc 2014-05-13 21:04 - 2014-05-13 21:04 - 00001807 _____ () C:\Users\Administrator\Desktop\Spotify.lnk 2014-05-13 21:04 - 2014-05-13 21:04 - 00001793 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2014-05-13 21:03 - 2014-06-01 13:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Spotify 2014-05-13 20:59 - 2014-05-23 12:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-05-13 20:59 - 2014-05-13 20:59 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-05-13 20:59 - 2014-05-13 20:59 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-05-13 20:57 - 2014-05-24 11:20 - 00000866 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-05-13 20:57 - 2014-05-24 01:37 - 00000000 ____D () C:\Program Files\CCleaner 2014-05-13 20:57 - 2014-05-13 20:57 - 00002788 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-05-13 20:57 - 2014-05-13 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-05-13 20:53 - 2014-06-01 10:36 - 00000000 ____D () C:\AdwCleaner 2014-05-13 20:14 - 2014-05-13 20:14 - 00000000 ____D () C:\ProgramData\Mozilla 2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys 2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys 2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys 2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys 2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys 2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys 2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys 2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys 2014-05-08 21:59 - 2014-05-13 20:59 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Mozilla 2014-05-08 21:59 - 2014-05-08 21:59 - 00003190 _____ () C:\Windows\System32\Tasks\{689844A1-C072-4532-8835-494A49CBCB94} 2014-05-08 21:40 - 2014-05-08 21:40 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVG2014 2014-05-08 21:39 - 2014-05-13 20:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-05-08 21:39 - 2014-05-08 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox 2014-05-08 21:37 - 2014-05-14 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-05-08 21:37 - 2014-05-08 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 2014-05-08 21:37 - 2014-05-08 21:37 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2014-05-08 21:37 - 2014-05-08 21:37 - 00000000 ____D () C:\Program Files (x86)\PDF24 2014-05-08 21:36 - 2014-05-25 11:13 - 00000000 ____D () C:\Program Files\Google 2014-05-08 21:35 - 2014-05-25 11:13 - 00000000 ____D () C:\Program Files (x86)\Google 2014-05-08 21:34 - 2014-06-01 13:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-08 21:34 - 2014-05-27 13:02 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-05-08 21:31 - 2014-05-28 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-05-08 21:31 - 2014-05-25 13:17 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\TuneUp Software 2014-05-08 21:31 - 2014-05-08 21:33 - 00000000 ____D () C:\ProgramData\AVG2014 2014-05-08 21:31 - 2014-05-08 21:31 - 00000000 ___HD () C:\$AVG 2014-05-08 21:31 - 2014-05-08 21:31 - 00000000 ____D () C:\Program Files (x86)\AVG 2014-05-08 21:23 - 2014-05-08 21:23 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia 2014-05-08 21:20 - 2014-06-01 13:33 - 00000000 ____D () C:\ProgramData\MFAData 2014-05-08 20:50 - 2014-05-24 14:55 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Audacity 2014-05-08 20:50 - 2014-05-08 20:50 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2014-05-08 20:50 - 2014-05-08 20:50 - 00000000 ____D () C:\Program Files (x86)\Audacity 2014-05-08 20:35 - 2014-05-08 20:35 - 00000000 ___HD () C:\System.sav 2014-05-08 14:49 - 2012-03-05 20:35 - 02239872 _____ (Hewlett-Packard Company) C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HPSoftwareSetup.exe ==================== One Month Modified Files and Folders ======= 2014-06-01 14:15 - 2014-06-01 14:15 - 00009754 _____ () C:\Users\Administrator\Desktop\FRST.txt 2014-06-01 14:15 - 2014-06-01 14:15 - 00000000 ____D () C:\FRST 2014-06-01 14:15 - 2014-04-25 09:30 - 00000000 ____D () C:\Temp 2014-06-01 14:14 - 2014-06-01 14:14 - 02067456 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe 2014-06-01 13:46 - 2014-05-08 21:34 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-01 13:33 - 2014-05-08 21:20 - 00000000 ____D () C:\ProgramData\MFAData 2014-06-01 13:29 - 2014-05-13 21:03 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Spotify 2014-06-01 12:25 - 2014-04-25 09:54 - 01895499 _____ () C:\Windows\WindowsUpdate.log 2014-06-01 11:44 - 2014-05-31 10:19 - 00000672 _____ () C:\Windows\setupact.log 2014-06-01 11:05 - 2014-06-01 11:05 - 00002438 _____ () C:\Users\Administrator\Desktop\Tiberum Sun.lnk 2014-06-01 10:36 - 2014-05-13 20:53 - 00000000 ____D () C:\AdwCleaner 2014-06-01 09:37 - 2014-06-01 09:34 - 38317276 _____ () C:\Users\Administrator\Downloads\Tulisa Amateur Tape (Full version).rar 2014-06-01 09:17 - 2009-07-14 06:45 - 00016768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-01 09:17 - 2009-07-14 06:45 - 00016768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-01 09:09 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-31 10:49 - 2014-05-23 15:47 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-31 10:48 - 2014-05-26 19:48 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-31 10:48 - 2014-05-26 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-31 10:48 - 2014-05-26 19:48 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-31 10:19 - 2014-05-31 10:19 - 00000000 _____ () C:\Windows\setuperr.log 2014-05-31 10:04 - 2014-04-25 11:04 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-31 10:01 - 2014-05-31 10:01 - 00961360 _____ (Chip Digital GmbH) C:\Users\Administrator\Downloads\HijackThis - CHIP-Installer.exe 2014-05-30 21:57 - 2014-05-16 11:55 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Skype 2014-05-30 20:18 - 2014-05-24 22:04 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Mp3tag 2014-05-30 18:29 - 2014-05-30 18:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\WinRAR 2014-05-30 18:28 - 2014-05-30 18:24 - 156406942 _____ () C:\Users\Administrator\Downloads\19608_clbndlx.rar 2014-05-30 13:44 - 2014-05-30 13:44 - 01916960 _____ () C:\Users\Administrator\Downloads\winrar-x64-51b4.exe 2014-05-30 13:44 - 2014-05-30 13:44 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-05-30 13:44 - 2014-05-30 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-05-30 13:44 - 2014-05-30 13:44 - 00000000 ____D () C:\Program Files\WinRAR 2014-05-30 12:33 - 2014-05-30 12:33 - 00818001 _____ () C:\Users\Administrator\Downloads\Unlocker1.9.1-x64.exe 2014-05-30 10:36 - 2014-04-28 08:50 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\hpqLog 2014-05-29 12:00 - 2014-05-29 11:52 - 00000000 ____D () C:\Program Files (x86)\JDownloader 2014-05-29 11:42 - 2011-03-20 14:35 - 00699342 _____ () C:\Windows\system32\perfh007.dat 2014-05-29 11:42 - 2011-03-20 14:35 - 00149450 _____ () C:\Windows\system32\perfc007.dat 2014-05-29 11:42 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-28 21:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-05-28 12:23 - 2014-05-28 12:23 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software 2014-05-28 12:23 - 2014-05-28 12:23 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software 2014-05-28 12:23 - 2014-05-08 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-05-27 18:57 - 2014-05-27 18:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-05-27 15:05 - 2014-04-25 09:40 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-05-27 15:02 - 2014-05-27 15:00 - 00000000 ____D () C:\Users\Administrator\Documents\GTA Vice City User Files 2014-05-27 15:00 - 2014-05-27 15:00 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt.dll 2014-05-27 13:02 - 2014-05-08 21:34 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-05-27 13:02 - 2014-04-28 12:10 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-27 13:02 - 2014-04-28 12:10 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-26 19:42 - 2014-05-26 19:42 - 01327971 _____ () C:\Users\Administrator\Desktop\adwcleaner_3.211.exe 2014-05-26 09:01 - 2014-05-26 09:01 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2014-05-26 01:35 - 2009-07-14 06:45 - 00276968 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-05-26 01:31 - 2010-11-21 09:16 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-05-25 18:55 - 2014-05-25 18:54 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Winamp 2014-05-25 18:54 - 2014-05-25 18:54 - 00000979 _____ () C:\Users\Public\Desktop\Winamp.lnk 2014-05-25 18:54 - 2014-05-25 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp 2014-05-25 18:54 - 2014-05-25 18:54 - 00000000 ____D () C:\Program Files (x86)\Winamp 2014-05-25 18:46 - 2014-05-25 18:46 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2014-05-25 18:46 - 2014-05-25 18:46 - 00001162 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk 2014-05-25 18:46 - 2014-05-25 18:46 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2014-05-25 15:30 - 2014-05-25 15:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Greenshot 2014-05-25 15:29 - 2014-05-25 15:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot 2014-05-25 15:29 - 2014-05-25 15:29 - 00000000 ____D () C:\Program Files\Greenshot 2014-05-25 13:21 - 2014-05-25 13:21 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler 2014-05-25 13:21 - 2014-05-25 13:21 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm 2014-05-25 13:21 - 2014-05-25 13:16 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2014-05-25 13:21 - 2014-04-28 08:50 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-25 13:17 - 2014-05-25 13:17 - 00002209 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk 2014-05-25 13:17 - 2014-05-25 13:17 - 00002201 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk 2014-05-25 13:17 - 2014-05-25 13:17 - 00002189 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk 2014-05-25 13:17 - 2014-05-25 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014 2014-05-25 13:17 - 2014-05-25 13:17 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar 2014-05-25 13:17 - 2014-05-25 13:17 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014 2014-05-25 13:17 - 2014-05-25 13:16 - 00000000 ____D () C:\ProgramData\TuneUp Software 2014-05-25 13:17 - 2014-05-08 21:31 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\TuneUp Software 2014-05-25 13:17 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar 2014-05-25 11:13 - 2014-05-08 21:36 - 00000000 ____D () C:\Program Files\Google 2014-05-25 11:13 - 2014-05-08 21:35 - 00000000 ____D () C:\Program Files (x86)\Google 2014-05-24 21:00 - 2014-05-24 20:54 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\dBpoweramp 2014-05-24 20:58 - 2014-05-24 20:53 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AccurateRip 2014-05-24 20:53 - 2014-05-24 20:53 - 07261768 _____ () C:\Windows\SysWOW64\SpoonUninstall.exe 2014-05-24 20:53 - 2014-05-24 20:53 - 00017870 _____ () C:\Windows\SysWOW64\SpoonUninstall-dBpoweramp Music Converter.dat 2014-05-24 20:53 - 2014-05-24 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dBpoweramp Music Converter 2014-05-24 20:53 - 2014-05-24 20:53 - 00000000 ____D () C:\Program Files (x86)\Illustrate 2014-05-24 20:52 - 2014-05-24 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag 2014-05-24 20:52 - 2014-05-24 20:52 - 00000000 ____D () C:\Program Files (x86)\Mp3tag 2014-05-24 20:50 - 2014-05-24 20:50 - 00000000 ____D () C:\Users\Public\Documents\CyberLink 2014-05-24 20:50 - 2014-05-24 20:50 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\CyberLink 2014-05-24 19:58 - 2014-05-20 21:15 - 00000000 ____D () C:\Program Files (x86)\EA GAMES 2014-05-24 19:19 - 2014-05-24 19:19 - 00000040 _____ () C:\ProgramData\ra3.ini 2014-05-24 15:00 - 2014-05-24 13:42 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU 2014-05-24 14:56 - 2014-05-24 14:56 - 00000000 ____D () C:\Windows\ERUNT 2014-05-24 14:55 - 2014-05-08 20:50 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Audacity 2014-05-24 11:36 - 2014-05-24 11:21 - 00000000 ____D () C:\Users\Administrator\.gimp-2.8 2014-05-24 11:23 - 2014-05-24 11:23 - 00000000 ____D () C:\Users\Administrator\.thumbnails 2014-05-24 11:23 - 2014-04-28 08:49 - 00000000 ____D () C:\Users\Administrator 2014-05-24 11:20 - 2014-05-13 20:57 - 00000866 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-05-24 10:34 - 2014-05-24 10:34 - 00000000 ____D () C:\Program Files (x86)\dumps 2014-05-24 01:37 - 2014-05-13 20:57 - 00000000 ____D () C:\Program Files\CCleaner 2014-05-24 01:35 - 2014-05-24 01:26 - 00000000 ____D () C:\Program Files (x86)\EA SPORTS 2014-05-24 01:35 - 2014-05-23 13:27 - 00000000 ___RD () C:\Users\Administrator\Desktop\Games 2014-05-23 23:25 - 2014-05-23 23:01 - 00000032 _____ () C:\Users\Administrator\Desktop\shutdown timer.txt 2014-05-23 20:13 - 2014-05-23 20:13 - 00000425 _____ () C:\Windows\BRWMARK.INI 2014-05-23 20:13 - 2014-05-23 16:01 - 00000050 _____ () C:\Windows\system32\BRIDF10A.DAT 2014-05-23 18:18 - 2014-05-23 18:18 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-05-23 18:18 - 2014-05-23 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-05-23 18:18 - 2014-04-28 09:02 - 00000000 ____D () C:\ProgramData\Oracle 2014-05-23 18:18 - 2014-04-28 09:02 - 00000000 ____D () C:\Program Files (x86)\Java 2014-05-23 17:28 - 2014-05-16 15:56 - 00000000 ____D () C:\Users\Administrator\Documents\Amnesia 2014-05-23 16:01 - 2014-05-23 16:01 - 00000000 ____D () C:\ProgramData\Brother 2014-05-23 15:46 - 2014-05-23 15:46 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-23 12:31 - 2014-05-13 20:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-05-22 21:25 - 2014-05-22 21:25 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2014-05-22 21:25 - 2014-05-22 21:25 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2014-05-22 21:25 - 2014-05-22 21:25 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Thunderbird 2014-05-22 21:25 - 2014-05-22 21:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-05-22 17:13 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries 2014-05-20 21:46 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-05-20 21:45 - 2014-05-20 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES 2014-05-20 21:41 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-20 21:39 - 2014-05-16 10:44 - 00000000 ____D () C:\Users\Public\Documents\EA Games 2014-05-20 21:38 - 2014-05-16 10:45 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-05-20 21:29 - 2014-05-16 10:44 - 00000000 ____D () C:\Users\Administrator\Documents\EA Games 2014-05-16 17:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-05-16 16:04 - 2014-05-16 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amnesia - The Dark Descent 2014-05-16 16:04 - 2014-05-16 15:48 - 00000000 ____D () C:\Program Files (x86)\Amnesia - The Dark Descent 2014-05-16 15:56 - 2014-05-16 15:56 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\fltk.org 2014-05-16 15:56 - 2014-05-16 15:56 - 00000000 ____D () C:\ProgramData\fltk.org 2014-05-16 14:10 - 2014-04-28 08:50 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-16 14:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-05-16 13:11 - 2014-04-25 11:16 - 00000000 ____D () C:\Windows\system32\MRT 2014-05-16 12:54 - 2014-05-16 12:53 - 00000000 ____D () C:\Users\Administrator\Documents\RCT3 2014-05-16 12:53 - 2014-05-16 12:53 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Atari 2014-05-16 12:52 - 2014-05-16 12:52 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Leadertech 2014-05-16 12:51 - 2014-05-16 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari 2014-05-16 12:47 - 2014-05-16 12:47 - 00000000 ____D () C:\Program Files (x86)\Atari 2014-05-16 12:17 - 2014-05-16 12:17 - 00000981 _____ () C:\Users\Public\Desktop\Last.fm Scrobbler.lnk 2014-05-16 12:17 - 2014-05-16 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm 2014-05-16 12:17 - 2014-05-16 12:17 - 00000000 ____D () C:\ProgramData\Last.fm 2014-05-16 12:17 - 2014-05-16 12:17 - 00000000 ____D () C:\Program Files (x86)\Last.fm 2014-05-16 12:14 - 2014-05-16 12:14 - 00000000 __RHD () C:\Users\Administrator\AppData\Roaming\SecuROM 2014-05-16 12:14 - 2014-05-16 12:14 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Red Alert 3 2014-05-16 11:55 - 2014-05-16 11:55 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-05-16 11:55 - 2014-05-16 11:55 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-05-16 11:55 - 2014-05-16 11:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-05-16 11:55 - 2014-05-16 11:41 - 00000000 ____D () C:\ProgramData\Skype 2014-05-16 11:42 - 2014-05-16 11:42 - 00003156 _____ () C:\Windows\System32\Tasks\{EA7A2B63-00AF-4049-9E56-586E8394868D} 2014-05-16 11:31 - 2014-05-16 11:31 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts 2014-05-16 10:44 - 2014-05-16 10:44 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll 2014-05-16 09:49 - 2014-05-16 09:49 - 00000000 ____D () C:\Windows\Sun 2014-05-16 09:49 - 2014-05-16 09:49 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab 2014-05-16 09:49 - 2014-05-16 09:49 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab 2014-05-16 09:00 - 2011-03-20 13:56 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer 2014-05-16 09:00 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\SysWOW64\winrm 2014-05-16 09:00 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\SysWOW64\WCN 2014-05-16 09:00 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\SysWOW64\sysprep 2014-05-16 09:00 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\SysWOW64\slmgr 2014-05-16 09:00 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts 2014-05-16 09:00 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\system32\winrm 2014-05-16 09:00 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\system32\WCN 2014-05-16 09:00 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\system32\slmgr 2014-05-16 09:00 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts 2014-05-16 09:00 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer 2014-05-16 09:00 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender 2014-05-16 09:00 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer 2014-05-16 09:00 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-05-16 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup 2014-05-16 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe 2014-05-16 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI 2014-05-16 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz 2014-05-16 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-05-16 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\com 2014-05-16 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep 2014-05-16 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Setup 2014-05-16 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\oobe 2014-05-16 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI 2014-05-16 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\migwiz 2014-05-16 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-05-16 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\com 2014-05-16 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing 2014-05-16 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System 2014-05-16 08:33 - 2014-05-16 08:33 - 00000000 ____D () C:\Windows\System32\Tasks\Games 2014-05-14 12:38 - 2014-05-08 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-05-14 12:37 - 2014-05-14 12:36 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\vlc 2014-05-13 21:04 - 2014-05-13 21:04 - 00001807 _____ () C:\Users\Administrator\Desktop\Spotify.lnk 2014-05-13 21:04 - 2014-05-13 21:04 - 00001793 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2014-05-13 20:59 - 2014-05-13 20:59 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-05-13 20:59 - 2014-05-13 20:59 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-05-13 20:59 - 2014-05-08 21:59 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Mozilla 2014-05-13 20:59 - 2014-05-08 21:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-05-13 20:57 - 2014-05-13 20:57 - 00002788 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-05-13 20:57 - 2014-05-13 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-05-13 20:57 - 2014-04-25 19:49 - 00000000 ____D () C:\Windows\Panther 2014-05-13 20:14 - 2014-05-13 20:14 - 00000000 ____D () C:\ProgramData\Mozilla 2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys 2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys 2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys 2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys 2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys 2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys 2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys 2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys 2014-05-12 07:26 - 2014-05-26 19:48 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-12 07:26 - 2014-05-26 19:48 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-12 07:25 - 2014-05-26 19:48 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-09 18:31 - 2014-04-25 09:39 - 00000000 ____D () C:\Install 2014-05-09 18:30 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-05-09 08:14 - 2014-05-31 10:04 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-09 08:11 - 2014-05-31 10:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-08 21:59 - 2014-05-08 21:59 - 00003190 _____ () C:\Windows\System32\Tasks\{689844A1-C072-4532-8835-494A49CBCB94} 2014-05-08 21:40 - 2014-05-08 21:40 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVG2014 2014-05-08 21:39 - 2014-05-08 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox 2014-05-08 21:37 - 2014-05-08 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 2014-05-08 21:37 - 2014-05-08 21:37 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2014-05-08 21:37 - 2014-05-08 21:37 - 00000000 ____D () C:\Program Files (x86)\PDF24 2014-05-08 21:33 - 2014-05-08 21:31 - 00000000 ____D () C:\ProgramData\AVG2014 2014-05-08 21:31 - 2014-05-08 21:31 - 00000000 ___HD () C:\$AVG 2014-05-08 21:31 - 2014-05-08 21:31 - 00000000 ____D () C:\Program Files (x86)\AVG 2014-05-08 21:23 - 2014-05-08 21:23 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia 2014-05-08 20:52 - 2014-04-28 09:02 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-05-08 20:50 - 2014-05-08 20:50 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2014-05-08 20:50 - 2014-05-08 20:50 - 00000000 ____D () C:\Program Files (x86)\Audacity 2014-05-08 20:37 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\DigitalLocker 2014-05-08 20:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME 2014-05-08 20:36 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker 2014-05-08 20:35 - 2014-05-08 20:35 - 00000000 ___HD () C:\System.sav 2014-05-08 15:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA 2014-05-08 15:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\ar-SA 2014-05-08 14:52 - 2014-04-25 09:53 - 00000000 ____D () C:\swsetup 2014-05-06 06:40 - 2014-05-16 13:11 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-06 06:17 - 2014-05-16 13:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-06 05:25 - 2014-05-16 13:11 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-06 05:07 - 2014-05-16 13:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-06 05:00 - 2014-05-16 13:11 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-06 04:10 - 2014-05-16 13:11 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-04 17:12 - 2014-04-25 11:16 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-29 11:32 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-06-2014 Ran by Administrator at 2014-06-01 14:15:36 Running from C:\Users\Administrator\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2} ==================== Installed Programs ====================== 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) Amnesia - The Dark Descent (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.2 - Frictional Games) Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version: - Audacity Team) AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4592 - AVG Technologies) AVG 2014 (Version: 14.0.3955 - AVG Technologies) Hidden AVG 2014 (Version: 14.0.4592 - AVG Technologies) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform) Command & Conquer™ Alarmstufe Rot 3 (HKLM-x32\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.2106 - CyberLink Corp.) CyberLink Media Suite 10 (x32 Version: 10.0.1.2106 - CyberLink Corp.) Hidden CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.3207 - CyberLink Corp.) CyberLink Power2Go 8 (x32 Version: 8.0.3.3207 - CyberLink Corp.) Hidden dBpoweramp Music Converter (HKLM-x32\...\dBpoweramp Music Converter) (Version: Release 14.4 - Illustrate) Die Sims 2: Wilde Campus-Jahre (HKLM-x32\...\{01521746-02A6-4A72-00BD-A285DF6B80C6}) (Version: - ) Die Sims™ 2 (HKLM-x32\...\{2C82E097-694E-44ea-A947-2750679469CF}) (Version: - Electronic Arts) Die Sims™ 2 Apartment-Leben (HKLM-x32\...\{B6F5B704-06D3-4687-90F3-6195304AD755}) (Version: - Electronic Arts) Greenshot 1.1.8.35 (HKLM\...\Greenshot_is1) (Version: 1.1.8.35 - Greenshot) HP Connection Manager (HKLM-x32\...\{EC8D12E4-A73C-4C27-B1C7-E9683052E556}) (Version: 4.5.25.1 - Hewlett-Packard Company) HP Power Assistant (HKLM\...\{682FBA83-2CCA-4CFA-A08A-6767DAB2FC9C}) (Version: 2.5.0.16 - Hewlett-Packard Company) Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.8 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden K-Lite Codec Pack 9.9.5 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.5 - ) Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm) Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (ARA) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (DAN) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (dansk) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1030) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (ESN) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (FRA) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (ITA) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (NLD) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Português) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2070) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (PTG) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (العربية) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1025) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla) Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla) Mp3tag v2.58 (HKLM-x32\...\Mp3tag) (Version: v2.58 - Florian Heidenreich) PDF24 Creator (HKLM-x32\...\{498E4DC3-6738-4DC1-A749-B0180C21656D}) (Version: 5.7.0 - www.pdf24.org) RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version: - Atari) SDK (x32 Version: 2.30.042 - Portrait Displays, Inc.) Hidden Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated) System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer) TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.296 - TuneUp Software) Hidden TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.296 - TuneUp Software) TuneUp Utilities 2014 (x32 Version: 14.0.1000.296 - TuneUp Software) Hidden Validity Fingerprint Sensor Driver (HKLM\...\{AA51ED2E-DCE7-415F-9C32-CB9B561D216D}) (Version: 4.4.228.0 - Validity Sensors, Inc.) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH) ==================== Restore Points ========================= ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {245E10BD-FB75-453E-BD4A-11A25CB69CFB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd) Task: {63E0E73A-1484-4DD7-B719-D04273E76F50} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1876255278-1789398484-159275977-500 Task: {68F498F3-3A55-4146-955D-FB257ED00D14} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation) Task: {6B60D2DF-AAF5-4F94-8879-9B329D912CEB} - System32\Tasks\{EA7A2B63-00AF-4049-9E56-586E8394868D} => Firefox.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?source=lightinstaller&LastError=1618 Task: {7015DDAF-2833-4809-A61D-1D9EC97A4B81} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-27] (Adobe Systems Incorporated) Task: {B1032AA5-3923-46C0-A56E-40718A1BF595} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21] (Adobe Systems Incorporated) Task: {DB842B9D-55F6-420D-B6AA-2C21B7A2162D} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-04-15] (TuneUp Software) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2014-04-15 15:59 - 2014-04-15 15:59 - 00675640 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll 2012-02-10 14:26 - 2012-02-10 14:26 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll 2014-01-25 02:22 - 2014-01-25 02:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-04-08 10:16 - 2013-04-08 10:16 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll 2014-05-16 12:17 - 2013-09-03 14:01 - 00736768 _____ () C:\Program Files (x86)\Last.fm\unicorn.dll 2014-05-16 12:17 - 2013-09-03 14:01 - 00032768 _____ () C:\Program Files (x86)\Last.fm\logger.dll 2014-05-16 12:17 - 2013-09-03 10:54 - 00351232 _____ () C:\Program Files (x86)\Last.fm\lastfm.dll 2014-05-16 12:17 - 2013-09-03 14:01 - 00126976 _____ () C:\Program Files (x86)\Last.fm\listener.dll 2014-05-16 12:17 - 2013-01-18 12:39 - 00302592 _____ () C:\Program Files (x86)\Last.fm\phonon.dll 2014-05-16 12:17 - 2013-01-18 12:49 - 00182784 _____ () C:\Program Files (x86)\Last.fm\plugins\phonon_backend\phonon_vlc.dll 2014-05-16 12:17 - 2012-12-13 01:12 - 00111104 _____ () C:\Program Files (x86)\Last.fm\libvlc.dll 2014-05-16 12:17 - 2012-12-13 01:13 - 02286592 _____ () C:\Program Files (x86)\Last.fm\libvlccore.dll 2014-05-16 12:17 - 2012-12-13 01:13 - 00049664 _____ () C:\Program Files (x86)\Last.fm\plugins\audio_output\libaout_directx_plugin.dll 2014-05-13 20:59 - 2014-05-07 04:27 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-05-13 21:46 - 2014-05-27 13:02 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll 2014-06-01 13:31 - 2014-06-01 13:31 - 00014336 _____ () C:\Temp\WDE1B22.tmp\ml_online.lng 2014-06-01 13:31 - 2014-06-01 13:31 - 00036352 _____ () C:\Temp\WDE1B22.tmp\ombrowser.lng 2013-12-13 04:47 - 2013-12-13 04:47 - 00333824 _____ () C:\Program Files (x86)\Winamp\Plugins\freeform\wacs\freetype\freetype.wac ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: CLMLServer_For_P2G8 => "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" MSCONFIG\startupreg: CLVirtualDrive => "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R MSCONFIG\startupreg: Spotify => "C:\Users\Administrator\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Administrator\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/01/2014 09:11:02 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/31/2014 07:31:26 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/31/2014 08:51:14 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/30/2014 06:10:06 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/30/2014 02:53:19 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/30/2014 10:37:08 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/30/2014 10:36:18 AM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Der Index kann nicht initialisiert werden. Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (05/30/2014 10:36:18 AM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Die Anwendung kann nicht initialisiert werden. Kontext: Windows Anwendung Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (05/30/2014 10:36:18 AM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Das Gatherer-Objekt kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (05/30/2014 10:36:18 AM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490) System errors: ============= Error: (05/30/2014 10:36:48 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (05/30/2014 10:36:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/30/2014 10:36:18 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535. Error: (05/28/2014 03:47:47 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (05/28/2014 03:47:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/28/2014 03:47:17 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535. Error: (05/28/2014 01:06:38 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (05/26/2014 01:23:08 AM) (Source: BTHUSB) (EventID: 16) (User: ) Description: Die beiderseitige Authentifizierung zwischen dem lokalen Bluetooth-Adapter und einem Gerät mit Bluetooth-Adapteradresse (04:fe:31:48:0d:54) ist fehlgeschlagen. Error: (05/26/2014 00:43:28 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107. Error: (05/26/2014 00:43:28 AM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT) Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung. Microsoft Office Sessions: ========================= Error: (06/01/2014 09:11:02 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/31/2014 07:31:26 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/31/2014 08:51:14 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/30/2014 06:10:06 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/30/2014 02:53:19 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/30/2014 10:37:08 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/30/2014 10:36:18 AM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (05/30/2014 10:36:18 AM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Kontext: Windows Anwendung Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (05/30/2014 10:36:18 AM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (05/30/2014 10:36:18 AM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490) Search.TripoliIndexer ==================== Memory info =========================== Percentage of memory in use: 55% Total physical RAM: 3959.55 MB Available physical RAM: 1759.21 MB Total Pagefile: 7917.28 MB Available Pagefile: 5324.59 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.45 GB) (Free:400.01 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 14537479) Partition 1: (Active) - (Size=315 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
Themen zu AdwCleaner hat einen Schlüssel gefunden, den ich nicht zuorndnen kann. |
adwcleaner, andere, appdatalow, aware, false, folge, gefunde, hören, kaffee, meinungen, morgen, scan, schlüssel, should, software, system, version., überprüfe, zunge |