|
Plagegeister aller Art und deren Bekämpfung: Fake E-Mail mit anhang erhalten. Dummerweise (.zip) datei heruntergeladen aber nicht geöffnet.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
06.08.2014, 09:01 | #1 |
| Fake E-Mail mit anhang erhalten. Dummerweise (.zip) datei heruntergeladen aber nicht geöffnet. Hallo! Folgendes problem. Ich habe eine E-Mail bekommen, in der ich angeblich nachzahlungen zu erledigen hab. (Automatische Lastschrift konnte nicht durchgeführt werden 05.08.2014) Als anhang (hxxp://puu.sh/aGOBl/bb31f11fe4.png) war eine .zip datei hinterlegt, die ich ohne wirklich nachzudenken (kam gerade gestresst von der Arbeit ) heruntergeladen habe aber noch nicht geöffnet habe. Nun brauch ich eure Hilfe da ich mich nicht so gut auskenne wie einige von euch! Hab ich etwas zu befürchten? Welche schritte soll ich tun falls ja? Ich bedanke mich jetzt schon einmal! MfG Arthur~ Edit: Es ist 100%ig eine Fake-E-Mail, da ich nie was mit eBay zutun gehabt habe und dies eine @web.de E-Mail war . . . Geändert von nibu (06.08.2014 um 09:19 Uhr) |
06.08.2014, 09:24 | #2 |
/// TB-Ausbilder | Fake E-Mail mit anhang erhalten. Dummerweise (.zip) datei heruntergeladen aber nicht geöffnet.Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags: So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Wir gucken mal kurz drüber: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
|
06.08.2014, 09:42 | #3 |
| Fake E-Mail mit anhang erhalten. Dummerweise (.zip) datei heruntergeladen aber nicht geöffnet. Vielen dank für die schnelle antwort!
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-08-2014 Ran by Arthur (administrator) on ARTHUR-PC on 06-08-2014 10:34:59 Running from C:\Users\Arthur\Downloads Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe (Portrait Displays, Inc) C:\Program Files (x86)\BenQ\Display Pilot\dthtml.exe (Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelper.exe () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe (Last.fm) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (AIMP DevTeam) C:\Program Files (x86)\AIMP3\AIMP3.exe (Microsoft Corporation) C:\Windows\System32\SndVol.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files (x86)\puush\puush.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7512680 2011-10-25] (Realtek Semiconductor) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-05-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-07-04] (AVAST Software) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816272 2014-07-15] (LogMeIn Inc.) HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [112424 2013-06-18] () HKLM-x32\...\Run: [DT BEN] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [122384 2013-11-12] (Portrait Displays, Inc.) HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-09-23] (Microsoft Corporation) HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect" HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1743552 2014-08-04] (Valve Corporation) HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2014-01-17] (Sandboxie Holdings, LLC) HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-04-19] () HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\Run: [GoogleChromeAutoLaunch_F60E728FC0755B5DBDB7EA812CDE9796] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.) HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\MountPoints2: E - E:\XeonKing.exe HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\MountPoints2: H - H:\setup.exe HKU\S-1-5-21-1559702124-2180151018-3086550288-1465\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) BootExecute: autocheck autochk * sh4native Sh4Removal ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x52BD7912E8B5CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM-x32 - DefaultScope value is missing. BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{268E32A1-D16F-410C-A561-2276A5C9AFA5}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 FireFox: ======== FF ProfilePath: C:\Users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\l246q0wt.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Arthur\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Yahoo! Toolbar - C:\Users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\l246q0wt.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-07-23] FF Extension: MEGA - C:\Users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\l246q0wt.default\Extensions\firefox@mega.co.nz.xpi [2014-07-23] Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR Extension: (Turn Off the Lights) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2014-05-17] CHR Extension: (WOT) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-05-24] CHR Extension: (James White) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2014-05-18] CHR Extension: (Adblock Plus) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-17] CHR Extension: (Turn Off the Lights) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\labjanboighjienkhiabgpefblkbmemd [2014-05-17] CHR Extension: (Google Wallet) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-20] CHR Extension: (Hover Zoom) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2014-07-04] CHR Extension: (Auto Refresh Plus) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilipfekkmncanaajkapbpancpelijih [2014-06-06] CHR HKCU\...\Chrome\Extension: [jopemfhojpebdeollanchfjhpbkcijoi] - C:\Users\Arthur\AppData\Local\CRE\jopemfhojpebdeollanchfjhpbkcijoi.crx [2013-12-27] CHR HKLM-x32\...\Chrome\Extension: [jopemfhojpebdeollanchfjhpbkcijoi] - C:\Users\Arthur\AppData\Local\CRE\jopemfhojpebdeollanchfjhpbkcijoi.crx [2013-12-27] CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-05-04] (Advanced Micro Devices, Inc.) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-25] (AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-10-03] () [File not signed] R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138768 2013-11-12] (Portrait Displays, Inc.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-14] (LogMeIn, Inc.) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4868640 2013-08-25] (INCA Internet Co., Ltd.) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-05] () R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [635160 2014-04-22] (Wacom Technology, Corp.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55936 2011-11-13] (Advanced Micro Devices) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-25] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-25] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-25] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-25] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-25] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-25] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-25] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-25] () R3 hamachi; C:\Windows\System32\DRIVERS\Hamdrv.sys [46136 2013-07-03] (LogMeIn Inc.) R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC) S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S3 GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\EasyBoost\GPCIDrv64.sys [X] S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X] S3 TVICHW32; \??\C:\Program Files (x86)\GIGABYTE\EasyBoost\TVicHW64.sys [X] S3 USBMULCD; system32\drivers\CM10664.sys [X] S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X] S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-06 10:34 - 2014-08-06 10:35 - 00020328 _____ () C:\Users\Arthur\Downloads\FRST.txt 2014-08-06 10:34 - 2014-08-06 10:35 - 00000000 ____D () C:\FRST 2014-08-06 10:34 - 2014-08-06 10:34 - 02094080 _____ (Farbar) C:\Users\Arthur\Downloads\FRST64.exe 2014-08-06 10:15 - 2014-08-06 10:17 - 00011862 _____ () C:\Users\Arthur\Desktop\hijackthis.log 2014-08-06 09:27 - 2014-08-06 09:27 - 00000195 _____ () C:\Users\Arthur\Desktop\redditpost.txt 2014-08-05 11:55 - 2014-08-05 11:55 - 00019164 _____ () C:\Users\Arthur\AppData\Local\recently-used.xbel 2014-08-05 03:56 - 2014-08-05 03:56 - 12875367 _____ () C:\Users\Arthur\Downloads\Escalon+v6 (1).rar 2014-08-05 03:41 - 2014-08-05 12:00 - 00000618 _____ () C:\Users\Arthur\Desktop\[box image dinger].txt 2014-08-05 03:33 - 2014-08-05 03:33 - 12067624 _____ () C:\Users\Arthur\Downloads\bestest+evar.rar 2014-08-04 18:31 - 2014-08-04 18:31 - 12875367 _____ () C:\Users\Arthur\Downloads\Escalon+v6.rar 2014-08-04 07:38 - 2014-08-04 07:39 - 208775365 _____ () C:\Users\Arthur\Downloads\Approved #5.rar 2014-08-04 07:36 - 2014-08-04 07:38 - 199019790 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #322.rar 2014-08-04 07:35 - 2014-08-04 07:38 - 205572784 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #321.rar 2014-08-02 07:47 - 2014-08-02 07:47 - 23301624 _____ (ArenaNet) C:\Users\Arthur\Downloads\Gw2Setup.exe 2014-08-02 03:40 - 2014-08-02 03:40 - 01010652 _____ () C:\Users\Arthur\Downloads\Clonk-Clonk.rar 2014-08-02 03:16 - 2014-08-02 03:16 - 01726708 _____ () C:\Users\Arthur\Downloads\Red+as+fuck.osk 2014-08-02 02:11 - 2014-08-02 02:11 - 00001399 _____ () C:\Users\Arthur\Desktop\osuTrainer - Verknüpfung.lnk 2014-08-02 00:55 - 2014-08-02 00:55 - 31604446 _____ () C:\Users\Arthur\Downloads\Nara+4.7.zip 2014-08-02 00:55 - 2014-08-02 00:55 - 07135462 _____ () C:\Users\Arthur\Downloads\default.zip 2014-08-01 23:34 - 2014-08-01 23:34 - 00000000 ____D () C:\Users\Arthur\AppData\Local\osuTrainer 2014-08-01 23:33 - 2014-08-02 02:11 - 00000000 ____D () C:\Program Files (x86)\Osu!trainer 2014-08-01 23:32 - 2014-08-01 23:32 - 01277651 _____ () C:\Users\Arthur\Downloads\osuTrainer.zip 2014-07-31 23:48 - 2014-07-31 23:48 - 07694565 _____ () C:\Users\Arthur\Downloads\39043 Nicki Minaj - Super Bass.osz 2014-07-31 06:11 - 2014-07-31 06:11 - 04065865 _____ () C:\Users\Arthur\Downloads\28751 07th Expansion - rog-unlimitation.osz 2014-07-28 23:18 - 2014-07-28 23:18 - 00000219 _____ () C:\Users\Arthur\Desktop\Counter-Strike Global Offensive.url 2014-07-27 20:02 - 2014-07-27 20:03 - 00000000 ____D () C:\Users\Arthur\Documents\BFBC2 2014-07-27 20:01 - 2014-07-27 20:01 - 02434856 _____ () C:\Windows\SysWOW64\pbsvc_bc2.exe 2014-07-27 20:00 - 2014-07-27 20:00 - 00018511 _____ () C:\Windows\DirectX.log 2014-07-27 07:58 - 2014-07-27 07:59 - 27377569 _____ () C:\Users\Arthur\Downloads\Syrasu2.rar 2014-07-26 23:39 - 2014-07-26 23:39 - 02239108 _____ () C:\Users\Arthur\Downloads\osuStreamSpeed.jar 2014-07-26 17:31 - 2014-07-26 17:32 - 87502847 _____ () C:\Users\Arthur\Downloads\WWWskin (2).rar 2014-07-26 17:31 - 2014-07-26 17:32 - 113746536 _____ () C:\Users\Arthur\Downloads\WWWskin (1).rar 2014-07-26 16:28 - 2014-07-26 16:28 - 87502847 _____ () C:\Users\Arthur\Downloads\WWWskin.rar 2014-07-25 23:02 - 2014-07-25 23:02 - 09791148 _____ () C:\Users\Arthur\Downloads\Skins.rar 2014-07-25 23:02 - 2014-07-25 23:02 - 07241953 _____ () C:\Users\Arthur\Downloads\cptnxn2.rar 2014-07-25 19:57 - 2014-07-25 19:57 - 00024919 _____ () C:\Users\Arthur\Downloads\Scorebar.rar 2014-07-25 01:19 - 2014-07-25 01:31 - 2228035460 _____ () C:\Users\Arthur\Downloads\DLC.rar 2014-07-25 00:36 - 2014-07-25 00:36 - 00002899 _____ () C:\Users\Arthur\Desktop\iw4m - Verknüpfung.lnk 2014-07-25 00:29 - 2014-07-25 00:30 - 1506894037 _____ () C:\Users\Arthur\Downloads\MW2 English Patch.zip 2014-07-25 00:25 - 2014-07-25 00:25 - 00221087 _____ () C:\Users\Arthur\Downloads\Default Style Client UpdaterV3.rar 2014-07-25 00:24 - 2014-07-25 01:43 - 00000000 ____D () C:\Users\Arthur\Documents\RepZIW4M 2014-07-24 15:38 - 2014-07-24 15:38 - 00000000 ____D () C:\ProgramData\Last.fm 2014-07-24 15:38 - 2014-07-24 15:38 - 00000000 ____D () C:\Program Files (x86)\Winamp 2014-07-24 15:32 - 2014-07-24 15:32 - 00000985 _____ () C:\Users\Public\Desktop\Last.fm Scrobbler.lnk 2014-07-24 15:32 - 2014-07-24 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm 2014-07-24 15:31 - 2014-08-06 07:57 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Last.fm 2014-07-24 15:31 - 2014-07-24 15:32 - 00000000 ____D () C:\Program Files (x86)\Last.fm 2014-07-24 15:31 - 2014-07-24 15:31 - 14916216 _____ (Last.fm ) C:\Users\Arthur\Downloads\Last.fm-2.1.36.exe 2014-07-24 15:29 - 2014-07-24 15:29 - 00000125 _____ () C:\Users\Arthur\Downloads\playlist.pls 2014-07-24 15:25 - 2014-07-24 15:25 - 00000200 _____ () C:\Users\Arthur\Downloads\listen (1).pls 2014-07-24 15:21 - 2014-07-24 15:21 - 00214688 _____ () C:\Users\Arthur\Downloads\metro_skin_for_aimp3_by_ikorolkov-d4qqujr.rar 2014-07-24 15:05 - 2014-08-06 08:03 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\AIMP3 2014-07-24 15:05 - 2014-07-24 15:05 - 00000909 _____ () C:\Users\Public\Desktop\AIMP3.lnk 2014-07-24 15:05 - 2014-07-24 15:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3 2014-07-24 15:05 - 2014-07-24 15:05 - 00000000 ____D () C:\Program Files (x86)\AIMP3 2014-07-24 15:03 - 2014-07-24 15:03 - 07771936 _____ (AIMP DevTeam) C:\Users\Arthur\Downloads\aimp_3.55.1355.exe 2014-07-24 03:03 - 2014-07-25 02:28 - 00003030 _____ () C:\Windows\System32\Tasks\RTSS 2014-07-24 02:57 - 2014-07-25 02:28 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server 2014-07-24 02:57 - 2014-07-24 02:57 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server 2014-07-24 02:56 - 2014-07-25 02:28 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner 2014-07-24 02:56 - 2014-07-24 02:56 - 00001090 _____ () C:\Users\Arthur\Desktop\MSI Afterburner.lnk 2014-07-24 02:56 - 2014-07-24 02:56 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner 2014-07-24 02:55 - 2014-07-24 02:55 - 29239096 _____ () C:\Users\Arthur\Downloads\MSIAfterburnerSetup301.zip 2014-07-24 02:53 - 2014-07-24 02:53 - 00826192 _____ (Chip Digital GmbH) C:\Users\Arthur\Downloads\MSI Afterburner - CHIP-Installer.exe 2014-07-23 22:04 - 2014-07-23 22:04 - 00002966 _____ () C:\Users\Arthur\Desktop\BlackOpsMP.lnk 2014-07-23 22:04 - 2014-07-23 22:04 - 00002936 _____ () C:\Users\Arthur\Desktop\BlackOps.lnk 2014-07-23 22:04 - 2014-07-23 22:04 - 00002909 _____ () C:\Users\Arthur\Desktop\repzOps.lnk 2014-07-23 22:03 - 2014-07-23 22:03 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Macromedia 2014-07-23 21:59 - 2014-07-23 21:59 - 00000000 __RHD () C:\Users\Arthur\AppData\Roaming\SecuROM 2014-07-23 21:59 - 2014-07-23 21:59 - 00000000 ____D () C:\Users\Public\Documents\EA Games 2014-07-23 21:08 - 2014-07-23 21:08 - 17089296 _____ (Electronic Arts, Inc.) C:\Users\Arthur\Downloads\OriginThinSetup.exe 2014-07-23 19:10 - 2014-07-23 19:10 - 00001943 _____ () C:\Users\Public\Desktop\Display Pilot.lnk 2014-07-23 19:10 - 2014-07-23 19:10 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\DisplayTune 2014-07-23 19:10 - 2014-07-23 19:10 - 00000000 ____D () C:\Users\Arthur\AppData\Local\DisplayTune 2014-07-23 19:10 - 2014-07-23 19:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BenQ 2014-07-23 19:09 - 2014-07-23 19:09 - 00000000 ____D () C:\Program Files (x86)\Portrait Displays 2014-07-23 19:09 - 2011-02-19 23:03 - 00421200 _____ (Microsoft Corporation) C:\Windows\msvcp100.dll 2014-07-23 19:09 - 2011-02-19 00:40 - 00773968 _____ (Microsoft Corporation) C:\Windows\msvcr100.dll 2014-07-23 19:09 - 2009-07-12 00:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\mfcm80.dll 2014-07-23 19:09 - 2009-07-12 00:55 - 00632656 _____ (Microsoft Corporation) C:\Windows\msvcr80.dll 2014-07-23 19:09 - 2009-07-12 00:55 - 00554832 _____ (Microsoft Corporation) C:\Windows\msvcp80.dll 2014-07-23 19:09 - 2009-07-12 00:55 - 00479232 _____ (Microsoft Corporation) C:\Windows\msvcm80.dll 2014-07-23 19:09 - 2009-07-12 00:55 - 00057856 _____ (Microsoft Corporation) C:\Windows\mfcm80u.dll 2014-07-23 19:09 - 2009-07-11 19:46 - 01105920 _____ (Microsoft Corporation) C:\Windows\mfc80.dll 2014-07-23 19:09 - 2009-07-11 19:46 - 01093120 _____ (Microsoft Corporation) C:\Windows\mfc80u.dll 2014-07-23 19:09 - 2009-07-11 19:46 - 00002372 _____ () C:\Windows\Microsoft.VC80.MFC.manifest 2014-07-23 19:09 - 2009-07-11 18:10 - 00097280 _____ (Microsoft Corporation) C:\Windows\atl80.dll 2014-07-23 19:09 - 2009-07-11 18:10 - 00001870 _____ () C:\Windows\Microsoft.VC80.CRT.manifest 2014-07-23 19:09 - 2009-07-11 18:10 - 00000466 _____ () C:\Windows\Microsoft.VC80.ATL.manifest 2014-07-23 19:09 - 2007-04-04 10:30 - 00007432 _____ () C:\Windows\SysWOW64\Machnm32.sys 2014-07-23 19:09 - 2004-08-04 00:56 - 01392671 _____ (Microsoft Corporation) C:\Windows\msvbvm60.dll 2014-07-23 19:09 - 2002-01-05 04:48 - 00974848 _____ (Microsoft Corporation) C:\Windows\mfc70.dll 2014-07-23 19:09 - 2002-01-05 03:40 - 00487424 _____ (Microsoft Corporation) C:\Windows\msvcp70.dll 2014-07-23 19:09 - 2002-01-05 03:37 - 00344064 _____ (Microsoft Corporation) C:\Windows\msvcr70.dll 2014-07-23 19:09 - 2001-06-01 08:26 - 00372736 _____ (Intel Corporation) C:\Windows\ijl15.dll 2014-07-23 19:08 - 2014-07-23 19:08 - 00000000 ____D () C:\Program Files (x86)\BenQ 2014-07-23 19:07 - 2014-07-23 19:07 - 27745611 _____ () C:\Users\Arthur\Downloads\benq_display_pilot-setup.rar 2014-07-23 19:02 - 2014-07-23 19:02 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-23 19:02 - 2014-07-23 19:02 - 00000000 _____ () C:\Windows\setupact.log 2014-07-23 07:19 - 2014-07-23 22:04 - 00000000 ____D () C:\Users\Arthur\Documents\RepZOps 2014-07-23 03:39 - 2014-07-23 03:39 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-07-23 03:39 - 2014-07-23 03:39 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-07-23 03:39 - 2014-07-23 03:39 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Mozilla 2014-07-23 03:39 - 2014-07-23 03:39 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Mozilla 2014-07-23 03:39 - 2014-07-23 03:39 - 00000000 ____D () C:\ProgramData\Mozilla 2014-07-23 03:36 - 2014-07-23 03:36 - 30063128 _____ (Mozilla) C:\Users\Arthur\Downloads\Firefox Setup 30.0_de.exe 2014-07-22 22:42 - 2014-07-22 23:10 - 00000000 ____D () C:\Users\Arthur\Desktop\Gimp 2014-07-22 22:39 - 2014-07-22 22:39 - 00000000 ____D () C:\Users\Arthur\AppData\Local\webkit 2014-07-22 16:53 - 2014-07-22 16:53 - 00000000 ____D () C:\Users\Arthur\Desktop\Beta 2ns sugoi ! 1 2014-07-22 16:52 - 2014-07-22 16:53 - 00000000 ____D () C:\Users\Arthur\Desktop\Schlagsounds AKA Tischtennismatch 2014-07-21 19:49 - 2014-07-21 19:49 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk 2014-07-21 19:49 - 2014-07-21 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2014-07-15 20:56 - 2014-07-15 20:56 - 00019682 _____ () C:\Users\Arthur\Downloads\OsuLastFm.zip 2014-07-15 17:50 - 2014-07-15 17:52 - 137078872 _____ () C:\Users\Arthur\Downloads\(pro) Players Skin Compendium (Part 1).rar 2014-07-15 07:36 - 2014-07-15 07:36 - 06345434 _____ () C:\Users\Arthur\Downloads\cookie-.rar 2014-07-14 03:55 - 2014-07-14 03:55 - 17013628 _____ () C:\Users\Arthur\Downloads\chocolat+vanilla.rar 2014-07-14 01:16 - 2014-07-14 01:16 - 04562655 _____ () C:\Users\Arthur\Downloads\Hitlerrede.webm 2014-07-14 01:12 - 2014-07-14 01:13 - 207874831 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #361.rar 2014-07-13 17:48 - 2014-07-13 17:48 - 07275566 _____ () C:\Users\Arthur\Downloads\Andrea.rar 2014-07-13 17:12 - 2014-07-13 17:13 - 216063371 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #362.rar 2014-07-13 17:12 - 2014-07-13 17:13 - 210028588 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #363.rar 2014-07-13 01:46 - 2014-07-13 01:47 - 01080480 _____ (Unity Technologies ApS) C:\Users\Arthur\Downloads\UnityWebPlayer (1).exe 2014-07-13 00:19 - 2014-07-13 00:19 - 20495624 _____ () C:\Users\Arthur\Downloads\FunOrange 4.15.2014.rar 2014-07-13 00:12 - 2014-07-13 00:12 - 07868105 _____ () C:\Users\Arthur\Downloads\FunOrange8.4 (1).rar 2014-07-12 22:40 - 2014-07-12 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sirius MT2 2014-07-12 22:17 - 2014-07-12 22:17 - 00003180 _____ () C:\Windows\System32\Tasks\{87793036-60BC-4D33-BC8C-69C6E3256169} 2014-07-12 21:57 - 2014-07-12 21:57 - 00836112 _____ (SiriusMT2) C:\Users\Arthur\Downloads\sirius.20.13.rev.installer (1).exe 2014-07-11 20:28 - 2014-07-11 20:28 - 00034332 _____ () C:\Users\Arthur\Downloads\High Precision Cursor by FynnFTW - More Colors.rar 2014-07-11 20:27 - 2014-07-11 20:27 - 07868105 _____ () C:\Users\Arthur\Downloads\FunOrange8.4.rar 2014-07-11 17:33 - 2014-07-11 17:33 - 00000000 ____D () C:\Users\Public\Documents\sun 2014-07-11 17:31 - 2014-07-11 17:31 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0 2014-07-11 17:24 - 2014-07-11 17:24 - 00961360 _____ (Chip Digital GmbH) C:\Users\Arthur\Downloads\OpenOffice - CHIP-Installer.exe 2014-07-10 06:53 - 2014-07-10 06:53 - 00001214 _____ () C:\Users\UpdatusUser\Desktop\AK Cabal Launcher.lnk 2014-07-10 06:52 - 2014-07-10 06:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arena Knights Cabal Episode 10 2014-07-10 06:36 - 2014-07-14 06:38 - 00000000 ____D () C:\Program Files (x86)\Arena Knights Cabal Episode 10 2014-07-10 06:35 - 2014-07-10 06:36 - 1717330663 _____ (Arena Knights ) C:\Users\Arthur\Downloads\AKCabalEp10.exe 2014-07-10 06:32 - 2014-07-10 06:32 - 01915058 _____ () C:\Users\Arthur\Downloads\TGCabalEP8.torrent 2014-07-09 01:22 - 2014-07-09 01:29 - 00000000 ____D () C:\Users\Arthur\AppData\Local\2K Games 2014-07-09 00:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-07-09 00:35 - 2014-07-09 00:35 - 01346519 _____ () C:\Users\Arthur\Downloads\adwcleaner_3.214.exe 2014-07-09 00:34 - 2014-07-24 03:30 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect 2014-07-09 00:31 - 2014-07-09 00:31 - 00000000 ____D () C:\Users\Arthur\Downloads\Cabal-2 2014-07-09 00:31 - 2014-07-09 00:31 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Temp842aac0f581a708d0ea973e67a58ad18_ 2014-07-09 00:30 - 2014-07-09 00:30 - 01063312 _____ () C:\Users\Arthur\Downloads\Cabal-2-lnstall.exe 2014-07-08 20:19 - 2014-07-08 20:19 - 23673366 _____ () C:\Users\Arthur\Downloads\91214 Lucky Star no Minna - Kumikyoku 'Lucky Star Douga'.osz 2014-07-08 03:06 - 2014-07-08 03:07 - 1137512686 _____ () C:\Users\Arthur\Downloads\wom2_installer_20140512.exe 2014-07-08 02:21 - 2014-07-08 02:58 - 00000000 ____D () C:\Users\Arthur\Documents\dragoon 2014-07-07 22:00 - 2014-07-07 22:00 - 00025240 _____ () C:\Users\Arthur\Downloads\Cookiezi - Hatsune Miku - Story of my Wife [Warota] (2013-04-15) Osu (2).osr 2014-07-07 21:59 - 2014-07-07 21:59 - 00025240 _____ () C:\Users\Arthur\Downloads\Cookiezi - Hatsune Miku - Story of my Wife [Warota] (2013-04-15) Osu (1).osr 2014-07-07 21:58 - 2014-07-07 21:59 - 00025240 _____ () C:\Users\Arthur\Downloads\Cookiezi - Hatsune Miku - Story of my Wife [Warota] (2013-04-15) Osu.osr ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-06 10:35 - 2014-08-06 10:34 - 00020328 _____ () C:\Users\Arthur\Downloads\FRST.txt 2014-08-06 10:35 - 2014-08-06 10:34 - 00000000 ____D () C:\FRST 2014-08-06 10:34 - 2014-08-06 10:34 - 02094080 _____ (Farbar) C:\Users\Arthur\Downloads\FRST64.exe 2014-08-06 10:17 - 2014-08-06 10:15 - 00011862 _____ () C:\Users\Arthur\Desktop\hijackthis.log 2014-08-06 10:17 - 2014-01-27 01:39 - 00000000 ____D () C:\Users\Arthur\Downloads\backups 2014-08-06 10:12 - 2014-04-19 22:35 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-08-06 09:44 - 2014-04-25 08:52 - 00000000 ____D () C:\Program Files (x86)\osu! 2014-08-06 09:36 - 2013-09-20 12:21 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-08-06 09:27 - 2014-08-06 09:27 - 00000195 _____ () C:\Users\Arthur\Desktop\redditpost.txt 2014-08-06 08:43 - 2014-02-19 01:31 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\vlc 2014-08-06 08:03 - 2014-07-24 15:05 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\AIMP3 2014-08-06 07:57 - 2014-07-24 15:31 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Last.fm 2014-08-06 07:36 - 2013-09-20 12:21 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-08-06 06:20 - 2013-09-22 19:08 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\TS3Client 2014-08-06 05:36 - 2013-09-20 10:48 - 01378441 _____ () C:\Windows\WindowsUpdate.log 2014-08-06 02:39 - 2013-09-20 12:05 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-08-06 01:46 - 2014-02-12 22:47 - 00000000 ____D () C:\ProgramData\Origin 2014-08-06 00:00 - 2013-10-04 17:46 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr 2014-08-06 00:00 - 2013-10-04 17:37 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-08-06 00:00 - 2013-10-04 17:37 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2014-08-05 23:52 - 2014-02-12 22:47 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-08-05 19:45 - 2013-09-22 16:46 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-08-05 12:00 - 2014-08-05 03:41 - 00000618 _____ () C:\Users\Arthur\Desktop\[box image dinger].txt 2014-08-05 11:57 - 2014-05-06 21:37 - 00000000 ____D () C:\Users\Arthur\.gimp-2.8 2014-08-05 11:55 - 2014-08-05 11:55 - 00019164 _____ () C:\Users\Arthur\AppData\Local\recently-used.xbel 2014-08-05 11:55 - 2014-05-06 21:57 - 00000000 ____D () C:\Users\Arthur\AppData\Local\gtk-2.0 2014-08-05 08:21 - 2014-04-09 02:56 - 00000000 ____D () C:\Users\Arthur\Desktop\Neuer Ordner 2014-08-05 07:02 - 2013-10-04 17:37 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-08-05 03:56 - 2014-08-05 03:56 - 12875367 _____ () C:\Users\Arthur\Downloads\Escalon+v6 (1).rar 2014-08-05 03:33 - 2014-08-05 03:33 - 12067624 _____ () C:\Users\Arthur\Downloads\bestest+evar.rar 2014-08-04 22:29 - 2014-05-12 21:50 - 00000000 ____D () C:\ProgramData\boost_interprocess 2014-08-04 18:31 - 2014-08-04 18:31 - 12875367 _____ () C:\Users\Arthur\Downloads\Escalon+v6.rar 2014-08-04 07:48 - 2014-04-29 00:14 - 00000000 ____D () C:\Users\Arthur\Desktop\Osu 2014-08-04 07:39 - 2014-08-04 07:38 - 208775365 _____ () C:\Users\Arthur\Downloads\Approved #5.rar 2014-08-04 07:38 - 2014-08-04 07:36 - 199019790 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #322.rar 2014-08-04 07:38 - 2014-08-04 07:35 - 205572784 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #321.rar 2014-08-03 22:56 - 2014-02-01 22:34 - 00002580 _____ () C:\Windows\Sandboxie.ini 2014-08-02 10:20 - 2014-01-02 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2 2014-08-02 08:14 - 2014-01-02 22:45 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2 2014-08-02 08:13 - 2014-04-22 08:43 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Guild Wars 2 2014-08-02 07:47 - 2014-08-02 07:47 - 23301624 _____ (ArenaNet) C:\Users\Arthur\Downloads\Gw2Setup.exe 2014-08-02 03:40 - 2014-08-02 03:40 - 01010652 _____ () C:\Users\Arthur\Downloads\Clonk-Clonk.rar 2014-08-02 03:16 - 2014-08-02 03:16 - 01726708 _____ () C:\Users\Arthur\Downloads\Red+as+fuck.osk 2014-08-02 02:11 - 2014-08-02 02:11 - 00001399 _____ () C:\Users\Arthur\Desktop\osuTrainer - Verknüpfung.lnk 2014-08-02 02:11 - 2014-08-01 23:33 - 00000000 ____D () C:\Program Files (x86)\Osu!trainer 2014-08-02 00:55 - 2014-08-02 00:55 - 31604446 _____ () C:\Users\Arthur\Downloads\Nara+4.7.zip 2014-08-02 00:55 - 2014-08-02 00:55 - 07135462 _____ () C:\Users\Arthur\Downloads\default.zip 2014-08-01 23:34 - 2014-08-01 23:34 - 00000000 ____D () C:\Users\Arthur\AppData\Local\osuTrainer 2014-08-01 23:32 - 2014-08-01 23:32 - 01277651 _____ () C:\Users\Arthur\Downloads\osuTrainer.zip 2014-07-31 23:48 - 2014-07-31 23:48 - 07694565 _____ () C:\Users\Arthur\Downloads\39043 Nicki Minaj - Super Bass.osz 2014-07-31 06:11 - 2014-07-31 06:11 - 04065865 _____ () C:\Users\Arthur\Downloads\28751 07th Expansion - rog-unlimitation.osz 2014-07-28 23:18 - 2014-07-28 23:18 - 00000219 _____ () C:\Users\Arthur\Desktop\Counter-Strike Global Offensive.url 2014-07-27 22:35 - 2013-10-12 03:20 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-07-27 20:03 - 2014-07-27 20:02 - 00000000 ____D () C:\Users\Arthur\Documents\BFBC2 2014-07-27 20:02 - 2013-10-04 17:46 - 00000000 ____D () C:\Users\Arthur\AppData\Local\PunkBuster 2014-07-27 20:01 - 2014-07-27 20:01 - 02434856 _____ () C:\Windows\SysWOW64\pbsvc_bc2.exe 2014-07-27 20:00 - 2014-07-27 20:00 - 00018511 _____ () C:\Windows\DirectX.log 2014-07-27 07:59 - 2014-07-27 07:58 - 27377569 _____ () C:\Users\Arthur\Downloads\Syrasu2.rar 2014-07-26 23:39 - 2014-07-26 23:39 - 02239108 _____ () C:\Users\Arthur\Downloads\osuStreamSpeed.jar 2014-07-26 17:32 - 2014-07-26 17:31 - 87502847 _____ () C:\Users\Arthur\Downloads\WWWskin (2).rar 2014-07-26 17:32 - 2014-07-26 17:31 - 113746536 _____ () C:\Users\Arthur\Downloads\WWWskin (1).rar 2014-07-26 16:28 - 2014-07-26 16:28 - 87502847 _____ () C:\Users\Arthur\Downloads\WWWskin.rar 2014-07-25 23:02 - 2014-07-25 23:02 - 09791148 _____ () C:\Users\Arthur\Downloads\Skins.rar 2014-07-25 23:02 - 2014-07-25 23:02 - 07241953 _____ () C:\Users\Arthur\Downloads\cptnxn2.rar 2014-07-25 19:57 - 2014-07-25 19:57 - 00024919 _____ () C:\Users\Arthur\Downloads\Scorebar.rar 2014-07-25 02:28 - 2014-07-24 03:03 - 00003030 _____ () C:\Windows\System32\Tasks\RTSS 2014-07-25 02:28 - 2014-07-24 02:57 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server 2014-07-25 02:28 - 2014-07-24 02:56 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner 2014-07-25 01:43 - 2014-07-25 00:24 - 00000000 ____D () C:\Users\Arthur\Documents\RepZIW4M 2014-07-25 01:31 - 2014-07-25 01:19 - 2228035460 _____ () C:\Users\Arthur\Downloads\DLC.rar 2014-07-25 00:36 - 2014-07-25 00:36 - 00002899 _____ () C:\Users\Arthur\Desktop\iw4m - Verknüpfung.lnk 2014-07-25 00:30 - 2014-07-25 00:29 - 1506894037 _____ () C:\Users\Arthur\Downloads\MW2 English Patch.zip 2014-07-25 00:25 - 2014-07-25 00:25 - 00221087 _____ () C:\Users\Arthur\Downloads\Default Style Client UpdaterV3.rar 2014-07-24 15:38 - 2014-07-24 15:38 - 00000000 ____D () C:\ProgramData\Last.fm 2014-07-24 15:38 - 2014-07-24 15:38 - 00000000 ____D () C:\Program Files (x86)\Winamp 2014-07-24 15:32 - 2014-07-24 15:32 - 00000985 _____ () C:\Users\Public\Desktop\Last.fm Scrobbler.lnk 2014-07-24 15:32 - 2014-07-24 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm 2014-07-24 15:32 - 2014-07-24 15:31 - 00000000 ____D () C:\Program Files (x86)\Last.fm 2014-07-24 15:31 - 2014-07-24 15:31 - 14916216 _____ (Last.fm ) C:\Users\Arthur\Downloads\Last.fm-2.1.36.exe 2014-07-24 15:29 - 2014-07-24 15:29 - 00000125 _____ () C:\Users\Arthur\Downloads\playlist.pls 2014-07-24 15:25 - 2014-07-24 15:25 - 00000200 _____ () C:\Users\Arthur\Downloads\listen (1).pls 2014-07-24 15:21 - 2014-07-24 15:21 - 00214688 _____ () C:\Users\Arthur\Downloads\metro_skin_for_aimp3_by_ikorolkov-d4qqujr.rar 2014-07-24 15:05 - 2014-07-24 15:05 - 00000909 _____ () C:\Users\Public\Desktop\AIMP3.lnk 2014-07-24 15:05 - 2014-07-24 15:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3 2014-07-24 15:05 - 2014-07-24 15:05 - 00000000 ____D () C:\Program Files (x86)\AIMP3 2014-07-24 15:03 - 2014-07-24 15:03 - 07771936 _____ (AIMP DevTeam) C:\Users\Arthur\Downloads\aimp_3.55.1355.exe 2014-07-24 03:36 - 2013-09-20 20:28 - 00000000 ____D () C:\Users\Arthur\Documents\My Games 2014-07-24 03:32 - 2014-06-25 23:24 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin 2014-07-24 03:30 - 2014-07-09 00:34 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect 2014-07-24 02:58 - 2014-03-15 21:37 - 00000000 ___HD () C:\Windows\msdownld.tmp 2014-07-24 02:58 - 2014-03-15 21:37 - 00000000 ____D () C:\Windows\SysWOW64\directx 2014-07-24 02:57 - 2014-07-24 02:57 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server 2014-07-24 02:56 - 2014-07-24 02:56 - 00001090 _____ () C:\Users\Arthur\Desktop\MSI Afterburner.lnk 2014-07-24 02:56 - 2014-07-24 02:56 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner 2014-07-24 02:55 - 2014-07-24 02:55 - 29239096 _____ () C:\Users\Arthur\Downloads\MSIAfterburnerSetup301.zip 2014-07-24 02:53 - 2014-07-24 02:53 - 00826192 _____ (Chip Digital GmbH) C:\Users\Arthur\Downloads\MSI Afterburner - CHIP-Installer.exe 2014-07-23 22:04 - 2014-07-23 22:04 - 00002966 _____ () C:\Users\Arthur\Desktop\BlackOpsMP.lnk 2014-07-23 22:04 - 2014-07-23 22:04 - 00002936 _____ () C:\Users\Arthur\Desktop\BlackOps.lnk 2014-07-23 22:04 - 2014-07-23 22:04 - 00002909 _____ () C:\Users\Arthur\Desktop\repzOps.lnk 2014-07-23 22:04 - 2014-07-23 07:19 - 00000000 ____D () C:\Users\Arthur\Documents\RepZOps 2014-07-23 22:03 - 2014-07-23 22:03 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Macromedia 2014-07-23 21:59 - 2014-07-23 21:59 - 00000000 __RHD () C:\Users\Arthur\AppData\Roaming\SecuROM 2014-07-23 21:59 - 2014-07-23 21:59 - 00000000 ____D () C:\Users\Public\Documents\EA Games 2014-07-23 21:59 - 2013-10-03 15:38 - 00000000 ____D () C:\Users\Arthur\Documents\EA Games 2014-07-23 21:29 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-07-23 21:13 - 2014-06-13 18:28 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-07-23 21:08 - 2014-07-23 21:08 - 17089296 _____ (Electronic Arts, Inc.) C:\Users\Arthur\Downloads\OriginThinSetup.exe 2014-07-23 19:10 - 2014-07-23 19:10 - 00001943 _____ () C:\Users\Public\Desktop\Display Pilot.lnk 2014-07-23 19:10 - 2014-07-23 19:10 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\DisplayTune 2014-07-23 19:10 - 2014-07-23 19:10 - 00000000 ____D () C:\Users\Arthur\AppData\Local\DisplayTune 2014-07-23 19:10 - 2014-07-23 19:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BenQ 2014-07-23 19:09 - 2014-07-23 19:09 - 00000000 ____D () C:\Program Files (x86)\Portrait Displays 2014-07-23 19:09 - 2013-09-20 11:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-07-23 19:08 - 2014-07-23 19:08 - 00000000 ____D () C:\Program Files (x86)\BenQ 2014-07-23 19:07 - 2014-07-23 19:07 - 27745611 _____ () C:\Users\Arthur\Downloads\benq_display_pilot-setup.rar 2014-07-23 19:02 - 2014-07-23 19:02 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-23 19:02 - 2014-07-23 19:02 - 00000000 _____ () C:\Windows\setupact.log 2014-07-23 17:39 - 2014-04-19 23:57 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2014-07-23 07:14 - 2014-05-04 18:26 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Activision 2014-07-23 05:40 - 2009-07-14 06:45 - 00014368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-23 05:40 - 2009-07-14 06:45 - 00014368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-23 03:39 - 2014-07-23 03:39 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-07-23 03:39 - 2014-07-23 03:39 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-07-23 03:39 - 2014-07-23 03:39 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Mozilla 2014-07-23 03:39 - 2014-07-23 03:39 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Mozilla 2014-07-23 03:39 - 2014-07-23 03:39 - 00000000 ____D () C:\ProgramData\Mozilla 2014-07-23 03:39 - 2013-10-12 13:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-07-23 03:36 - 2014-07-23 03:36 - 30063128 _____ (Mozilla) C:\Users\Arthur\Downloads\Firefox Setup 30.0_de.exe 2014-07-23 03:22 - 2013-10-17 22:04 - 00000000 ____D () C:\Users\Arthur\AppData\Local\LogMeIn Hamachi 2014-07-23 03:21 - 2014-06-26 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-07-23 03:20 - 2014-06-26 11:35 - 00000997 _____ () C:\Users\Arthur\Desktop\CCleaner.lnk 2014-07-22 23:10 - 2014-07-22 22:42 - 00000000 ____D () C:\Users\Arthur\Desktop\Gimp 2014-07-22 22:39 - 2014-07-22 22:39 - 00000000 ____D () C:\Users\Arthur\AppData\Local\webkit 2014-07-22 16:53 - 2014-07-22 16:53 - 00000000 ____D () C:\Users\Arthur\Desktop\Beta 2ns sugoi ! 1 2014-07-22 16:53 - 2014-07-22 16:52 - 00000000 ____D () C:\Users\Arthur\Desktop\Schlagsounds AKA Tischtennismatch 2014-07-21 19:55 - 2013-09-20 11:26 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-07-21 19:55 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-21 19:49 - 2014-07-21 19:49 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk 2014-07-21 19:49 - 2014-07-21 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2014-07-21 19:49 - 2013-10-20 14:23 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi 2014-07-17 13:19 - 2014-02-25 01:29 - 00000000 ____D () C:\Program Files (x86)\TERA 2014-07-15 20:56 - 2014-07-15 20:56 - 00019682 _____ () C:\Users\Arthur\Downloads\OsuLastFm.zip 2014-07-15 20:15 - 2013-09-22 19:06 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client 2014-07-15 17:52 - 2014-07-15 17:50 - 137078872 _____ () C:\Users\Arthur\Downloads\(pro) Players Skin Compendium (Part 1).rar 2014-07-15 07:36 - 2014-07-15 07:36 - 06345434 _____ () C:\Users\Arthur\Downloads\cookie-.rar 2014-07-14 06:38 - 2014-07-10 06:36 - 00000000 ____D () C:\Program Files (x86)\Arena Knights Cabal Episode 10 2014-07-14 03:55 - 2014-07-14 03:55 - 17013628 _____ () C:\Users\Arthur\Downloads\chocolat+vanilla.rar 2014-07-14 01:17 - 2014-05-15 19:30 - 00000000 ____D () C:\Users\Arthur\Downloads\Screens 2014-07-14 01:16 - 2014-07-14 01:16 - 04562655 _____ () C:\Users\Arthur\Downloads\Hitlerrede.webm 2014-07-14 01:13 - 2014-07-14 01:12 - 207874831 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #361.rar 2014-07-13 17:48 - 2014-07-13 17:48 - 07275566 _____ () C:\Users\Arthur\Downloads\Andrea.rar 2014-07-13 17:13 - 2014-07-13 17:12 - 216063371 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #362.rar 2014-07-13 17:13 - 2014-07-13 17:12 - 210028588 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #363.rar 2014-07-13 01:47 - 2014-07-13 01:46 - 01080480 _____ (Unity Technologies ApS) C:\Users\Arthur\Downloads\UnityWebPlayer (1).exe 2014-07-13 01:47 - 2014-04-04 22:38 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Unity 2014-07-13 00:19 - 2014-07-13 00:19 - 20495624 _____ () C:\Users\Arthur\Downloads\FunOrange 4.15.2014.rar 2014-07-13 00:12 - 2014-07-13 00:12 - 07868105 _____ () C:\Users\Arthur\Downloads\FunOrange8.4 (1).rar 2014-07-12 22:40 - 2014-07-12 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sirius MT2 2014-07-12 22:26 - 2013-11-03 23:24 - 00000000 ____D () C:\Sirius MT2 2014-07-12 22:17 - 2014-07-12 22:17 - 00003180 _____ () C:\Windows\System32\Tasks\{87793036-60BC-4D33-BC8C-69C6E3256169} 2014-07-12 22:13 - 2013-11-03 21:22 - 1572305527 _____ (Sirius MT2 ) C:\Users\Arthur\Documents\sirius.20.13.rev.client.exe 2014-07-12 21:57 - 2014-07-12 21:57 - 00836112 _____ (SiriusMT2) C:\Users\Arthur\Downloads\sirius.20.13.rev.installer (1).exe 2014-07-11 20:46 - 2009-07-14 06:45 - 05004720 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-11 20:28 - 2014-07-11 20:28 - 00034332 _____ () C:\Users\Arthur\Downloads\High Precision Cursor by FynnFTW - More Colors.rar 2014-07-11 20:27 - 2014-07-11 20:27 - 07868105 _____ () C:\Users\Arthur\Downloads\FunOrange8.4.rar 2014-07-11 17:48 - 2013-09-20 12:02 - 00094248 _____ () C:\Users\Arthur\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-11 17:33 - 2014-07-11 17:33 - 00000000 ____D () C:\Users\Public\Documents\sun 2014-07-11 17:31 - 2014-07-11 17:31 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0 2014-07-11 17:31 - 2014-01-03 08:25 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4 2014-07-11 17:24 - 2014-07-11 17:24 - 00961360 _____ (Chip Digital GmbH) C:\Users\Arthur\Downloads\OpenOffice - CHIP-Installer.exe 2014-07-10 06:53 - 2014-07-10 06:53 - 00001214 _____ () C:\Users\UpdatusUser\Desktop\AK Cabal Launcher.lnk 2014-07-10 06:52 - 2014-07-10 06:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arena Knights Cabal Episode 10 2014-07-10 06:36 - 2014-07-10 06:35 - 1717330663 _____ (Arena Knights ) C:\Users\Arthur\Downloads\AKCabalEp10.exe 2014-07-10 06:32 - 2014-07-10 06:32 - 01915058 _____ () C:\Users\Arthur\Downloads\TGCabalEP8.torrent 2014-07-09 01:29 - 2014-07-09 01:22 - 00000000 ____D () C:\Users\Arthur\AppData\Local\2K Games 2014-07-09 00:39 - 2014-01-27 01:33 - 00000000 ____D () C:\AdwCleaner 2014-07-09 00:38 - 2013-09-20 10:57 - 00000000 ____D () C:\Users\Arthur 2014-07-09 00:35 - 2014-07-09 00:35 - 01346519 _____ () C:\Users\Arthur\Downloads\adwcleaner_3.214.exe 2014-07-09 00:31 - 2014-07-09 00:31 - 00000000 ____D () C:\Users\Arthur\Downloads\Cabal-2 2014-07-09 00:31 - 2014-07-09 00:31 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Temp842aac0f581a708d0ea973e67a58ad18_ 2014-07-09 00:30 - 2014-07-09 00:30 - 01063312 _____ () C:\Users\Arthur\Downloads\Cabal-2-lnstall.exe 2014-07-08 20:19 - 2014-07-08 20:19 - 23673366 _____ () C:\Users\Arthur\Downloads\91214 Lucky Star no Minna - Kumikyoku 'Lucky Star Douga'.osz 2014-07-08 20:12 - 2014-04-29 17:12 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2014-07-08 20:12 - 2014-04-19 22:35 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-08 20:12 - 2014-03-20 01:46 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-08 20:12 - 2014-03-20 01:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-08 18:47 - 2014-05-27 06:26 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Ubisoft Game Launcher 2014-07-08 03:07 - 2014-07-08 03:06 - 1137512686 _____ () C:\Users\Arthur\Downloads\wom2_installer_20140512.exe 2014-07-08 02:58 - 2014-07-08 02:21 - 00000000 ____D () C:\Users\Arthur\Documents\dragoon 2014-07-08 02:18 - 2013-11-09 18:12 - 00000000 ____D () C:\ProgramData\Package Cache 2014-07-07 22:00 - 2014-07-07 22:00 - 00025240 _____ () C:\Users\Arthur\Downloads\Cookiezi - Hatsune Miku - Story of my Wife [Warota] (2013-04-15) Osu (2).osr 2014-07-07 21:59 - 2014-07-07 21:59 - 00025240 _____ () C:\Users\Arthur\Downloads\Cookiezi - Hatsune Miku - Story of my Wife [Warota] (2013-04-15) Osu (1).osr 2014-07-07 21:59 - 2014-07-07 21:58 - 00025240 _____ () C:\Users\Arthur\Downloads\Cookiezi - Hatsune Miku - Story of my Wife [Warota] (2013-04-15) Osu.osr Files to move or delete: ==================== C:\Users\Arthur\VOCALOID2.dll C:\Users\Arthur\VOCALOID2_Realtime.dll C:\Users\Arthur\VocaloidVSTi.dll Some content of TEMP: ==================== C:\Users\Arthur\AppData\Local\Temp\drm_dyndata_7400009.dll C:\Users\Arthur\AppData\Local\Temp\Gw2.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-28 04:26 ==================== End Of Log ============================ --- --- --- --- --- --- --- --- --- --- --- --- Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-08-2014 Ran by Arthur at 2014-08-06 10:36:08 Running from C:\Users\Arthur\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 100% Orange Juice (HKLM-x32\...\Steam App 282800) (Version: - Orange_Juice) A.V.A - Alliance of Valiant Arms (HKLM-x32\...\Steam App 102700) (Version: - RED DUCK Inc.) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Afterfall InSanity Extended Edition (HKLM-x32\...\Steam App 224420) (Version: - Intoxicate Studios) Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios) AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1355, 14.07.2014 - AIMP DevTeam) AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version: - Gameforge) AlternativA (HKLM-x32\...\Steam App 33990) (Version: - Centauri Production) altPUG (HKLM-x32\...\{4FC41018-ABBF-47A0-B917-2DA88C04DA7D}) (Version: 1.2 - altPUG LLC) AMD APP SDK Runtime (Version: 10.0.873.1 - Advanced Micro Devices Inc.) Hidden AMD Catalyst Install Manager (HKLM\...\{DD562794-C098-A1E5-66ED-10E8BD1C84C5}) (Version: 3.0.864.0 - Advanced Micro Devices, Inc.) AMD Fuel (Version: 2012.0504.1554.26509 - Ihr Firmenname) Hidden Archeblade (HKLM-x32\...\Steam App 207230) (Version: - CodeBrush Games) Arena Knights Cabal Episode 10 version 1.0 (HKLM-x32\...\{13D2BCED-7F48-468A-9296-3FB1150A7CDD}_is1) (Version: 1.0 - Arena Knights) Arma: Cold War Assault (HKLM-x32\...\Steam App 65790) (Version: - Bohemia Interactive) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology) Audiosurf (HKLM-x32\...\Steam App 12900) (Version: - Dylan Fitterer) Aura Kingdom (HKLM-x32\...\Steam App 268420) (Version: - X-Legend) AuraKingdom-DE (HKLM-x32\...\AuraKingdom-DE) (Version: - ) avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software) Battlefield 2 (HKLM-x32\...\Steam App 24860) (Version: - DICE) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version: - DICE) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB) BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - ) BioShock (HKLM-x32\...\Steam App 7670) (Version: - 2K Boston) Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software) Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward) Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version: - Treyarch) Catalyst Control Center (x32 Version: 2012.0504.1554.26509 - Ihr Firmenname) Hidden Catalyst Control Center InstallProxy (x32 Version: 2012.0504.1554.26509 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2012.0504.1554.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2012.0504.1554.26509 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform) Command and Conquer: Red Alert 3 (HKLM-x32\...\Steam App 17480) (Version: - EA Los Angeles) Corel Painter 12 - IPM (Version: 12.4 - Corel Corporation) Hidden Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Croixleur Sigma (HKLM-x32\...\Steam App 250640) (Version: - souvenir circ.) Dark Souls 2 (HKLM-x32\...\RGFya1NvdWxzMg==_is1) (Version: 1 - ) Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware) DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc) DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - THQ) DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) DayZ Commander (HKLM-x32\...\{99C28455-E285-4639-B4C6-9F747C0C3D4C}) (Version: 0.92.90 - Dotjosh Studios) Defy Gravity (HKLM-x32\...\Steam App 96100) (Version: - Fish Factory Games) Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version: - Eidos Montreal) Display Pilot (HKLM-x32\...\{6DD25D67-4339-47A1-950E-EEFC321CBB24}) (Version: 2.11.002 - Portrait Displays, Inc.) Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) eXceed 3rd - Jade Penetrate Black Package (HKLM-x32\...\Steam App 207400) (Version: - Tennen-sozai) Gameforge Live 2.0.2 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.2 - Gameforge) GameSpy Comrade (HKLM-x32\...\{894084B6-BC69-43B7-BF06-B93AECFEA520}) (Version: 2.1.1.214 - GameSpy) GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) GundeadliGne (HKLM-x32\...\Steam App 92220) (Version: - Platine Dispositif) Hotline Miami (HKLM-x32\...\Steam App 219150) (Version: - Dennaton Games) IconHandler 64 bit (Version: 2.0 - Corel Corporation) Hidden Infestation: Survivor Stories (HKLM-x32\...\Steam App 226700) (Version: - Hammerpoint Interactive) Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) KAMI (HKLM-x32\...\Steam App 272040) (Version: - State of Play Games) Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm) Left 4 Dead (HKLM-x32\...\Steam App 500) (Version: - Valve) Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.222 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.222 - LogMeIn, Inc.) Hidden Long Live The Queen (HKLM-x32\...\Steam App 251990) (Version: - Hanako Games) Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech) Manga Studio (HKLM-x32\...\{CFA66508-B19D-4032-AB0A-EBBA2BDF1368}) (Version: 5.0.0 - Smith Micro) Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version: - 4A Games) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (DEU) (Version: 4.5.51209 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.7969.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Basic 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Mitsurugi Kamui Hikae (HKLM-x32\...\Steam App 263620) (Version: - Zenith Blue) Monaco (HKLM-x32\...\Steam App 113020) (Version: - Pocketwatch Games) MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com) Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla) MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD) NEOTOKYO° (HKLM-x32\...\Steam App 244630) (Version: - STUDIO RADI-8) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.50.3 - Black Tree Gaming) NVIDIA 3D Vision Controller Driver (x32 Version: 280.19 - NVIDIA Corporation) Hidden NVIDIA 3D Vision Controller-Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.22 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 314.22 - NVIDIA Corporation) NVIDIA Grafiktreiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.22 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.23.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.23.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.133.902 - NVIDIA Corporation) Hidden NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1422 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 314.22 (Version: 314.22 - NVIDIA Corporation) Hidden NVIDIA Update 1.12.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.12.12 - NVIDIA Corporation) NVIDIA Update Components (Version: 1.12.12 - NVIDIA Corporation) Hidden Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.) osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy) Painter 12 - Content (Version: 12.4 - Corel Corporation) Hidden Painter 12 - Core (Version: 12.4 - Corel Corporation) Hidden Painter 12 - Corex64 (Version: 12.4 - Corel Corporation) Hidden Painter 12 - DE (Version: 12.4 - Corel Corporation) Hidden Painter 12 - EN (Version: 12.4 - Corel Corporation) Hidden Painter 12 - FR (Version: 12.4 - Corel Corporation) Hidden Painter 12 - IT (Version: 12.4 - Corel Corporation) Hidden Painter 12 - Setup Files (Version: 12.4 - Corel Corporation) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Pivot Pro Plugin (x32 Version: 9.61.004 - Portrait Displays, Inc.) Hidden PowerISO (HKLM-x32\...\PowerISO) (Version: 5.7 - Power Software Ltd) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.) puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert) Q.U.B.E: Director's Cut (HKLM-x32\...\Steam App 239430) (Version: - Toxic Games) Quake Live (HKLM-x32\...\Quake Live) (Version: - id Software) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6487 - Realtek Semiconductor Corp.) RIFT™ (HKLM-x32\...\Steam App 39120) (Version: - Trion Worlds) Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version: - Tripwire Interactive) RivaTuner Statistics Server 6.1.2 (HKLM-x32\...\RTSS) (Version: 6.1.2 - Unwinder) Sandboxie 4.08 (64-bit) (HKLM\...\Sandboxie) (Version: 4.08 - Sandboxie Holdings, LLC) Savant - Ascent (HKLM-x32\...\Steam App 259530) (Version: - DPad Studios) SDK (x32 Version: 2.40.007 - Portrait Displays, Inc.) Hidden Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version: - United Front Games) Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion) Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version: - Valve) Space Hack (HKLM-x32\...\Steam App 315260) (Version: - Rebelmind) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Steins;Gate version 1.0 (HKLM\...\{2A05A52B-BDD8-4FD5-A65A-687CB10D98DF}_is1) (Version: 1.0 - JAST USA) Super Hexagon (HKLM-x32\...\Steam App 221640) (Version: - Terry Cavanagh) Takedown: Red Sabre (HKLM-x32\...\Steam App 236510) (Version: - Serellan LLC) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer) TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH) The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) The Last Remnant (HKLM-x32\...\Steam App 23310) (Version: - SQUARE ENIX) The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts) The Walking Dead (HKLM-x32\...\Steam App 207610) (Version: - ) The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version: - Telltale Games) Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version: - Ubisoft Singapore) Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version: - Ubisoft Toronto) TrackMania² Canyon (HKLM-x32\...\Steam App 228760) (Version: - Nadeo) TrackMania² Stadium (HKLM-x32\...\Steam App 232910) (Version: - Nadeo) TrackMania² Valley (HKLM-x32\...\Steam App 243360) (Version: - Nadeo) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS) Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton) Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft) Vampire - The Masquerade Bloodlines (HKLM-x32\...\InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}) (Version: 1.00.0000 - Activision) Vampire - The Masquerade Bloodlines (x32 Version: 1.00.0000 - Activision) Hidden Vanguard Princess (HKLM-x32\...\Steam App 262150) (Version: - Tomoaki Sugeno) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) VVVVVV (HKLM-x32\...\Steam App 70300) (Version: - Terry Cavanagh) Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.8-4 - Wacom Technology Corp.) Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH) WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft) WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.) Window On Top version 3.8 (HKCU\...\{7F2C28D2-EE31-49A5-94F2-67285DAE372B}_is1) (Version: 3.8 - Skybn Software) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 06-08-2014 03:35:09 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2014-08-06 10:17 - 00000809 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05D8B960-D139-468A-BE4C-7B7FEB377383} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-20] (Google Inc.) Task: {2D9ECFD7-D91F-4799-B2DC-9C92C450438B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-25] (AVAST Software) Task: {44FEF404-4360-42DC-B6E2-D5F49A8D7701} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-20] (Google Inc.) Task: {76F23228-68F2-45B0-A716-AB3257B3B6B2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated) Task: {9788D847-1B07-4F98-866C-EC7E8AE3A945} - System32\Tasks\RTSS => C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe [2014-06-05] () Task: {AE68021E-B918-45BC-89F3-B31020938B78} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd) Task: {D127D84C-9C8C-49B5-B998-227887969A88} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-09-20 11:26 - 2013-03-15 06:16 - 00086304 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-07-23 19:10 - 2013-11-12 11:44 - 00098320 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook64.dll 2014-05-05 20:12 - 2014-04-22 00:30 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll 2012-05-04 15:41 - 2012-05-04 15:41 - 00211968 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2011-11-13 14:30 - 2011-11-13 14:30 - 00676864 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll 2011-11-13 14:31 - 2011-11-13 14:31 - 03643392 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll 2014-07-23 19:09 - 2013-11-12 11:44 - 00274960 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dthook.dll 2014-07-23 19:10 - 2013-11-12 11:44 - 00163344 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe 2014-07-23 19:10 - 2013-11-12 11:44 - 00197136 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe 2013-10-04 17:37 - 2014-08-05 07:02 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2012-01-10 14:41 - 2014-04-19 23:50 - 00567880 _____ () C:\Program Files (x86)\puush\puush.exe 2014-07-21 13:54 - 2014-07-21 13:54 - 02793472 _____ () C:\Program Files\AVAST Software\Avast\defs\14072100\algo.dll 2014-08-05 19:45 - 2014-08-05 19:45 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14080500\algo.dll 2014-07-23 19:10 - 2013-11-12 11:44 - 00093712 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook.dll 2014-06-25 02:03 - 2014-06-25 02:03 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-07-23 19:09 - 2013-11-12 11:44 - 00187920 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll 2014-07-24 15:31 - 2013-09-03 14:01 - 00736768 _____ () C:\Program Files (x86)\Last.fm\unicorn.dll 2014-07-24 15:31 - 2013-09-03 14:01 - 00032768 _____ () C:\Program Files (x86)\Last.fm\logger.dll 2014-07-24 15:31 - 2013-09-03 10:54 - 00351232 _____ () C:\Program Files (x86)\Last.fm\lastfm.dll 2014-07-24 15:31 - 2013-09-03 14:01 - 00126976 _____ () C:\Program Files (x86)\Last.fm\listener.dll 2014-07-24 15:32 - 2013-01-18 12:39 - 00302592 _____ () C:\Program Files (x86)\Last.fm\phonon.dll 2014-07-24 15:32 - 2013-01-18 12:49 - 00182784 _____ () C:\Program Files (x86)\Last.fm\plugins\phonon_backend\phonon_vlc.dll 2014-07-24 15:32 - 2012-12-13 01:12 - 00111104 _____ () C:\Program Files (x86)\Last.fm\libvlc.dll 2014-07-24 15:32 - 2012-12-13 01:13 - 02286592 _____ () C:\Program Files (x86)\Last.fm\libvlccore.dll 2014-07-24 15:32 - 2012-12-13 01:13 - 00049664 _____ () C:\Program Files (x86)\Last.fm\plugins\audio_output\libaout_directx_plugin.dll 2014-03-13 17:16 - 2014-03-13 17:16 - 00148480 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\quazip.dll 2014-03-13 17:16 - 2014-03-13 17:16 - 00864768 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\platforms\qwindows.dll 2014-03-13 17:16 - 2014-03-13 17:16 - 00677376 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\sqldrivers\qsqlite.dll 2013-09-09 10:31 - 2014-07-15 20:16 - 00092104 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll 2013-09-09 10:31 - 2014-07-15 20:16 - 00105416 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll 2014-03-13 17:16 - 2014-03-13 17:16 - 00025600 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qgif.dll 2014-03-13 17:16 - 2014-03-13 17:16 - 00242688 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qjpeg.dll 2013-09-09 10:31 - 2014-07-15 20:16 - 00477128 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll 2013-09-09 10:31 - 2014-07-15 20:16 - 00484808 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll 2014-03-13 17:16 - 2014-03-13 17:16 - 00123904 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll 2014-07-19 00:41 - 2014-07-15 11:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll 2014-07-19 00:41 - 2014-07-15 11:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll 2014-07-19 00:41 - 2014-07-15 11:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll 2014-07-19 00:41 - 2014-07-15 11:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll 2014-07-19 00:41 - 2014-07-15 11:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll 2014-07-19 00:41 - 2014-07-15 11:24 - 14664008 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll 2014-05-01 02:31 - 2014-08-04 21:19 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll 2014-03-04 16:08 - 2014-08-04 21:19 - 00441856 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll 2013-12-14 04:31 - 2014-08-04 21:19 - 00332288 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll 2013-09-20 12:05 - 2014-08-04 21:18 - 00769024 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2014-05-01 02:31 - 2014-08-04 23:18 - 02143936 _____ () C:\Program Files (x86)\Steam\video.dll 2014-05-01 02:31 - 2014-08-04 21:19 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll 2014-05-01 02:31 - 2014-07-31 04:51 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll 2013-09-20 15:12 - 2014-08-04 23:18 - 00677056 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2013-09-20 15:12 - 2014-08-04 21:18 - 34586816 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2014-07-24 02:53 - 2014-08-04 21:18 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll 2014-07-24 15:05 - 2014-07-24 15:05 - 00505344 _____ () C:\Program Files (x86)\AIMP3\sqlite3.dll 2014-07-24 15:05 - 2014-07-24 15:05 - 00218112 _____ () C:\Program Files (x86)\AIMP3\libsoxr.dll 2014-07-24 15:05 - 2014-07-24 15:05 - 00220672 _____ () C:\Program Files (x86)\AIMP3\Modules\MACDll.dll 2014-07-24 15:05 - 2014-07-24 15:05 - 00294400 _____ () C:\Program Files (x86)\AIMP3\Modules\libFLAC.dll 2014-07-24 15:05 - 2014-07-24 15:05 - 01733120 _____ () C:\Program Files (x86)\AIMP3\Modules\aimp_libvorbis.dll 2014-07-24 15:05 - 2014-07-24 15:05 - 00072136 _____ () C:\Program Files (x86)\AIMP3\Plugins\aimp_lastfm.dll 2014-07-24 15:05 - 2014-07-24 15:05 - 00026624 _____ () C:\Program Files (x86)\AIMP3\Plugins\Aorta.svp 2014-07-24 15:05 - 2014-07-24 15:05 - 00237568 _____ () C:\Program Files (x86)\AIMP3\Plugins\OptimFROG.dll 2014-07-24 15:05 - 2014-07-24 15:05 - 00141768 _____ () C:\Program Files (x86)\AIMP3\Plugins\PandemicAnalogMeter.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:AD022376 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/06/2014 08:53:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: SHLWAPI.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9ab Ausnahmecode: 0xc000041d Fehleroffset: 0x0000000000013d13 ID des fehlerhaften Prozesses: 0x4940 Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0 Pfad der fehlerhaften Anwendung: explorer.exe1 Pfad des fehlerhaften Moduls: explorer.exe2 Berichtskennung: explorer.exe3 Error: (08/06/2014 08:53:23 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: SHLWAPI.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9ab Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000013d13 ID des fehlerhaften Prozesses: 0x4940 Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0 Pfad der fehlerhaften Anwendung: explorer.exe1 Pfad des fehlerhaften Moduls: explorer.exe2 Berichtskennung: explorer.exe3 Error: (08/06/2014 08:51:44 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24 Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000c4102 ID des fehlerhaften Prozesses: 0xde4 Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0 Pfad der fehlerhaften Anwendung: explorer.exe1 Pfad des fehlerhaften Moduls: explorer.exe2 Berichtskennung: explorer.exe3 Error: (08/06/2014 04:25:26 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (08/05/2014 04:29:44 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (08/04/2014 07:49:56 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: AIMP3.exe, Version: 3.5.5.1355, Zeitstempel: 0x53c3f9ff Name des fehlerhaften Moduls: AIMP3.dll, Version: 3.5.5.1355, Zeitstempel: 0x53c3f9fa Ausnahmecode: 0xc0000005 Fehleroffset: 0x003cb701 ID des fehlerhaften Prozesses: 0x38b0 Startzeit der fehlerhaften Anwendung: 0xAIMP3.exe0 Pfad der fehlerhaften Anwendung: AIMP3.exe1 Pfad des fehlerhaften Moduls: AIMP3.exe2 Berichtskennung: AIMP3.exe3 Error: (08/04/2014 04:17:38 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (08/03/2014 02:43:53 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (08/02/2014 04:30:45 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (08/02/2014 03:42:08 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: AIMP3.exe, Version: 3.5.5.1355, Zeitstempel: 0x53c3f9ff Name des fehlerhaften Moduls: AIMP3.dll, Version: 3.5.5.1355, Zeitstempel: 0x53c3f9fa Ausnahmecode: 0xc0000005 Fehleroffset: 0x003cb767 ID des fehlerhaften Prozesses: 0x2764 Startzeit der fehlerhaften Anwendung: 0xAIMP3.exe0 Pfad der fehlerhaften Anwendung: AIMP3.exe1 Pfad des fehlerhaften Moduls: AIMP3.exe2 Berichtskennung: AIMP3.exe3 System errors: ============= Error: (08/06/2014 04:40:02 AM) (Source: volsnap) (EventID: 36) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (08/01/2014 04:58:54 AM) (Source: volsnap) (EventID: 36) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (07/27/2014 05:03:45 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht. Error: (07/23/2014 04:50:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (07/22/2014 03:55:59 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: ) Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist. Error: (07/21/2014 07:55:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (07/21/2014 07:50:01 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren. Error: (07/21/2014 07:46:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (07/21/2014 01:54:26 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht. Error: (07/17/2014 00:46:56 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht. Microsoft Office Sessions: ========================= Error: (08/06/2014 08:53:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: explorer.exe6.1.7601.175674d672ee4SHLWAPI.dll6.1.7601.175144ce7c9abc000041d0000000000013d13494001cfb142e92a3231C:\Windows\explorer.exeC:\Windows\system32\SHLWAPI.dll670778c7-1d36-11e4-990f-8c89a59cdb65 Error: (08/06/2014 08:53:23 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: explorer.exe6.1.7601.175674d672ee4SHLWAPI.dll6.1.7601.175144ce7c9abc00000050000000000013d13494001cfb142e92a3231C:\Windows\explorer.exeC:\Windows\system32\SHLWAPI.dll5b2b41c2-1d36-11e4-990f-8c89a59cdb65 Error: (08/06/2014 08:51:44 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: explorer.exe6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c000037400000000000c4102de401cfa83fe9335ba0C:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll203c7caa-1d36-11e4-990f-8c89a59cdb65 Error: (08/06/2014 04:25:26 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (08/05/2014 04:29:44 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (08/04/2014 07:49:56 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: AIMP3.exe3.5.5.135553c3f9ffAIMP3.dll3.5.5.135553c3f9fac0000005003cb70138b001cfafa7bec79585C:\PROGRA~2\AIMP3\AIMP3.exeC:\PROGRA~2\AIMP3\AIMP3.dll295270bd-1b9b-11e4-990f-8c89a59cdb65 Error: (08/04/2014 04:17:38 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (08/03/2014 02:43:53 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (08/02/2014 04:30:45 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (08/02/2014 03:42:08 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: AIMP3.exe3.5.5.135553c3f9ffAIMP3.dll3.5.5.135553c3f9fac0000005003cb767276401cfac4421e8d5c9C:\Program Files (x86)\AIMP3\AIMP3.exeC:\Program Files (x86)\AIMP3\AIMP3.dll3699ecec-19e6-11e4-990f-8c89a59cdb65 ==================== Memory info =========================== Percentage of memory in use: 66% Total physical RAM: 6114.15 MB Available physical RAM: 2073.72 MB Total Pagefile: 12226.48 MB Available Pagefile: 8078.96 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.41 GB) (Free:52.48 GB) NTFS Drive g: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 5B9EA6E7) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
06.08.2014, 11:01 | #4 |
/// TB-Ausbilder | Fake E-Mail mit anhang erhalten. Dummerweise (.zip) datei heruntergeladen aber nicht geöffnet. Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
06.08.2014, 11:51 | #5 |
| Fake E-Mail mit anhang erhalten. Dummerweise (.zip) datei heruntergeladen aber nicht geöffnet.Code:
ATTFilter # AdwCleaner v3.302 - Bericht erstellt am 06/08/2014 um 12:14:06 # Aktualisiert 30/07/2014 von Xplode # Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits) # Benutzername : Arthur - ARTHUR-PC # Gestartet von : C:\Users\Arthur\Desktop\adwcleaner_3.302.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect Ordner Gelöscht : C:\Users\Arthur\AppData\Local\Temp\OCS Ordner Gelöscht : C:\Users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\l246q0wt.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} ***** [ Tasks ] ***** ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect Schlüssel Gelöscht : HKCU\Software\OCS Schlüssel Gelöscht : HKLM\Software\supWindowsMangerProtect ***** [ Browser ] ***** -\\ Internet Explorer v0.0.0.0 -\\ Mozilla Firefox v30.0 (de) [ Datei : C:\Users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\l246q0wt.default\prefs.js ] -\\ Google Chrome v36.0.1985.125 [ Datei : C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\preferences ] Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms} ************************* AdwCleaner[R0].txt - [7860 octets] - [27/01/2014 01:33:19] AdwCleaner[R1].txt - [12163 octets] - [06/02/2014 11:59:56] AdwCleaner[R2].txt - [12224 octets] - [06/02/2014 12:04:29] AdwCleaner[R3].txt - [1143 octets] - [06/02/2014 15:03:07] AdwCleaner[R4].txt - [6559 octets] - [09/07/2014 00:36:45] AdwCleaner[R5].txt - [2048 octets] - [06/08/2014 12:11:51] AdwCleaner[S0].txt - [10235 octets] - [06/02/2014 12:05:48] AdwCleaner[S1].txt - [1154 octets] - [06/02/2014 15:06:24] AdwCleaner[S2].txt - [5968 octets] - [09/07/2014 00:38:43] AdwCleaner[S3].txt - [1992 octets] - [06/08/2014 12:14:06] ########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2052 octets] ########## Nr. 2 Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 06.08.2014 Suchlauf-Zeit: 12:23:40 Logdatei: MBAM Suchverlauf.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.08.06.02 Rootkit Datenbank: v2014.08.04.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Arthur Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 368126 Verstrichene Zeit: 14 Min, 12 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 2 PUP.Optional.Babylon.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [500a2e95a2d9b086f85d94cf5da56a96], PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-3.8, In Quarantäne, [1f3b6162621982b4d3feef0336cc2fd1], Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 1 PUP.Optional.CrossRider.A, C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ofjgnhihlklpobkaloamkankaaoclfjh, In Quarantäne, [6af0596af685f343c200229fea1853ad], Dateien: 19 PUP.Optional.Freemium.A, C:\Users\Arthur\Downloads\ds3-tool.exe, In Quarantäne, [0b4f2b9849324beb766258d82ad7d52b], PUP.Optional.OpenCandy, C:\Users\Arthur\Downloads\PowerISO_5.7.exe, In Quarantäne, [8dcd4e755a21bf7769c55d8bb84cea16], PUP.Optional.Softonic.A, C:\Users\Arthur\Downloads\SoftonicDownloader_for_visual-basic-runtime-files.exe, In Quarantäne, [1842c201f58652e4968472b8738e669a], PUP.Optional.Softonic.A, C:\Users\Arthur\Downloads\SoftonicDownloader_fuer_visual-basic-2010-express.exe, In Quarantäne, [1446873c502b2115a5750624629f31cf], PUP.Optional.InstallMonetizer, C:\Users\Arthur\Downloads\autoexec.cfg.exe, In Quarantäne, [e1791aa97b00f1457742b192a85c5fa1], PUP.Optional.iBryte, C:\Users\Arthur\Downloads\DayZ_Commander_Setup.exe, In Quarantäne, [77e318ab65166bcbf59e20027f82b947], PUP.Optional.Installrex, C:\Users\Arthur\Downloads\Steins Gate - Believe Me.exe, In Quarantäne, [7ddd655ebdbe93a388c24c0949b8956b], Hacktool.Agent, C:\Users\Arthur\Downloads\Windows+Loader.rar, In Quarantäne, [51098c3713686fc7d7046fe43ec3946c], PUP.Optional.PricePeep.A, C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage, In Quarantäne, [203a0db60e6d0234bde969ca13f1b24e], PUP.Optional.QuickStart.A, C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage, In Quarantäne, [045691327ffc7cbabcdac86cfd078e72], PUP.Optional.QuickStart.A, C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage-journal, In Quarantäne, [17436f5462197bbb8f07d65eff05bc44], PUP.Optional.CrossRider.A, C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ofjgnhihlklpobkaloamkankaaoclfjh\000005.ldb, In Quarantäne, [6af0596af685f343c200229fea1853ad], PUP.Optional.CrossRider.A, C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ofjgnhihlklpobkaloamkankaaoclfjh\000008.ldb, In Quarantäne, [6af0596af685f343c200229fea1853ad], PUP.Optional.CrossRider.A, C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ofjgnhihlklpobkaloamkankaaoclfjh\000009.log, In Quarantäne, [6af0596af685f343c200229fea1853ad], PUP.Optional.CrossRider.A, C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ofjgnhihlklpobkaloamkankaaoclfjh\CURRENT, In Quarantäne, [6af0596af685f343c200229fea1853ad], PUP.Optional.CrossRider.A, C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ofjgnhihlklpobkaloamkankaaoclfjh\LOCK, In Quarantäne, [6af0596af685f343c200229fea1853ad], PUP.Optional.CrossRider.A, C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ofjgnhihlklpobkaloamkankaaoclfjh\LOG, In Quarantäne, [6af0596af685f343c200229fea1853ad], PUP.Optional.CrossRider.A, C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ofjgnhihlklpobkaloamkankaaoclfjh\LOG.old, In Quarantäne, [6af0596af685f343c200229fea1853ad], PUP.Optional.CrossRider.A, C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ofjgnhihlklpobkaloamkankaaoclfjh\MANIFEST-000007, In Quarantäne, [6af0596af685f343c200229fea1853ad], Physische Sektoren: 0 (No malicious items detected) (end) FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-08-2014 Ran by Arthur (administrator) on ARTHUR-PC on 06-08-2014 12:48:23 Running from C:\Users\Arthur\Desktop Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe () C:\Program Files (x86)\puush\puush.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Portrait Displays, Inc) C:\Program Files (x86)\BenQ\Display Pilot\dthtml.exe (Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelper.exe () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7512680 2011-10-25] (Realtek Semiconductor) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-05-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-07-04] (AVAST Software) HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [112424 2013-06-18] () HKLM-x32\...\Run: [DT BEN] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [122384 2013-11-12] (Portrait Displays, Inc.) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.) HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-09-23] (Microsoft Corporation) HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect" HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1743552 2014-08-04] (Valve Corporation) HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2014-01-17] (Sandboxie Holdings, LLC) HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-04-19] () HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\Run: [GoogleChromeAutoLaunch_F60E728FC0755B5DBDB7EA812CDE9796] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.) HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\MountPoints2: E - E:\XeonKing.exe HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\MountPoints2: H - H:\setup.exe HKU\S-1-5-21-1559702124-2180151018-3086550288-1465\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) BootExecute: autocheck autochk * sh4native Sh4Removal ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x52BD7912E8B5CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{268E32A1-D16F-410C-A561-2276A5C9AFA5}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 FireFox: ======== FF ProfilePath: C:\Users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\l246q0wt.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Arthur\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: MEGA - C:\Users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\l246q0wt.default\Extensions\firefox@mega.co.nz.xpi [2014-07-23] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-22] Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR Extension: (Turn Off the Lights) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2014-05-17] CHR Extension: (WOT) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-05-24] CHR Extension: (James White) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2014-05-18] CHR Extension: (Adblock Plus) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-17] CHR Extension: (Turn Off the Lights) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\labjanboighjienkhiabgpefblkbmemd [2014-05-17] CHR Extension: (Google Wallet) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-20] CHR Extension: (Hover Zoom) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2014-07-04] CHR Extension: (Auto Refresh Plus) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilipfekkmncanaajkapbpancpelijih [2014-06-06] CHR HKCU\...\Chrome\Extension: [jopemfhojpebdeollanchfjhpbkcijoi] - C:\Users\Arthur\AppData\Local\CRE\jopemfhojpebdeollanchfjhpbkcijoi.crx [2013-12-27] CHR HKLM-x32\...\Chrome\Extension: [jopemfhojpebdeollanchfjhpbkcijoi] - C:\Users\Arthur\AppData\Local\CRE\jopemfhojpebdeollanchfjhpbkcijoi.crx [2013-12-27] CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-05-04] (Advanced Micro Devices, Inc.) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-25] (AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-10-03] () [File not signed] R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138768 2013-11-12] (Portrait Displays, Inc.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4868640 2013-08-25] (INCA Internet Co., Ltd.) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-05] () R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [635160 2014-04-22] (Wacom Technology, Corp.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55936 2011-11-13] (Advanced Micro Devices) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-25] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-25] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-25] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-25] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-25] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-25] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-25] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-25] () R3 hamachi; C:\Windows\System32\DRIVERS\Hamdrv.sys [46136 2013-07-03] (LogMeIn Inc.) R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC) S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S3 GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\EasyBoost\GPCIDrv64.sys [X] S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X] S3 TVICHW32; \??\C:\Program Files (x86)\GIGABYTE\EasyBoost\TVicHW64.sys [X] S3 USBMULCD; system32\drivers\CM10664.sys [X] S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X] S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-06 12:48 - 2014-08-06 12:48 - 00020267 _____ () C:\Users\Arthur\Desktop\FRST.txt 2014-08-06 12:46 - 2014-08-06 12:46 - 00005089 _____ () C:\Users\Arthur\Desktop\MBAM Suchverlauf.txt 2014-08-06 12:37 - 2014-08-06 12:37 - 09807534 _____ () C:\Users\Arthur\Downloads\Feyris+Nyan+Mix.rar 2014-08-06 12:22 - 2014-08-06 12:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-06 12:22 - 2014-08-06 12:22 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-08-06 12:22 - 2014-08-06 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-06 12:22 - 2014-08-06 12:22 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-06 12:22 - 2014-08-06 12:21 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Arthur\Desktop\mbam-setup-2.0.2.1012.exe 2014-08-06 12:22 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-08-06 12:22 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-08-06 12:22 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-08-06 12:21 - 2014-08-06 12:21 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Arthur\Downloads\mbam-setup-2.0.2.1012.exe 2014-08-06 12:19 - 2014-08-06 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2014-08-06 12:16 - 2014-08-06 12:42 - 00008522 _____ () C:\Windows\PFRO.log 2014-08-06 12:11 - 2014-08-06 12:11 - 01361309 _____ () C:\Users\Arthur\Downloads\adwcleaner_3.302.exe 2014-08-06 12:11 - 2014-08-06 12:11 - 01361309 _____ () C:\Users\Arthur\Desktop\adwcleaner_3.302.exe 2014-08-06 12:09 - 2014-08-06 12:40 - 00000091 _____ () C:\Users\Arthur\Desktop\youtube.txt 2014-08-06 10:36 - 2014-08-06 10:37 - 00049870 _____ () C:\Users\Arthur\Downloads\Addition.txt 2014-08-06 10:34 - 2014-08-06 12:48 - 00000000 ____D () C:\FRST 2014-08-06 10:34 - 2014-08-06 10:37 - 00057540 _____ () C:\Users\Arthur\Downloads\FRST.txt 2014-08-06 10:34 - 2014-08-06 10:34 - 02094080 _____ (Farbar) C:\Users\Arthur\Desktop\FRST64.exe 2014-08-06 10:15 - 2014-08-06 10:17 - 00011862 _____ () C:\Users\Arthur\Desktop\hijackthis.log 2014-08-06 09:27 - 2014-08-06 09:27 - 00000195 _____ () C:\Users\Arthur\Desktop\redditpost.txt 2014-08-05 11:55 - 2014-08-05 11:55 - 00019164 _____ () C:\Users\Arthur\AppData\Local\recently-used.xbel 2014-08-05 03:56 - 2014-08-05 03:56 - 12875367 _____ () C:\Users\Arthur\Downloads\Escalon+v6 (1).rar 2014-08-05 03:41 - 2014-08-05 12:00 - 00000618 _____ () C:\Users\Arthur\Desktop\[box image dinger].txt 2014-08-05 03:33 - 2014-08-05 03:33 - 12067624 _____ () C:\Users\Arthur\Downloads\bestest+evar.rar 2014-08-04 18:31 - 2014-08-04 18:31 - 12875367 _____ () C:\Users\Arthur\Downloads\Escalon+v6.rar 2014-08-04 07:38 - 2014-08-04 07:39 - 208775365 _____ () C:\Users\Arthur\Downloads\Approved #5.rar 2014-08-04 07:36 - 2014-08-04 07:38 - 199019790 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #322.rar 2014-08-04 07:35 - 2014-08-04 07:38 - 205572784 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #321.rar 2014-08-02 07:47 - 2014-08-02 07:47 - 23301624 _____ (ArenaNet) C:\Users\Arthur\Downloads\Gw2Setup.exe 2014-08-02 03:40 - 2014-08-02 03:40 - 01010652 _____ () C:\Users\Arthur\Downloads\Clonk-Clonk.rar 2014-08-02 03:16 - 2014-08-02 03:16 - 01726708 _____ () C:\Users\Arthur\Downloads\Red+as+fuck.osk 2014-08-02 02:11 - 2014-08-02 02:11 - 00001399 _____ () C:\Users\Arthur\Desktop\osuTrainer - Verknüpfung.lnk 2014-08-02 00:55 - 2014-08-02 00:55 - 31604446 _____ () C:\Users\Arthur\Downloads\Nara+4.7.zip 2014-08-02 00:55 - 2014-08-02 00:55 - 07135462 _____ () C:\Users\Arthur\Downloads\default.zip 2014-08-01 23:34 - 2014-08-01 23:34 - 00000000 ____D () C:\Users\Arthur\AppData\Local\osuTrainer 2014-08-01 23:33 - 2014-08-02 02:11 - 00000000 ____D () C:\Program Files (x86)\Osu!trainer 2014-08-01 23:32 - 2014-08-01 23:32 - 01277651 _____ () C:\Users\Arthur\Downloads\osuTrainer.zip 2014-07-31 23:48 - 2014-07-31 23:48 - 07694565 _____ () C:\Users\Arthur\Downloads\39043 Nicki Minaj - Super Bass.osz 2014-07-31 06:11 - 2014-07-31 06:11 - 04065865 _____ () C:\Users\Arthur\Downloads\28751 07th Expansion - rog-unlimitation.osz 2014-07-28 23:18 - 2014-07-28 23:18 - 00000219 _____ () C:\Users\Arthur\Desktop\Counter-Strike Global Offensive.url 2014-07-27 20:02 - 2014-07-27 20:03 - 00000000 ____D () C:\Users\Arthur\Documents\BFBC2 2014-07-27 20:01 - 2014-07-27 20:01 - 02434856 _____ () C:\Windows\SysWOW64\pbsvc_bc2.exe 2014-07-27 20:00 - 2014-07-27 20:00 - 00018511 _____ () C:\Windows\DirectX.log 2014-07-27 07:58 - 2014-07-27 07:59 - 27377569 _____ () C:\Users\Arthur\Downloads\Syrasu2.rar 2014-07-26 23:39 - 2014-07-26 23:39 - 02239108 _____ () C:\Users\Arthur\Downloads\osuStreamSpeed.jar 2014-07-26 17:31 - 2014-07-26 17:32 - 87502847 _____ () C:\Users\Arthur\Downloads\WWWskin (2).rar 2014-07-26 17:31 - 2014-07-26 17:32 - 113746536 _____ () C:\Users\Arthur\Downloads\WWWskin (1).rar 2014-07-26 16:28 - 2014-07-26 16:28 - 87502847 _____ () C:\Users\Arthur\Downloads\WWWskin.rar 2014-07-25 23:02 - 2014-07-25 23:02 - 09791148 _____ () C:\Users\Arthur\Downloads\Skins.rar 2014-07-25 23:02 - 2014-07-25 23:02 - 07241953 _____ () C:\Users\Arthur\Downloads\cptnxn2.rar 2014-07-25 19:57 - 2014-07-25 19:57 - 00024919 _____ () C:\Users\Arthur\Downloads\Scorebar.rar 2014-07-25 01:19 - 2014-07-25 01:31 - 2228035460 _____ () C:\Users\Arthur\Downloads\DLC.rar 2014-07-25 00:36 - 2014-07-25 00:36 - 00002899 _____ () C:\Users\Arthur\Desktop\iw4m - Verknüpfung.lnk 2014-07-25 00:29 - 2014-07-25 00:30 - 1506894037 _____ () C:\Users\Arthur\Downloads\MW2 English Patch.zip 2014-07-25 00:25 - 2014-07-25 00:25 - 00221087 _____ () C:\Users\Arthur\Downloads\Default Style Client UpdaterV3.rar 2014-07-25 00:24 - 2014-07-25 01:43 - 00000000 ____D () C:\Users\Arthur\Documents\RepZIW4M 2014-07-24 15:38 - 2014-07-24 15:38 - 00000000 ____D () C:\ProgramData\Last.fm 2014-07-24 15:38 - 2014-07-24 15:38 - 00000000 ____D () C:\Program Files (x86)\Winamp 2014-07-24 15:32 - 2014-07-24 15:32 - 00000985 _____ () C:\Users\Public\Desktop\Last.fm Scrobbler.lnk 2014-07-24 15:32 - 2014-07-24 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm 2014-07-24 15:31 - 2014-08-06 07:57 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Last.fm 2014-07-24 15:31 - 2014-07-24 15:32 - 00000000 ____D () C:\Program Files (x86)\Last.fm 2014-07-24 15:31 - 2014-07-24 15:31 - 14916216 _____ (Last.fm ) C:\Users\Arthur\Downloads\Last.fm-2.1.36.exe 2014-07-24 15:29 - 2014-07-24 15:29 - 00000125 _____ () C:\Users\Arthur\Downloads\playlist.pls 2014-07-24 15:25 - 2014-07-24 15:25 - 00000200 _____ () C:\Users\Arthur\Downloads\listen (1).pls 2014-07-24 15:21 - 2014-07-24 15:21 - 00214688 _____ () C:\Users\Arthur\Downloads\metro_skin_for_aimp3_by_ikorolkov-d4qqujr.rar 2014-07-24 15:05 - 2014-08-06 08:03 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\AIMP3 2014-07-24 15:05 - 2014-07-24 15:05 - 00000909 _____ () C:\Users\Public\Desktop\AIMP3.lnk 2014-07-24 15:05 - 2014-07-24 15:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3 2014-07-24 15:05 - 2014-07-24 15:05 - 00000000 ____D () C:\Program Files (x86)\AIMP3 2014-07-24 15:03 - 2014-07-24 15:03 - 07771936 _____ (AIMP DevTeam) C:\Users\Arthur\Downloads\aimp_3.55.1355.exe 2014-07-24 03:03 - 2014-07-25 02:28 - 00003030 _____ () C:\Windows\System32\Tasks\RTSS 2014-07-24 02:57 - 2014-08-06 12:17 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server 2014-07-24 02:57 - 2014-07-24 02:57 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server 2014-07-24 02:56 - 2014-07-25 02:28 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner 2014-07-24 02:56 - 2014-07-24 02:56 - 00001090 _____ () C:\Users\Arthur\Desktop\MSI Afterburner.lnk 2014-07-24 02:56 - 2014-07-24 02:56 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner 2014-07-24 02:55 - 2014-07-24 02:55 - 29239096 _____ () C:\Users\Arthur\Downloads\MSIAfterburnerSetup301.zip 2014-07-24 02:53 - 2014-07-24 02:53 - 00826192 _____ (Chip Digital GmbH) C:\Users\Arthur\Downloads\MSI Afterburner - CHIP-Installer.exe 2014-07-23 22:04 - 2014-07-23 22:04 - 00002966 _____ () C:\Users\Arthur\Desktop\BlackOpsMP.lnk 2014-07-23 22:04 - 2014-07-23 22:04 - 00002936 _____ () C:\Users\Arthur\Desktop\BlackOps.lnk 2014-07-23 22:04 - 2014-07-23 22:04 - 00002909 _____ () C:\Users\Arthur\Desktop\repzOps.lnk 2014-07-23 22:03 - 2014-07-23 22:03 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Macromedia 2014-07-23 21:59 - 2014-07-23 21:59 - 00000000 __RHD () C:\Users\Arthur\AppData\Roaming\SecuROM 2014-07-23 21:59 - 2014-07-23 21:59 - 00000000 ____D () C:\Users\Public\Documents\EA Games 2014-07-23 21:08 - 2014-07-23 21:08 - 17089296 _____ (Electronic Arts, Inc.) C:\Users\Arthur\Downloads\OriginThinSetup.exe 2014-07-23 19:10 - 2014-07-23 19:10 - 00001943 _____ () C:\Users\Public\Desktop\Display Pilot.lnk 2014-07-23 19:10 - 2014-07-23 19:10 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\DisplayTune 2014-07-23 19:10 - 2014-07-23 19:10 - 00000000 ____D () C:\Users\Arthur\AppData\Local\DisplayTune 2014-07-23 19:10 - 2014-07-23 19:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BenQ 2014-07-23 19:09 - 2014-07-23 19:09 - 00000000 ____D () C:\Program Files (x86)\Portrait Displays 2014-07-23 19:09 - 2011-02-19 23:03 - 00421200 _____ (Microsoft Corporation) C:\Windows\msvcp100.dll 2014-07-23 19:09 - 2011-02-19 00:40 - 00773968 _____ (Microsoft Corporation) C:\Windows\msvcr100.dll 2014-07-23 19:09 - 2009-07-12 00:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\mfcm80.dll 2014-07-23 19:09 - 2009-07-12 00:55 - 00632656 _____ (Microsoft Corporation) C:\Windows\msvcr80.dll 2014-07-23 19:09 - 2009-07-12 00:55 - 00554832 _____ (Microsoft Corporation) C:\Windows\msvcp80.dll 2014-07-23 19:09 - 2009-07-12 00:55 - 00479232 _____ (Microsoft Corporation) C:\Windows\msvcm80.dll 2014-07-23 19:09 - 2009-07-12 00:55 - 00057856 _____ (Microsoft Corporation) C:\Windows\mfcm80u.dll 2014-07-23 19:09 - 2009-07-11 19:46 - 01105920 _____ (Microsoft Corporation) C:\Windows\mfc80.dll 2014-07-23 19:09 - 2009-07-11 19:46 - 01093120 _____ (Microsoft Corporation) C:\Windows\mfc80u.dll 2014-07-23 19:09 - 2009-07-11 19:46 - 00002372 _____ () C:\Windows\Microsoft.VC80.MFC.manifest 2014-07-23 19:09 - 2009-07-11 18:10 - 00097280 _____ (Microsoft Corporation) C:\Windows\atl80.dll 2014-07-23 19:09 - 2009-07-11 18:10 - 00001870 _____ () C:\Windows\Microsoft.VC80.CRT.manifest 2014-07-23 19:09 - 2009-07-11 18:10 - 00000466 _____ () C:\Windows\Microsoft.VC80.ATL.manifest 2014-07-23 19:09 - 2007-04-04 10:30 - 00007432 _____ () C:\Windows\SysWOW64\Machnm32.sys 2014-07-23 19:09 - 2004-08-04 00:56 - 01392671 _____ (Microsoft Corporation) C:\Windows\msvbvm60.dll 2014-07-23 19:09 - 2002-01-05 04:48 - 00974848 _____ (Microsoft Corporation) C:\Windows\mfc70.dll 2014-07-23 19:09 - 2002-01-05 03:40 - 00487424 _____ (Microsoft Corporation) C:\Windows\msvcp70.dll 2014-07-23 19:09 - 2002-01-05 03:37 - 00344064 _____ (Microsoft Corporation) C:\Windows\msvcr70.dll 2014-07-23 19:09 - 2001-06-01 08:26 - 00372736 _____ (Intel Corporation) C:\Windows\ijl15.dll 2014-07-23 19:08 - 2014-07-23 19:08 - 00000000 ____D () C:\Program Files (x86)\BenQ 2014-07-23 19:07 - 2014-07-23 19:07 - 27745611 _____ () C:\Users\Arthur\Downloads\benq_display_pilot-setup.rar 2014-07-23 19:02 - 2014-08-06 12:42 - 00000112 _____ () C:\Windows\setupact.log 2014-07-23 19:02 - 2014-07-23 19:02 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-23 07:19 - 2014-07-23 22:04 - 00000000 ____D () C:\Users\Arthur\Documents\RepZOps 2014-07-23 03:39 - 2014-07-23 03:39 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-07-23 03:39 - 2014-07-23 03:39 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-07-23 03:39 - 2014-07-23 03:39 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Mozilla 2014-07-23 03:39 - 2014-07-23 03:39 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Mozilla 2014-07-23 03:39 - 2014-07-23 03:39 - 00000000 ____D () C:\ProgramData\Mozilla 2014-07-23 03:36 - 2014-07-23 03:36 - 30063128 _____ (Mozilla) C:\Users\Arthur\Downloads\Firefox Setup 30.0_de.exe 2014-07-22 22:42 - 2014-07-22 23:10 - 00000000 ____D () C:\Users\Arthur\Desktop\Gimp 2014-07-22 22:39 - 2014-07-22 22:39 - 00000000 ____D () C:\Users\Arthur\AppData\Local\webkit 2014-07-22 16:53 - 2014-07-22 16:53 - 00000000 ____D () C:\Users\Arthur\Desktop\Beta 2ns sugoi ! 1 2014-07-22 16:52 - 2014-07-22 16:53 - 00000000 ____D () C:\Users\Arthur\Desktop\Schlagsounds AKA Tischtennismatch 2014-07-21 19:49 - 2014-08-06 12:19 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk 2014-07-15 20:56 - 2014-07-15 20:56 - 00019682 _____ () C:\Users\Arthur\Downloads\OsuLastFm.zip 2014-07-15 17:50 - 2014-07-15 17:52 - 137078872 _____ () C:\Users\Arthur\Downloads\(pro) Players Skin Compendium (Part 1).rar 2014-07-15 07:36 - 2014-07-15 07:36 - 06345434 _____ () C:\Users\Arthur\Downloads\cookie-.rar 2014-07-14 03:55 - 2014-07-14 03:55 - 17013628 _____ () C:\Users\Arthur\Downloads\chocolat+vanilla.rar 2014-07-14 01:16 - 2014-07-14 01:16 - 04562655 _____ () C:\Users\Arthur\Downloads\Hitlerrede.webm 2014-07-14 01:12 - 2014-07-14 01:13 - 207874831 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #361.rar 2014-07-13 17:48 - 2014-07-13 17:48 - 07275566 _____ () C:\Users\Arthur\Downloads\Andrea.rar 2014-07-13 17:12 - 2014-07-13 17:13 - 216063371 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #362.rar 2014-07-13 17:12 - 2014-07-13 17:13 - 210028588 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #363.rar 2014-07-13 01:46 - 2014-07-13 01:47 - 01080480 _____ (Unity Technologies ApS) C:\Users\Arthur\Downloads\UnityWebPlayer (1).exe 2014-07-13 00:19 - 2014-07-13 00:19 - 20495624 _____ () C:\Users\Arthur\Downloads\FunOrange 4.15.2014.rar 2014-07-13 00:12 - 2014-07-13 00:12 - 07868105 _____ () C:\Users\Arthur\Downloads\FunOrange8.4 (1).rar 2014-07-12 22:40 - 2014-07-12 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sirius MT2 2014-07-12 22:17 - 2014-07-12 22:17 - 00003180 _____ () C:\Windows\System32\Tasks\{87793036-60BC-4D33-BC8C-69C6E3256169} 2014-07-12 21:57 - 2014-07-12 21:57 - 00836112 _____ (SiriusMT2) C:\Users\Arthur\Downloads\sirius.20.13.rev.installer (1).exe 2014-07-11 20:28 - 2014-07-11 20:28 - 00034332 _____ () C:\Users\Arthur\Downloads\High Precision Cursor by FynnFTW - More Colors.rar 2014-07-11 20:27 - 2014-07-11 20:27 - 07868105 _____ () C:\Users\Arthur\Downloads\FunOrange8.4.rar 2014-07-11 17:33 - 2014-07-11 17:33 - 00000000 ____D () C:\Users\Public\Documents\sun 2014-07-11 17:31 - 2014-07-11 17:31 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0 2014-07-11 17:24 - 2014-07-11 17:24 - 00961360 _____ (Chip Digital GmbH) C:\Users\Arthur\Downloads\OpenOffice - CHIP-Installer.exe 2014-07-10 06:53 - 2014-07-10 06:53 - 00001214 _____ () C:\Users\UpdatusUser\Desktop\AK Cabal Launcher.lnk 2014-07-10 06:52 - 2014-07-10 06:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arena Knights Cabal Episode 10 2014-07-10 06:36 - 2014-07-14 06:38 - 00000000 ____D () C:\Program Files (x86)\Arena Knights Cabal Episode 10 2014-07-10 06:35 - 2014-07-10 06:36 - 1717330663 _____ (Arena Knights ) C:\Users\Arthur\Downloads\AKCabalEp10.exe 2014-07-10 06:32 - 2014-07-10 06:32 - 01915058 _____ () C:\Users\Arthur\Downloads\TGCabalEP8.torrent 2014-07-09 01:22 - 2014-07-09 01:29 - 00000000 ____D () C:\Users\Arthur\AppData\Local\2K Games 2014-07-09 00:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-07-09 00:35 - 2014-07-09 00:35 - 01346519 _____ () C:\Users\Arthur\Downloads\adwcleaner_3.214.exe 2014-07-09 00:31 - 2014-07-09 00:31 - 00000000 ____D () C:\Users\Arthur\Downloads\Cabal-2 2014-07-09 00:31 - 2014-07-09 00:31 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Temp842aac0f581a708d0ea973e67a58ad18_ 2014-07-09 00:30 - 2014-07-09 00:30 - 01063312 _____ () C:\Users\Arthur\Downloads\Cabal-2-lnstall.exe 2014-07-08 20:19 - 2014-07-08 20:19 - 23673366 _____ () C:\Users\Arthur\Downloads\91214 Lucky Star no Minna - Kumikyoku 'Lucky Star Douga'.osz 2014-07-08 03:06 - 2014-07-08 03:07 - 1137512686 _____ () C:\Users\Arthur\Downloads\wom2_installer_20140512.exe 2014-07-08 02:21 - 2014-07-08 02:58 - 00000000 ____D () C:\Users\Arthur\Documents\dragoon 2014-07-07 22:00 - 2014-07-07 22:00 - 00025240 _____ () C:\Users\Arthur\Downloads\Cookiezi - Hatsune Miku - Story of my Wife [Warota] (2013-04-15) Osu (2).osr 2014-07-07 21:59 - 2014-07-07 21:59 - 00025240 _____ () C:\Users\Arthur\Downloads\Cookiezi - Hatsune Miku - Story of my Wife [Warota] (2013-04-15) Osu (1).osr 2014-07-07 21:58 - 2014-07-07 21:59 - 00025240 _____ () C:\Users\Arthur\Downloads\Cookiezi - Hatsune Miku - Story of my Wife [Warota] (2013-04-15) Osu.osr ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-06 12:48 - 2014-08-06 12:48 - 00020267 _____ () C:\Users\Arthur\Desktop\FRST.txt 2014-08-06 12:48 - 2014-08-06 10:34 - 00000000 ____D () C:\FRST 2014-08-06 12:46 - 2014-08-06 12:46 - 00005089 _____ () C:\Users\Arthur\Desktop\MBAM Suchverlauf.txt 2014-08-06 12:46 - 2014-08-06 12:22 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-06 12:46 - 2013-09-20 10:48 - 01385031 _____ () C:\Windows\WindowsUpdate.log 2014-08-06 12:45 - 2013-09-22 19:08 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\TS3Client 2014-08-06 12:43 - 2013-10-17 22:04 - 00000000 ____D () C:\Users\Arthur\AppData\Local\LogMeIn Hamachi 2014-08-06 12:43 - 2013-09-20 12:21 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-08-06 12:43 - 2013-09-20 12:05 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-08-06 12:42 - 2014-08-06 12:16 - 00008522 _____ () C:\Windows\PFRO.log 2014-08-06 12:42 - 2014-07-23 19:02 - 00000112 _____ () C:\Windows\setupact.log 2014-08-06 12:42 - 2013-09-20 11:26 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-08-06 12:42 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-08-06 12:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\L2Schemas 2014-08-06 12:40 - 2014-08-06 12:09 - 00000091 _____ () C:\Users\Arthur\Desktop\youtube.txt 2014-08-06 12:37 - 2014-08-06 12:37 - 09807534 _____ () C:\Users\Arthur\Downloads\Feyris+Nyan+Mix.rar 2014-08-06 12:36 - 2013-09-20 12:21 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-08-06 12:26 - 2014-02-01 22:34 - 00002580 _____ () C:\Windows\Sandboxie.ini 2014-08-06 12:24 - 2009-07-14 06:45 - 00014368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-08-06 12:24 - 2009-07-14 06:45 - 00014368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-08-06 12:22 - 2014-08-06 12:22 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-08-06 12:22 - 2014-08-06 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-06 12:22 - 2014-08-06 12:22 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-06 12:22 - 2013-11-17 18:49 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-06 12:21 - 2014-08-06 12:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Arthur\Desktop\mbam-setup-2.0.2.1012.exe 2014-08-06 12:21 - 2014-08-06 12:21 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Arthur\Downloads\mbam-setup-2.0.2.1012.exe 2014-08-06 12:19 - 2014-08-06 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2014-08-06 12:19 - 2014-07-21 19:49 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk 2014-08-06 12:19 - 2013-10-20 14:23 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi 2014-08-06 12:19 - 2013-09-22 19:06 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client 2014-08-06 12:17 - 2014-07-24 02:57 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server 2014-08-06 12:14 - 2014-01-27 01:33 - 00000000 ____D () C:\AdwCleaner 2014-08-06 12:12 - 2014-04-19 22:35 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-08-06 12:11 - 2014-08-06 12:11 - 01361309 _____ () C:\Users\Arthur\Downloads\adwcleaner_3.302.exe 2014-08-06 12:11 - 2014-08-06 12:11 - 01361309 _____ () C:\Users\Arthur\Desktop\adwcleaner_3.302.exe 2014-08-06 10:37 - 2014-08-06 10:36 - 00049870 _____ () C:\Users\Arthur\Downloads\Addition.txt 2014-08-06 10:37 - 2014-08-06 10:34 - 00057540 _____ () C:\Users\Arthur\Downloads\FRST.txt 2014-08-06 10:34 - 2014-08-06 10:34 - 02094080 _____ (Farbar) C:\Users\Arthur\Desktop\FRST64.exe 2014-08-06 10:17 - 2014-08-06 10:15 - 00011862 _____ () C:\Users\Arthur\Desktop\hijackthis.log 2014-08-06 10:17 - 2014-01-27 01:39 - 00000000 ____D () C:\Users\Arthur\Downloads\backups 2014-08-06 09:44 - 2014-04-25 08:52 - 00000000 ____D () C:\Program Files (x86)\osu! 2014-08-06 09:27 - 2014-08-06 09:27 - 00000195 _____ () C:\Users\Arthur\Desktop\redditpost.txt 2014-08-06 08:43 - 2014-02-19 01:31 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\vlc 2014-08-06 08:03 - 2014-07-24 15:05 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\AIMP3 2014-08-06 07:57 - 2014-07-24 15:31 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Last.fm 2014-08-06 01:46 - 2014-02-12 22:47 - 00000000 ____D () C:\ProgramData\Origin 2014-08-06 00:00 - 2013-10-04 17:46 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr 2014-08-06 00:00 - 2013-10-04 17:37 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-08-06 00:00 - 2013-10-04 17:37 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2014-08-05 23:52 - 2014-02-12 22:47 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-08-05 19:45 - 2013-09-22 16:46 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-08-05 12:00 - 2014-08-05 03:41 - 00000618 _____ () C:\Users\Arthur\Desktop\[box image dinger].txt 2014-08-05 11:57 - 2014-05-06 21:37 - 00000000 ____D () C:\Users\Arthur\.gimp-2.8 2014-08-05 11:55 - 2014-08-05 11:55 - 00019164 _____ () C:\Users\Arthur\AppData\Local\recently-used.xbel 2014-08-05 11:55 - 2014-05-06 21:57 - 00000000 ____D () C:\Users\Arthur\AppData\Local\gtk-2.0 2014-08-05 08:21 - 2014-04-09 02:56 - 00000000 ____D () C:\Users\Arthur\Desktop\Neuer Ordner 2014-08-05 07:02 - 2013-10-04 17:37 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-08-05 03:56 - 2014-08-05 03:56 - 12875367 _____ () C:\Users\Arthur\Downloads\Escalon+v6 (1).rar 2014-08-05 03:33 - 2014-08-05 03:33 - 12067624 _____ () C:\Users\Arthur\Downloads\bestest+evar.rar 2014-08-04 22:29 - 2014-05-12 21:50 - 00000000 ____D () C:\ProgramData\boost_interprocess 2014-08-04 18:31 - 2014-08-04 18:31 - 12875367 _____ () C:\Users\Arthur\Downloads\Escalon+v6.rar 2014-08-04 07:48 - 2014-04-29 00:14 - 00000000 ____D () C:\Users\Arthur\Desktop\Osu 2014-08-04 07:39 - 2014-08-04 07:38 - 208775365 _____ () C:\Users\Arthur\Downloads\Approved #5.rar 2014-08-04 07:38 - 2014-08-04 07:36 - 199019790 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #322.rar 2014-08-04 07:38 - 2014-08-04 07:35 - 205572784 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #321.rar 2014-08-02 10:20 - 2014-01-02 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2 2014-08-02 08:14 - 2014-01-02 22:45 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2 2014-08-02 08:13 - 2014-04-22 08:43 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Guild Wars 2 2014-08-02 07:47 - 2014-08-02 07:47 - 23301624 _____ (ArenaNet) C:\Users\Arthur\Downloads\Gw2Setup.exe 2014-08-02 03:40 - 2014-08-02 03:40 - 01010652 _____ () C:\Users\Arthur\Downloads\Clonk-Clonk.rar 2014-08-02 03:16 - 2014-08-02 03:16 - 01726708 _____ () C:\Users\Arthur\Downloads\Red+as+fuck.osk 2014-08-02 02:11 - 2014-08-02 02:11 - 00001399 _____ () C:\Users\Arthur\Desktop\osuTrainer - Verknüpfung.lnk 2014-08-02 02:11 - 2014-08-01 23:33 - 00000000 ____D () C:\Program Files (x86)\Osu!trainer 2014-08-02 00:55 - 2014-08-02 00:55 - 31604446 _____ () C:\Users\Arthur\Downloads\Nara+4.7.zip 2014-08-02 00:55 - 2014-08-02 00:55 - 07135462 _____ () C:\Users\Arthur\Downloads\default.zip 2014-08-01 23:34 - 2014-08-01 23:34 - 00000000 ____D () C:\Users\Arthur\AppData\Local\osuTrainer 2014-08-01 23:32 - 2014-08-01 23:32 - 01277651 _____ () C:\Users\Arthur\Downloads\osuTrainer.zip 2014-07-31 23:48 - 2014-07-31 23:48 - 07694565 _____ () C:\Users\Arthur\Downloads\39043 Nicki Minaj - Super Bass.osz 2014-07-31 06:11 - 2014-07-31 06:11 - 04065865 _____ () C:\Users\Arthur\Downloads\28751 07th Expansion - rog-unlimitation.osz 2014-07-28 23:18 - 2014-07-28 23:18 - 00000219 _____ () C:\Users\Arthur\Desktop\Counter-Strike Global Offensive.url 2014-07-27 22:35 - 2013-10-12 03:20 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-07-27 20:03 - 2014-07-27 20:02 - 00000000 ____D () C:\Users\Arthur\Documents\BFBC2 2014-07-27 20:02 - 2013-10-04 17:46 - 00000000 ____D () C:\Users\Arthur\AppData\Local\PunkBuster 2014-07-27 20:01 - 2014-07-27 20:01 - 02434856 _____ () C:\Windows\SysWOW64\pbsvc_bc2.exe 2014-07-27 20:00 - 2014-07-27 20:00 - 00018511 _____ () C:\Windows\DirectX.log 2014-07-27 07:59 - 2014-07-27 07:58 - 27377569 _____ () C:\Users\Arthur\Downloads\Syrasu2.rar 2014-07-26 23:39 - 2014-07-26 23:39 - 02239108 _____ () C:\Users\Arthur\Downloads\osuStreamSpeed.jar 2014-07-26 17:32 - 2014-07-26 17:31 - 87502847 _____ () C:\Users\Arthur\Downloads\WWWskin (2).rar 2014-07-26 17:32 - 2014-07-26 17:31 - 113746536 _____ () C:\Users\Arthur\Downloads\WWWskin (1).rar 2014-07-26 16:28 - 2014-07-26 16:28 - 87502847 _____ () C:\Users\Arthur\Downloads\WWWskin.rar 2014-07-25 23:02 - 2014-07-25 23:02 - 09791148 _____ () C:\Users\Arthur\Downloads\Skins.rar 2014-07-25 23:02 - 2014-07-25 23:02 - 07241953 _____ () C:\Users\Arthur\Downloads\cptnxn2.rar 2014-07-25 19:57 - 2014-07-25 19:57 - 00024919 _____ () C:\Users\Arthur\Downloads\Scorebar.rar 2014-07-25 02:28 - 2014-07-24 03:03 - 00003030 _____ () C:\Windows\System32\Tasks\RTSS 2014-07-25 02:28 - 2014-07-24 02:56 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner 2014-07-25 01:43 - 2014-07-25 00:24 - 00000000 ____D () C:\Users\Arthur\Documents\RepZIW4M 2014-07-25 01:31 - 2014-07-25 01:19 - 2228035460 _____ () C:\Users\Arthur\Downloads\DLC.rar 2014-07-25 00:36 - 2014-07-25 00:36 - 00002899 _____ () C:\Users\Arthur\Desktop\iw4m - Verknüpfung.lnk 2014-07-25 00:30 - 2014-07-25 00:29 - 1506894037 _____ () C:\Users\Arthur\Downloads\MW2 English Patch.zip 2014-07-25 00:25 - 2014-07-25 00:25 - 00221087 _____ () C:\Users\Arthur\Downloads\Default Style Client UpdaterV3.rar 2014-07-24 15:38 - 2014-07-24 15:38 - 00000000 ____D () C:\ProgramData\Last.fm 2014-07-24 15:38 - 2014-07-24 15:38 - 00000000 ____D () C:\Program Files (x86)\Winamp 2014-07-24 15:32 - 2014-07-24 15:32 - 00000985 _____ () C:\Users\Public\Desktop\Last.fm Scrobbler.lnk 2014-07-24 15:32 - 2014-07-24 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm 2014-07-24 15:32 - 2014-07-24 15:31 - 00000000 ____D () C:\Program Files (x86)\Last.fm 2014-07-24 15:31 - 2014-07-24 15:31 - 14916216 _____ (Last.fm ) C:\Users\Arthur\Downloads\Last.fm-2.1.36.exe 2014-07-24 15:29 - 2014-07-24 15:29 - 00000125 _____ () C:\Users\Arthur\Downloads\playlist.pls 2014-07-24 15:25 - 2014-07-24 15:25 - 00000200 _____ () C:\Users\Arthur\Downloads\listen (1).pls 2014-07-24 15:21 - 2014-07-24 15:21 - 00214688 _____ () C:\Users\Arthur\Downloads\metro_skin_for_aimp3_by_ikorolkov-d4qqujr.rar 2014-07-24 15:05 - 2014-07-24 15:05 - 00000909 _____ () C:\Users\Public\Desktop\AIMP3.lnk 2014-07-24 15:05 - 2014-07-24 15:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3 2014-07-24 15:05 - 2014-07-24 15:05 - 00000000 ____D () C:\Program Files (x86)\AIMP3 2014-07-24 15:03 - 2014-07-24 15:03 - 07771936 _____ (AIMP DevTeam) C:\Users\Arthur\Downloads\aimp_3.55.1355.exe 2014-07-24 03:36 - 2013-09-20 20:28 - 00000000 ____D () C:\Users\Arthur\Documents\My Games 2014-07-24 03:32 - 2014-06-25 23:24 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin 2014-07-24 02:58 - 2014-03-15 21:37 - 00000000 ___HD () C:\Windows\msdownld.tmp 2014-07-24 02:58 - 2014-03-15 21:37 - 00000000 ____D () C:\Windows\SysWOW64\directx 2014-07-24 02:57 - 2014-07-24 02:57 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server 2014-07-24 02:56 - 2014-07-24 02:56 - 00001090 _____ () C:\Users\Arthur\Desktop\MSI Afterburner.lnk 2014-07-24 02:56 - 2014-07-24 02:56 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner 2014-07-24 02:55 - 2014-07-24 02:55 - 29239096 _____ () C:\Users\Arthur\Downloads\MSIAfterburnerSetup301.zip 2014-07-24 02:53 - 2014-07-24 02:53 - 00826192 _____ (Chip Digital GmbH) C:\Users\Arthur\Downloads\MSI Afterburner - CHIP-Installer.exe 2014-07-23 22:04 - 2014-07-23 22:04 - 00002966 _____ () C:\Users\Arthur\Desktop\BlackOpsMP.lnk 2014-07-23 22:04 - 2014-07-23 22:04 - 00002936 _____ () C:\Users\Arthur\Desktop\BlackOps.lnk 2014-07-23 22:04 - 2014-07-23 22:04 - 00002909 _____ () C:\Users\Arthur\Desktop\repzOps.lnk 2014-07-23 22:04 - 2014-07-23 07:19 - 00000000 ____D () C:\Users\Arthur\Documents\RepZOps 2014-07-23 22:03 - 2014-07-23 22:03 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Macromedia 2014-07-23 21:59 - 2014-07-23 21:59 - 00000000 __RHD () C:\Users\Arthur\AppData\Roaming\SecuROM 2014-07-23 21:59 - 2014-07-23 21:59 - 00000000 ____D () C:\Users\Public\Documents\EA Games 2014-07-23 21:59 - 2013-10-03 15:38 - 00000000 ____D () C:\Users\Arthur\Documents\EA Games 2014-07-23 21:29 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-07-23 21:13 - 2014-06-13 18:28 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-07-23 21:08 - 2014-07-23 21:08 - 17089296 _____ (Electronic Arts, Inc.) C:\Users\Arthur\Downloads\OriginThinSetup.exe 2014-07-23 19:10 - 2014-07-23 19:10 - 00001943 _____ () C:\Users\Public\Desktop\Display Pilot.lnk 2014-07-23 19:10 - 2014-07-23 19:10 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\DisplayTune 2014-07-23 19:10 - 2014-07-23 19:10 - 00000000 ____D () C:\Users\Arthur\AppData\Local\DisplayTune 2014-07-23 19:10 - 2014-07-23 19:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BenQ 2014-07-23 19:09 - 2014-07-23 19:09 - 00000000 ____D () C:\Program Files (x86)\Portrait Displays 2014-07-23 19:09 - 2013-09-20 11:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-07-23 19:08 - 2014-07-23 19:08 - 00000000 ____D () C:\Program Files (x86)\BenQ 2014-07-23 19:07 - 2014-07-23 19:07 - 27745611 _____ () C:\Users\Arthur\Downloads\benq_display_pilot-setup.rar 2014-07-23 19:02 - 2014-07-23 19:02 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-23 17:39 - 2014-04-19 23:57 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2014-07-23 07:14 - 2014-05-04 18:26 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Activision 2014-07-23 03:39 - 2014-07-23 03:39 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-07-23 03:39 - 2014-07-23 03:39 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-07-23 03:39 - 2014-07-23 03:39 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Mozilla 2014-07-23 03:39 - 2014-07-23 03:39 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Mozilla 2014-07-23 03:39 - 2014-07-23 03:39 - 00000000 ____D () C:\ProgramData\Mozilla 2014-07-23 03:39 - 2013-10-12 13:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-07-23 03:36 - 2014-07-23 03:36 - 30063128 _____ (Mozilla) C:\Users\Arthur\Downloads\Firefox Setup 30.0_de.exe 2014-07-23 03:21 - 2014-06-26 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-07-23 03:20 - 2014-06-26 11:35 - 00000997 _____ () C:\Users\Arthur\Desktop\CCleaner.lnk 2014-07-22 23:10 - 2014-07-22 22:42 - 00000000 ____D () C:\Users\Arthur\Desktop\Gimp 2014-07-22 22:39 - 2014-07-22 22:39 - 00000000 ____D () C:\Users\Arthur\AppData\Local\webkit 2014-07-22 16:53 - 2014-07-22 16:53 - 00000000 ____D () C:\Users\Arthur\Desktop\Beta 2ns sugoi ! 1 2014-07-22 16:53 - 2014-07-22 16:52 - 00000000 ____D () C:\Users\Arthur\Desktop\Schlagsounds AKA Tischtennismatch 2014-07-17 13:19 - 2014-02-25 01:29 - 00000000 ____D () C:\Program Files (x86)\TERA 2014-07-15 20:56 - 2014-07-15 20:56 - 00019682 _____ () C:\Users\Arthur\Downloads\OsuLastFm.zip 2014-07-15 17:52 - 2014-07-15 17:50 - 137078872 _____ () C:\Users\Arthur\Downloads\(pro) Players Skin Compendium (Part 1).rar 2014-07-15 07:36 - 2014-07-15 07:36 - 06345434 _____ () C:\Users\Arthur\Downloads\cookie-.rar 2014-07-14 06:38 - 2014-07-10 06:36 - 00000000 ____D () C:\Program Files (x86)\Arena Knights Cabal Episode 10 2014-07-14 03:55 - 2014-07-14 03:55 - 17013628 _____ () C:\Users\Arthur\Downloads\chocolat+vanilla.rar 2014-07-14 01:17 - 2014-05-15 19:30 - 00000000 ____D () C:\Users\Arthur\Downloads\Screens 2014-07-14 01:16 - 2014-07-14 01:16 - 04562655 _____ () C:\Users\Arthur\Downloads\Hitlerrede.webm 2014-07-14 01:13 - 2014-07-14 01:12 - 207874831 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #361.rar 2014-07-13 17:48 - 2014-07-13 17:48 - 07275566 _____ () C:\Users\Arthur\Downloads\Andrea.rar 2014-07-13 17:13 - 2014-07-13 17:12 - 216063371 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #362.rar 2014-07-13 17:13 - 2014-07-13 17:12 - 210028588 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #363.rar 2014-07-13 01:47 - 2014-07-13 01:46 - 01080480 _____ (Unity Technologies ApS) C:\Users\Arthur\Downloads\UnityWebPlayer (1).exe 2014-07-13 01:47 - 2014-04-04 22:38 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Unity 2014-07-13 00:19 - 2014-07-13 00:19 - 20495624 _____ () C:\Users\Arthur\Downloads\FunOrange 4.15.2014.rar 2014-07-13 00:12 - 2014-07-13 00:12 - 07868105 _____ () C:\Users\Arthur\Downloads\FunOrange8.4 (1).rar 2014-07-12 22:40 - 2014-07-12 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sirius MT2 2014-07-12 22:26 - 2013-11-03 23:24 - 00000000 ____D () C:\Sirius MT2 2014-07-12 22:17 - 2014-07-12 22:17 - 00003180 _____ () C:\Windows\System32\Tasks\{87793036-60BC-4D33-BC8C-69C6E3256169} 2014-07-12 22:13 - 2013-11-03 21:22 - 1572305527 _____ (Sirius MT2 ) C:\Users\Arthur\Documents\sirius.20.13.rev.client.exe 2014-07-12 21:57 - 2014-07-12 21:57 - 00836112 _____ (SiriusMT2) C:\Users\Arthur\Downloads\sirius.20.13.rev.installer (1).exe 2014-07-11 20:46 - 2009-07-14 06:45 - 05004720 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-11 20:28 - 2014-07-11 20:28 - 00034332 _____ () C:\Users\Arthur\Downloads\High Precision Cursor by FynnFTW - More Colors.rar 2014-07-11 20:27 - 2014-07-11 20:27 - 07868105 _____ () C:\Users\Arthur\Downloads\FunOrange8.4.rar 2014-07-11 17:48 - 2013-09-20 12:02 - 00094248 _____ () C:\Users\Arthur\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-11 17:33 - 2014-07-11 17:33 - 00000000 ____D () C:\Users\Public\Documents\sun 2014-07-11 17:31 - 2014-07-11 17:31 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0 2014-07-11 17:31 - 2014-01-03 08:25 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4 2014-07-11 17:24 - 2014-07-11 17:24 - 00961360 _____ (Chip Digital GmbH) C:\Users\Arthur\Downloads\OpenOffice - CHIP-Installer.exe 2014-07-10 06:53 - 2014-07-10 06:53 - 00001214 _____ () C:\Users\UpdatusUser\Desktop\AK Cabal Launcher.lnk 2014-07-10 06:52 - 2014-07-10 06:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arena Knights Cabal Episode 10 2014-07-10 06:36 - 2014-07-10 06:35 - 1717330663 _____ (Arena Knights ) C:\Users\Arthur\Downloads\AKCabalEp10.exe 2014-07-10 06:32 - 2014-07-10 06:32 - 01915058 _____ () C:\Users\Arthur\Downloads\TGCabalEP8.torrent 2014-07-09 01:29 - 2014-07-09 01:22 - 00000000 ____D () C:\Users\Arthur\AppData\Local\2K Games 2014-07-09 00:38 - 2013-09-20 10:57 - 00000000 ____D () C:\Users\Arthur 2014-07-09 00:35 - 2014-07-09 00:35 - 01346519 _____ () C:\Users\Arthur\Downloads\adwcleaner_3.214.exe 2014-07-09 00:31 - 2014-07-09 00:31 - 00000000 ____D () C:\Users\Arthur\Downloads\Cabal-2 2014-07-09 00:31 - 2014-07-09 00:31 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Temp842aac0f581a708d0ea973e67a58ad18_ 2014-07-09 00:30 - 2014-07-09 00:30 - 01063312 _____ () C:\Users\Arthur\Downloads\Cabal-2-lnstall.exe 2014-07-08 20:19 - 2014-07-08 20:19 - 23673366 _____ () C:\Users\Arthur\Downloads\91214 Lucky Star no Minna - Kumikyoku 'Lucky Star Douga'.osz 2014-07-08 20:12 - 2014-04-29 17:12 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2014-07-08 20:12 - 2014-04-19 22:35 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-08 20:12 - 2014-03-20 01:46 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-08 20:12 - 2014-03-20 01:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-08 18:47 - 2014-05-27 06:26 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Ubisoft Game Launcher 2014-07-08 03:07 - 2014-07-08 03:06 - 1137512686 _____ () C:\Users\Arthur\Downloads\wom2_installer_20140512.exe 2014-07-08 02:58 - 2014-07-08 02:21 - 00000000 ____D () C:\Users\Arthur\Documents\dragoon 2014-07-08 02:18 - 2013-11-09 18:12 - 00000000 ____D () C:\ProgramData\Package Cache 2014-07-07 22:00 - 2014-07-07 22:00 - 00025240 _____ () C:\Users\Arthur\Downloads\Cookiezi - Hatsune Miku - Story of my Wife [Warota] (2013-04-15) Osu (2).osr 2014-07-07 21:59 - 2014-07-07 21:59 - 00025240 _____ () C:\Users\Arthur\Downloads\Cookiezi - Hatsune Miku - Story of my Wife [Warota] (2013-04-15) Osu (1).osr 2014-07-07 21:59 - 2014-07-07 21:58 - 00025240 _____ () C:\Users\Arthur\Downloads\Cookiezi - Hatsune Miku - Story of my Wife [Warota] (2013-04-15) Osu.osr Files to move or delete: ==================== C:\Users\Arthur\VOCALOID2.dll C:\Users\Arthur\VOCALOID2_Realtime.dll C:\Users\Arthur\VocaloidVSTi.dll Some content of TEMP: ==================== C:\Users\Arthur\AppData\Local\Temp\drm_dyndata_7400009.dll C:\Users\Arthur\AppData\Local\Temp\Gw2.exe C:\Users\Arthur\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-28 04:26 ==================== End Of Log ============================ --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-08-2014 Ran by Arthur at 2014-08-06 12:50:03 Running from C:\Users\Arthur\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 100% Orange Juice (HKLM-x32\...\Steam App 282800) (Version: - Orange_Juice) A.V.A - Alliance of Valiant Arms (HKLM-x32\...\Steam App 102700) (Version: - RED DUCK Inc.) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Afterfall InSanity Extended Edition (HKLM-x32\...\Steam App 224420) (Version: - Intoxicate Studios) Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios) AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1355, 14.07.2014 - AIMP DevTeam) AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version: - Gameforge) AlternativA (HKLM-x32\...\Steam App 33990) (Version: - Centauri Production) altPUG (HKLM-x32\...\{4FC41018-ABBF-47A0-B917-2DA88C04DA7D}) (Version: 1.2 - altPUG LLC) AMD APP SDK Runtime (Version: 10.0.873.1 - Advanced Micro Devices Inc.) Hidden AMD Catalyst Install Manager (HKLM\...\{DD562794-C098-A1E5-66ED-10E8BD1C84C5}) (Version: 3.0.864.0 - Advanced Micro Devices, Inc.) AMD Fuel (Version: 2012.0504.1554.26509 - Ihr Firmenname) Hidden Archeblade (HKLM-x32\...\Steam App 207230) (Version: - CodeBrush Games) Arena Knights Cabal Episode 10 version 1.0 (HKLM-x32\...\{13D2BCED-7F48-468A-9296-3FB1150A7CDD}_is1) (Version: 1.0 - Arena Knights) Arma: Cold War Assault (HKLM-x32\...\Steam App 65790) (Version: - Bohemia Interactive) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology) Audiosurf (HKLM-x32\...\Steam App 12900) (Version: - Dylan Fitterer) Aura Kingdom (HKLM-x32\...\Steam App 268420) (Version: - X-Legend) AuraKingdom-DE (HKLM-x32\...\AuraKingdom-DE) (Version: - ) avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software) Battlefield 2 (HKLM-x32\...\Steam App 24860) (Version: - DICE) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version: - DICE) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB) BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - ) BioShock (HKLM-x32\...\Steam App 7670) (Version: - 2K Boston) Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software) Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward) Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version: - Treyarch) Catalyst Control Center (x32 Version: 2012.0504.1554.26509 - Ihr Firmenname) Hidden Catalyst Control Center InstallProxy (x32 Version: 2012.0504.1554.26509 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2012.0504.1554.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2012.0504.1554.26509 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform) Command and Conquer: Red Alert 3 (HKLM-x32\...\Steam App 17480) (Version: - EA Los Angeles) Corel Painter 12 - IPM (Version: 12.4 - Corel Corporation) Hidden Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Croixleur Sigma (HKLM-x32\...\Steam App 250640) (Version: - souvenir circ.) Dark Souls 2 (HKLM-x32\...\RGFya1NvdWxzMg==_is1) (Version: 1 - ) Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware) DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc) DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - THQ) DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) DayZ Commander (HKLM-x32\...\{99C28455-E285-4639-B4C6-9F747C0C3D4C}) (Version: 0.92.90 - Dotjosh Studios) Defy Gravity (HKLM-x32\...\Steam App 96100) (Version: - Fish Factory Games) Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version: - Eidos Montreal) Display Pilot (HKLM-x32\...\{6DD25D67-4339-47A1-950E-EEFC321CBB24}) (Version: 2.11.002 - Portrait Displays, Inc.) Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) eXceed 3rd - Jade Penetrate Black Package (HKLM-x32\...\Steam App 207400) (Version: - Tennen-sozai) Gameforge Live 2.0.2 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.2 - Gameforge) GameSpy Comrade (HKLM-x32\...\{894084B6-BC69-43B7-BF06-B93AECFEA520}) (Version: 2.1.1.214 - GameSpy) GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) GundeadliGne (HKLM-x32\...\Steam App 92220) (Version: - Platine Dispositif) Hotline Miami (HKLM-x32\...\Steam App 219150) (Version: - Dennaton Games) IconHandler 64 bit (Version: 2.0 - Corel Corporation) Hidden Infestation: Survivor Stories (HKLM-x32\...\Steam App 226700) (Version: - Hammerpoint Interactive) Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) KAMI (HKLM-x32\...\Steam App 272040) (Version: - State of Play Games) Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm) Left 4 Dead (HKLM-x32\...\Steam App 500) (Version: - Valve) Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.227 - LogMeIn, Inc.) Hidden Long Live The Queen (HKLM-x32\...\Steam App 251990) (Version: - Hanako Games) Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech) Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Manga Studio (HKLM-x32\...\{CFA66508-B19D-4032-AB0A-EBBA2BDF1368}) (Version: 5.0.0 - Smith Micro) Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version: - 4A Games) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (DEU) (Version: 4.5.51209 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.7969.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Basic 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Mitsurugi Kamui Hikae (HKLM-x32\...\Steam App 263620) (Version: - Zenith Blue) Monaco (HKLM-x32\...\Steam App 113020) (Version: - Pocketwatch Games) MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com) Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla) MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD) NEOTOKYO° (HKLM-x32\...\Steam App 244630) (Version: - STUDIO RADI-8) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.50.3 - Black Tree Gaming) NVIDIA 3D Vision Controller Driver (x32 Version: 280.19 - NVIDIA Corporation) Hidden NVIDIA 3D Vision Controller-Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.22 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 314.22 - NVIDIA Corporation) NVIDIA Grafiktreiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.22 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.23.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.23.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.133.902 - NVIDIA Corporation) Hidden NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1422 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 314.22 (Version: 314.22 - NVIDIA Corporation) Hidden NVIDIA Update 1.12.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.12.12 - NVIDIA Corporation) NVIDIA Update Components (Version: 1.12.12 - NVIDIA Corporation) Hidden Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.) osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy) Painter 12 - Content (Version: 12.4 - Corel Corporation) Hidden Painter 12 - Core (Version: 12.4 - Corel Corporation) Hidden Painter 12 - Corex64 (Version: 12.4 - Corel Corporation) Hidden Painter 12 - DE (Version: 12.4 - Corel Corporation) Hidden Painter 12 - EN (Version: 12.4 - Corel Corporation) Hidden Painter 12 - FR (Version: 12.4 - Corel Corporation) Hidden Painter 12 - IT (Version: 12.4 - Corel Corporation) Hidden Painter 12 - Setup Files (Version: 12.4 - Corel Corporation) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Pivot Pro Plugin (x32 Version: 9.61.004 - Portrait Displays, Inc.) Hidden PowerISO (HKLM-x32\...\PowerISO) (Version: 5.7 - Power Software Ltd) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.) puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert) Q.U.B.E: Director's Cut (HKLM-x32\...\Steam App 239430) (Version: - Toxic Games) Quake Live (HKLM-x32\...\Quake Live) (Version: - id Software) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6487 - Realtek Semiconductor Corp.) RIFT™ (HKLM-x32\...\Steam App 39120) (Version: - Trion Worlds) Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version: - Tripwire Interactive) RivaTuner Statistics Server 6.1.2 (HKLM-x32\...\RTSS) (Version: 6.1.2 - Unwinder) Sandboxie 4.08 (64-bit) (HKLM\...\Sandboxie) (Version: 4.08 - Sandboxie Holdings, LLC) Savant - Ascent (HKLM-x32\...\Steam App 259530) (Version: - DPad Studios) SDK (x32 Version: 2.40.007 - Portrait Displays, Inc.) Hidden Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version: - United Front Games) Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion) Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version: - Valve) Space Hack (HKLM-x32\...\Steam App 315260) (Version: - Rebelmind) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Steins;Gate version 1.0 (HKLM\...\{2A05A52B-BDD8-4FD5-A65A-687CB10D98DF}_is1) (Version: 1.0 - JAST USA) Super Hexagon (HKLM-x32\...\Steam App 221640) (Version: - Terry Cavanagh) Takedown: Red Sabre (HKLM-x32\...\Steam App 236510) (Version: - Serellan LLC) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer) TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH) The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) The Last Remnant (HKLM-x32\...\Steam App 23310) (Version: - SQUARE ENIX) The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts) The Walking Dead (HKLM-x32\...\Steam App 207610) (Version: - ) The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version: - Telltale Games) Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version: - Ubisoft Singapore) Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version: - Ubisoft Toronto) TrackMania² Canyon (HKLM-x32\...\Steam App 228760) (Version: - Nadeo) TrackMania² Stadium (HKLM-x32\...\Steam App 232910) (Version: - Nadeo) TrackMania² Valley (HKLM-x32\...\Steam App 243360) (Version: - Nadeo) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS) Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton) Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft) Vampire - The Masquerade Bloodlines (HKLM-x32\...\InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}) (Version: 1.00.0000 - Activision) Vampire - The Masquerade Bloodlines (x32 Version: 1.00.0000 - Activision) Hidden Vanguard Princess (HKLM-x32\...\Steam App 262150) (Version: - Tomoaki Sugeno) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) VVVVVV (HKLM-x32\...\Steam App 70300) (Version: - Terry Cavanagh) Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.8-4 - Wacom Technology Corp.) Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH) WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft) WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.) Window On Top version 3.8 (HKCU\...\{7F2C28D2-EE31-49A5-94F2-67285DAE372B}_is1) (Version: 3.8 - Skybn Software) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 06-08-2014 03:35:09 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2014-08-06 10:17 - 00000809 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05D8B960-D139-468A-BE4C-7B7FEB377383} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-20] (Google Inc.) Task: {2D9ECFD7-D91F-4799-B2DC-9C92C450438B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-25] (AVAST Software) Task: {44FEF404-4360-42DC-B6E2-D5F49A8D7701} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-20] (Google Inc.) Task: {76F23228-68F2-45B0-A716-AB3257B3B6B2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated) Task: {9788D847-1B07-4F98-866C-EC7E8AE3A945} - System32\Tasks\RTSS => C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe [2014-06-05] () Task: {AE68021E-B918-45BC-89F3-B31020938B78} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd) Task: {D127D84C-9C8C-49B5-B998-227887969A88} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-09-20 11:26 - 2013-03-15 06:16 - 00086304 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-07-23 19:10 - 2013-11-12 11:44 - 00098320 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook64.dll 2012-05-04 15:41 - 2012-05-04 15:41 - 00211968 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2011-11-13 14:30 - 2011-11-13 14:30 - 00676864 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll 2011-11-13 14:31 - 2011-11-13 14:31 - 03643392 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll 2013-10-04 17:37 - 2014-08-05 07:02 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-06-05 11:41 - 2014-06-05 11:41 - 00399360 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll 2014-07-23 19:09 - 2013-11-12 11:44 - 00274960 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dthook.dll 2014-05-05 20:12 - 2014-04-22 00:30 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll 2014-06-05 11:41 - 2014-06-05 11:41 - 00188928 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe 2014-06-05 11:40 - 2014-06-05 11:40 - 00026112 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe 2014-06-05 11:41 - 2014-06-05 11:41 - 00088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe 2012-01-10 14:41 - 2014-04-19 23:50 - 00567880 _____ () C:\Program Files (x86)\puush\puush.exe 2014-07-23 19:09 - 2013-06-18 12:26 - 00677160 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpctrl.exe 2014-07-23 19:09 - 2013-06-18 12:26 - 00714024 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\floater.exe 2014-07-23 19:10 - 2013-11-12 11:44 - 00163344 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe 2014-07-23 19:10 - 2013-11-12 11:44 - 00197136 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe 2014-08-05 19:45 - 2014-08-05 19:45 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14080500\algo.dll 2014-07-23 19:10 - 2013-11-12 11:44 - 00093712 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook.dll 2014-06-05 11:40 - 2014-06-05 11:40 - 00354816 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll 2014-06-05 11:40 - 2014-06-05 11:40 - 00056320 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll 2014-06-05 11:40 - 2014-06-05 11:40 - 00127488 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll 2014-06-05 11:40 - 2014-06-05 11:40 - 00071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll 2014-05-01 02:31 - 2014-08-04 21:19 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll 2014-03-04 16:08 - 2014-08-04 21:19 - 00441856 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll 2013-12-14 04:31 - 2014-08-04 21:19 - 00332288 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll 2013-09-20 12:05 - 2014-08-04 21:18 - 00769024 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2014-05-01 02:31 - 2014-08-04 23:18 - 02143936 _____ () C:\Program Files (x86)\Steam\video.dll 2014-05-01 02:31 - 2014-08-04 21:19 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll 2014-05-01 02:31 - 2014-07-31 04:51 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll 2013-09-20 15:12 - 2014-08-04 23:18 - 00677056 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2014-06-25 02:03 - 2014-06-25 02:03 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-07-23 19:09 - 2013-11-12 11:44 - 00187920 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll 2013-09-20 15:12 - 2014-08-04 21:18 - 34586816 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2014-03-13 17:16 - 2014-03-13 17:16 - 00148480 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\quazip.dll 2014-03-13 17:16 - 2014-03-13 17:16 - 00864768 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\platforms\qwindows.dll 2014-03-13 17:16 - 2014-03-13 17:16 - 00677376 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\sqldrivers\qsqlite.dll 2013-09-09 10:31 - 2014-08-06 12:19 - 00092104 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll 2013-09-09 10:31 - 2014-08-06 12:19 - 00105416 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll 2014-03-13 17:16 - 2014-03-13 17:16 - 00025600 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qgif.dll 2014-03-13 17:16 - 2014-03-13 17:16 - 00242688 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qjpeg.dll 2013-09-09 10:31 - 2014-08-06 12:19 - 00477128 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll 2013-09-09 10:31 - 2014-08-06 12:19 - 00484808 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll 2014-03-13 17:16 - 2014-03-13 17:16 - 00123904 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll 2014-07-19 00:41 - 2014-07-15 11:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll 2014-07-19 00:41 - 2014-07-15 11:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll 2014-07-19 00:41 - 2014-07-15 11:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll 2014-07-19 00:41 - 2014-07-15 11:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll 2014-07-19 00:41 - 2014-07-15 11:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:AD022376 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/06/2014 00:38:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24 Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000c4102 ID des fehlerhaften Prozesses: 0x6f4 Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0 Pfad der fehlerhaften Anwendung: Explorer.EXE1 Pfad des fehlerhaften Moduls: Explorer.EXE2 Berichtskennung: Explorer.EXE3 Error: (08/06/2014 10:43:58 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (08/06/2014 08:53:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: SHLWAPI.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9ab Ausnahmecode: 0xc000041d Fehleroffset: 0x0000000000013d13 ID des fehlerhaften Prozesses: 0x4940 Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0 Pfad der fehlerhaften Anwendung: explorer.exe1 Pfad des fehlerhaften Moduls: explorer.exe2 Berichtskennung: explorer.exe3 Error: (08/06/2014 08:53:23 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: SHLWAPI.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9ab Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000013d13 ID des fehlerhaften Prozesses: 0x4940 Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0 Pfad der fehlerhaften Anwendung: explorer.exe1 Pfad des fehlerhaften Moduls: explorer.exe2 Berichtskennung: explorer.exe3 Error: (08/06/2014 08:51:44 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24 Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000c4102 ID des fehlerhaften Prozesses: 0xde4 Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0 Pfad der fehlerhaften Anwendung: explorer.exe1 Pfad des fehlerhaften Moduls: explorer.exe2 Berichtskennung: explorer.exe3 Error: (08/06/2014 04:25:26 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (08/05/2014 04:29:44 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (08/04/2014 07:49:56 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: AIMP3.exe, Version: 3.5.5.1355, Zeitstempel: 0x53c3f9ff Name des fehlerhaften Moduls: AIMP3.dll, Version: 3.5.5.1355, Zeitstempel: 0x53c3f9fa Ausnahmecode: 0xc0000005 Fehleroffset: 0x003cb701 ID des fehlerhaften Prozesses: 0x38b0 Startzeit der fehlerhaften Anwendung: 0xAIMP3.exe0 Pfad der fehlerhaften Anwendung: AIMP3.exe1 Pfad des fehlerhaften Moduls: AIMP3.exe2 Berichtskennung: AIMP3.exe3 Error: (08/04/2014 04:17:38 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (08/03/2014 02:43:53 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. System errors: ============= Error: (08/06/2014 00:42:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/06/2014 00:19:35 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren. Error: (08/06/2014 00:16:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/06/2014 04:40:02 AM) (Source: volsnap) (EventID: 36) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (08/01/2014 04:58:54 AM) (Source: volsnap) (EventID: 36) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (07/27/2014 05:03:45 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht. Error: (07/23/2014 04:50:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (07/22/2014 03:55:59 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: ) Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist. Error: (07/21/2014 07:55:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (07/21/2014 07:50:01 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren. Microsoft Office Sessions: ========================= Error: (08/06/2014 00:38:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c000037400000000000c41026f401cfb15f78effab3C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dlld536eb51-1d55-11e4-9d6b-8c89a59cdb65 Error: (08/06/2014 10:43:58 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Arthur\Downloads\esetsmartinstaller_deu.exe Error: (08/06/2014 08:53:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: explorer.exe6.1.7601.175674d672ee4SHLWAPI.dll6.1.7601.175144ce7c9abc000041d0000000000013d13494001cfb142e92a3231C:\Windows\explorer.exeC:\Windows\system32\SHLWAPI.dll670778c7-1d36-11e4-990f-8c89a59cdb65 Error: (08/06/2014 08:53:23 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: explorer.exe6.1.7601.175674d672ee4SHLWAPI.dll6.1.7601.175144ce7c9abc00000050000000000013d13494001cfb142e92a3231C:\Windows\explorer.exeC:\Windows\system32\SHLWAPI.dll5b2b41c2-1d36-11e4-990f-8c89a59cdb65 Error: (08/06/2014 08:51:44 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: explorer.exe6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c000037400000000000c4102de401cfa83fe9335ba0C:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll203c7caa-1d36-11e4-990f-8c89a59cdb65 Error: (08/06/2014 04:25:26 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (08/05/2014 04:29:44 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (08/04/2014 07:49:56 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: AIMP3.exe3.5.5.135553c3f9ffAIMP3.dll3.5.5.135553c3f9fac0000005003cb70138b001cfafa7bec79585C:\PROGRA~2\AIMP3\AIMP3.exeC:\PROGRA~2\AIMP3\AIMP3.dll295270bd-1b9b-11e4-990f-8c89a59cdb65 Error: (08/04/2014 04:17:38 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (08/03/2014 02:43:53 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe ==================== Memory info =========================== Percentage of memory in use: 41% Total physical RAM: 6114.15 MB Available physical RAM: 3574.7 MB Total Pagefile: 12226.48 MB Available Pagefile: 9384.55 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.41 GB) (Free:52.72 GB) NTFS Drive g: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 5B9EA6E7) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
06.08.2014, 15:24 | #6 |
/// TB-Ausbilder | Fake E-Mail mit anhang erhalten. Dummerweise (.zip) datei heruntergeladen aber nicht geöffnet. Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 3 h) dauern. Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect" Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File CHR HKCU\...\Chrome\Extension: [jopemfhojpebdeollanchfjhpbkcijoi] - C:\Users\Arthur\AppData\Local\CRE\jopemfhojpebdeollanchfjhpbkcijoi.crx [2013-12-27] CHR HKLM-x32\...\Chrome\Extension: [jopemfhojpebdeollanchfjhpbkcijoi] - C:\Users\Arthur\AppData\Local\CRE\jopemfhojpebdeollanchfjhpbkcijoi.crx [2013-12-27] CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] C:\Program Files\Enigma Software Group S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X] S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] C:\Users\Arthur\Downloads\mbam-setup-2.0.2.1012.exe AlternateDataStreams: C:\ProgramData\TEMP:AD022376 Reboot: end Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 ESET Online Scanner
Schritt 3 Downloade Dir bitte SecurityCheck und:
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
06.08.2014, 18:35 | #7 |
| Fake E-Mail mit anhang erhalten. Dummerweise (.zip) datei heruntergeladen aber nicht geöffnet. Fixlog: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-08-2014 Ran by Arthur at 2014-08-06 19:27:34 Run:1 Running from C:\Users\Arthur\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** start HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect" Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File CHR HKCU\...\Chrome\Extension: [jopemfhojpebdeollanchfjhpbkcijoi] - C:\Users\Arthur\AppData\Local\CRE\jopemfhojpebdeollanchfjhpbkcijoi.crx [2013-12-27] CHR HKLM-x32\...\Chrome\Extension: [jopemfhojpebdeollanchfjhpbkcijoi] - C:\Users\Arthur\AppData\Local\CRE\jopemfhojpebdeollanchfjhpbkcijoi.crx [2013-12-27] CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] C:\Program Files\Enigma Software Group S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X] S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] C:\Users\Arthur\Downloads\mbam-setup-2.0.2.1012.exe AlternateDataStreams: C:\ProgramData\TEMP:AD022376 Reboot: end ***************** HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect" => Value not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully. "HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => Key not found. "HKCR\PROTOCOLS\Filter\text/xml" => Key deleted successfully. "HKCR\CLSID\{807553E5-5146-11D5-A672-00B0D022E945}" => Key not found. "HKCU\SOFTWARE\Google\Chrome\Extensions\jopemfhojpebdeollanchfjhpbkcijoi" => Key deleted successfully. C:\Users\Arthur\AppData\Local\CRE\jopemfhojpebdeollanchfjhpbkcijoi.crx => Moved successfully. "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jopemfhojpebdeollanchfjhpbkcijoi" => Key deleted successfully. "C:\Users\Arthur\AppData\Local\CRE\jopemfhojpebdeollanchfjhpbkcijoi.crx" => File/Directory not found. "HKCU\SOFTWARE\Policies\Google" => Key deleted successfully. esgiguard => Service deleted successfully. C:\Program Files\Enigma Software Group => Moved successfully. X6va015 => Service deleted successfully. X6va017 => Service deleted successfully. xhunter1 => Service deleted successfully. C:\Users\Arthur\Downloads\mbam-setup-2.0.2.1012.exe => Moved successfully. C:\ProgramData\TEMP => ":AD022376" ADS removed successfully. The system needed a reboot. ==== End of Fixlog ==== |
06.08.2014, 20:06 | #8 |
/// TB-Ausbilder | Fake E-Mail mit anhang erhalten. Dummerweise (.zip) datei heruntergeladen aber nicht geöffnet. Gut gemacht, fehlen noch die anderen Schritte. |
06.08.2014, 20:37 | #9 |
| Fake E-Mail mit anhang erhalten. Dummerweise (.zip) datei heruntergeladen aber nicht geöffnet. Ja, wie du schon sagtest, könnte 3 Stunden (bei mir warscheinlich mehr) in anspruch nehmen. . . Bis jetzt schon eine beachtliche anzahl mit ESET gefunden ... Mit meinem nächsten gGehalt kommt eine donation von mir an euch, super service! MfG Arthur~ |
06.08.2014, 20:41 | #10 |
/// TB-Ausbilder | Fake E-Mail mit anhang erhalten. Dummerweise (.zip) datei heruntergeladen aber nicht geöffnet. Bitte nur die Logdatei posten, nichts selber löschen. Die vielen Funde müssten nichts Schlimmes bedeuten. Bis dann. |
06.08.2014, 20:44 | #11 |
| Fake E-Mail mit anhang erhalten. Dummerweise (.zip) datei heruntergeladen aber nicht geöffnet. Natürlich nicht! Ich mache hier nichts ohne euch/dich MfG Arthur~ |
06.08.2014, 21:03 | #12 |
/// TB-Ausbilder | Fake E-Mail mit anhang erhalten. Dummerweise (.zip) datei heruntergeladen aber nicht geöffnet. Alles klar. |
07.08.2014, 02:28 | #13 |
| Fake E-Mail mit anhang erhalten. Dummerweise (.zip) datei heruntergeladen aber nicht geöffnet. Logfile ESETScanner Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7587 # api_version=3.0.2 # EOSSerial=80e60c1daec9754d8faf53295d410eff # engine=18867 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2014-06-25 12:14:21 # local_time=2014-06-25 02:14:21 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='avast! Antivirus' # compatibility_mode=783 16777213 100 90 0 168075751 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 24100 155285111 0 0 # scanned=13 # found=0 # cleaned=0 # scan_time=407 # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7587 # api_version=3.0.2 # EOSSerial=80e60c1daec9754d8faf53295d410eff # engine=18867 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2014-06-25 04:22:49 # local_time=2014-06-25 06:22:49 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='avast! Antivirus' # compatibility_mode=783 16777213 100 90 0 168090659 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 39008 155300019 0 0 # scanned=328161 # found=127 # cleaned=0 # scan_time=14634 sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir" sh=926D9D657C7080EF11DC050F84192C66B6D586BD ft=1 fh=a969f747000403ce vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Conduit\Chrome\CT3311336\CHUninstaller.exe.vir" sh=1426B95F2619E462F812F6807C88694DF9FBECE7 ft=1 fh=a10496de67a69999 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\DownloadGuide\mconduitinstaller.exe.vir" sh=A8C9182D911F84D68DB74AC3DD3E40CCEAA37761 ft=1 fh=faa8286a77c9d18c vn="Win32/Packed.ScrambleWrapper.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\DownloadGuide\plus-hd-3-8.exe.vir" sh=D4D640E4A04D91DEF41DAD844D1EC046FA1D5F3E ft=1 fh=f32a1de57c3d142e vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\NativeMessaging\CT3311336\1_0_0_7\TBMessagingHost.exe.vir" sh=D1F56FA2825C6E2FD0BCB11C7B2258CF6EADCBFC ft=1 fh=0232bf4495528b99 vn="Variante von MSIL/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\BrowserHelper.exe.vir" sh=F907E547DEFDFCC3F3CBD18A49B0ABC0801136B3 ft=1 fh=63772d676c406bcf vn="Variante von Win32/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll.vir" sh=7C29FB5A386C0148E74423792451583EB910CAF2 ft=1 fh=cbe6358faad4011d vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir" sh=7C29FB5A386C0148E74423792451583EB910CAF2 ft=1 fh=cbe6358faad4011d vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir" sh=7EDB7FF3CFFDBACD584C9F2DDCA65DDC23D550D1 ft=1 fh=305e230fee1da144 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir" sh=7EDB7FF3CFFDBACD584C9F2DDCA65DDC23D550D1 ft=1 fh=305e230fee1da144 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir" sh=06BEB5B2B3E25165211B1D71E2E009D236CA7F0F ft=1 fh=f65f53b288275da6 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.vir" sh=8520F4C85F42290559528707B355FFEBC1E7645F ft=1 fh=d9e861a2ae4f8737 vn="Variante von Win32/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\SnapDo.exe.vir" sh=D6AB4D246B7E1033A3D6DF9E14F67604D13ADAA9 ft=1 fh=bd6af278fad9ed0f vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\srbs.dll.vir" sh=BF18F60853A40C3A945D5F50DFCCFC7D679810C6 ft=1 fh=9fc2ddd0efacf51d vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir" sh=0740238F3E5675F082CF8D1023567198565F4A6C ft=1 fh=a86561aa07752019 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=BE6CAA4F0EA25EC03B5D15F1576AF3DD61576BC8 ft=1 fh=6455c5588e6cd5a6 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=AA8561C86E08D96C26DFEC7AC373542F8F19BDC7 ft=1 fh=bd085c34cc024fbd vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=54D9F2251197CED907AD14EC99177CB0EDCDAA06 ft=1 fh=5651b1d09d727752 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=72A0381DBF1D076049854FEA309250E330B6D4EF ft=1 fh=e1c67bb4e35d99f9 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=C7E054C7BA58AE2D703DB29C52346A3ED84FEF57 ft=1 fh=53532950b9749a4f vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_20.dll.vir" sh=C546BA3CA78F93EB65DCCEA191BC40B9F940E2EA ft=1 fh=6fd80785d353cf5d vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_21.dll.vir" sh=7C15DA5A80F24F0383C992CFB03CF68E95A464B1 ft=1 fh=be427aaf403ae2ff vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_22.dll.vir" sh=95544372D9D68E8AFAE5E9DA8B07C14CE5406ABB ft=1 fh=dd489ec711c15129 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_23.dll.vir" sh=BA8871127FB23B24A8963B6A5992DED58259E590 ft=1 fh=65df87dcc97c6ea8 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_24.dll.vir" sh=C88DAF3FB5D3FEC090233FF251F7F0CFC73EF4CD ft=1 fh=b74c7f4df627386b vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_25.dll.vir" sh=4B9D59EFA89F628628CE74083961743D56E460C7 ft=1 fh=8e9074b2b2075a48 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_26.dll.vir" sh=3C586EBE6226CA74FBBDCE835DA7200658114064 ft=1 fh=21f65be5e0c03b13 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=A808812E64B1DE3502DCE72C8B0D3CD787C33E38 ft=1 fh=8e0368cbb880afe3 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=BFB6488C699C5C2AC711A63AE5D8A304520E1E27 ft=1 fh=4dfaa51bc945ce0d vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=111BB23FCD955AF8DA6B84E295258468A578895D ft=1 fh=ad18e64cdff241d3 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=B7E7F9A69EC3BBEE3E1FE49EC0D2D7CF54B6CCF8 ft=1 fh=bafc8994486e68f3 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=6720B7E04065E17233DDBFDE54E9FDF29B41D46E ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Temp\NativeMessaging\CT3311336.crx.vir" sh=D4D640E4A04D91DEF41DAD844D1EC046FA1D5F3E ft=1 fh=f32a1de57c3d142e vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Temp\NativeMessaging\CT3311336\nativeMessaging\TBMessagingHost.exe.vir" sh=848C686280EAA04B172FCCFFBD312132A0C46172 ft=1 fh=7764b0effb0b9556 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Temp\OCS\ocs_v7f.exe.vir" sh=C790F2451C02BFC0D53E40DBC3335079D8B175CF ft=1 fh=0b6d186e686ed0e2 vn="Variante von Win32/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Roaming\OpenCandy\6C08C844F391400DB3FFB315DD67C777\Installer.exe.vir" sh=A8B409544BB3876BF1F8D75B12EB8B624300AA05 ft=1 fh=4fe979dec6cc4938 vn="Variante von Win32/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Roaming\OpenCandy\6C08C844F391400DB3FFB315DD67C777\SnapDo_RBCB_p4v7.exe.vir" sh=83D2ECD232CCB255B99FD4AB258A8E4813AEB6A3 ft=1 fh=127cd30e5f7b1da2 vn="Variante von Win32/Packed.Themida evtl. unerwünschte Anwendung" ac=I fn="C:\Sirius MT2\metin2client_Sirius.MT21.bin" sh=864677F46B5D9F3A49AFBA520BE2C98118676E07 ft=1 fh=ede4ca474f3fe045 vn="Variante von Win32/Packed.Themida evtl. unerwünschte Anwendung" ac=I fn="C:\Sirius MT2\neuer_patcher" sh=6720B7E04065E17233DDBFDE54E9FDF29B41D46E ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\CRE\jopemfhojpebdeollanchfjhpbkcijoi.crx" sh=D1937AEB8ADBC5C7EB69C1AEFEEA4DEC6A1A90B5 ft=1 fh=e6c02fe7d3021daa vn="Win32/Wajam.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HSYNU88T\wajam_download[1].exe" sh=4C265AAF9AE88D06269ADD7034D63A115606DDFA ft=1 fh=3189627c07c08170 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFNXSW9R\conduitinstaller[1].exe" sh=1FB7AFB73E03FD6F04D38377EA888702C3E82C25 ft=1 fh=c2e2afde9ee391a5 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFNXSW9R\Freemium_DE[1].exe" sh=FEC81C4A224DDD64DCEBA9D491FE5C70A7158F40 ft=0 fh=0000000000000000 vn="Variante von Win32/bProtector.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFNXSW9R\pack[1].7z" sh=DC387589C41FEBF26B6F7416CE358F53B47AD811 ft=1 fh=37fc7ce2ed4bd360 vn="Win32/BrowseFox.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFNXSW9R\Setup[1].exe" sh=9F587B0C68B09C2586528A8DC6CEAFC7A9C6A2CA ft=1 fh=69c61442d3064e65 vn="Win32/Wajam.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFNXSW9R\wajam_install[2].exe" sh=91F440A8F2A0FFC91EDA87FE5410B93141B1C6B0 ft=1 fh=1ce5d7cf83504dfe vn="Win32/Toolbar.Conduit.AF evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y19L3LLB\checktbexist[1].exe" sh=8A338DBB4AF6745192BFA8798FCEEF2D51F167B1 ft=1 fh=f56d15f078453df6 vn="Win32/InstallMonetizer.AG evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y19L3LLB\ChromeSpeedUp_Installer[1].exe" sh=4D0D3661FBC160A817228CF7830BDCB88F51853D ft=1 fh=37cb3f38093893c2 vn="Win32/InstallCore.PD evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y19L3LLB\JDownloaderSetup_CH[1].exe" sh=9FE1F2B1FB6F2E1BBBE7B068CD5F79832C36BE39 ft=1 fh=526118062f73ede6 vn="Win32/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y19L3LLB\SPSetup[1].exe" sh=314F703F0F190BF70F0386509C10998D4E2BD10B ft=1 fh=2f9f46df1834d950 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y19L3LLB\TBUpdaterLogic[1].dll" sh=D3CBDD7C6ED2C9D81DA4FCF9AF57CDD5D3711ED3 ft=1 fh=86dbe26399c3d0fa vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y19L3LLB\TBUpdaterLogic[2].dll" sh=B753752753180B6E27585FF74E7351E1CC5DFD48 ft=1 fh=9f5742417805b9ff vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTPW35DR\Freemium_DE[1].exe" sh=93D7AD0FC7A7EC62E220FBD9A5501C61B0743EC9 ft=0 fh=0000000000000000 vn="Win32/bProtector.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTPW35DR\pack[1].7z" sh=F89D0D35647789000A23E8BD1E557BEE519A6BAE ft=1 fh=4f81c51847428f3f vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTPW35DR\statisticsstub[1].exe" sh=09A049528A132F55D191CCBC4CB485248FEB75C5 ft=1 fh=51064c0d2585d37e vn="Win32/Toolbar.Babylon.M evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\4B43.tmp" sh=F208F57EC446080FED430DCD7FD9F616932CC378 ft=1 fh=a8cc01a744e50327 vn="Win32/Toolbar.Babylon.X evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\7E3F.tmp" sh=94FAC5505E0E0C891FD1972F7B069AABC15C2004 ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\che4319.tmp" sh=1CE90D98C2906B934B8D821BD6E7CF687BB37976 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\che54B7.tmp" sh=064E08B2011F46C7223ABE36AD825C9758CE9F51 ft=0 fh=0000000000000000 vn="Win32/DealPly.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\GUT823A.tmp" sh=2C758E5DA906E79DD9CF9689FA308CAB1642C9C5 ft=1 fh=c71c00115d480c4b vn="Variante von Win32/InstallCore.BY evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\ICReinstall_ds3-tool.exe" sh=4D0D3661FBC160A817228CF7830BDCB88F51853D ft=1 fh=37cb3f38093893c2 vn="Win32/InstallCore.PD evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\JDSetup130443928849527015.exe" sh=954C6BC07E97C488D4A1CCB6A810B320E5EDCC64 ft=1 fh=1655e6147d4f45a9 vn="Win32/Conduit.SearchProtect.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\SPStub.exe" sh=33457E2F2405727124C107D6DEAF24C94E992463 ft=1 fh=e719e166edfd7994 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\tbFree.dll" sh=72FDBB6E315D5BB25A04EB687095914D484B2EC7 ft=1 fh=625b5f97bb9bcd48 vn="Variante von Win32/Toolbar.BitCocktail.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\v-bates.exe" sh=9F82BB5DC8D4EC6B8B2BB47CB6C329B8AF1C14CE ft=1 fh=c92ed1f3ca58c043 vn="Win32/InstallCore.AZ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\1520276.Uninstall\uninstaller.exe" sh=C35A0B3AF06F6AD199122599237B5AA67CEEB876 ft=1 fh=f14327a1ad7f7876 vn="Win32/Conduit.SearchProtect.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\AU\SPSetup.exe" sh=B753752753180B6E27585FF74E7351E1CC5DFD48 ft=1 fh=9f5742417805b9ff vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\ct3311336\chLogic.exe" sh=91F440A8F2A0FFC91EDA87FE5410B93141B1C6B0 ft=1 fh=1ce5d7cf83504dfe vn="Win32/Toolbar.Conduit.AF evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\ct3311336\ctbe.exe" sh=1FB7AFB73E03FD6F04D38377EA888702C3E82C25 ft=1 fh=c2e2afde9ee391a5 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\ct3311336\ieLogic.exe" sh=954C6BC07E97C488D4A1CCB6A810B320E5EDCC64 ft=1 fh=1655e6147d4f45a9 vn="Win32/Conduit.SearchProtect.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\ct3311336\spch.exe" sh=F89D0D35647789000A23E8BD1E557BEE519A6BAE ft=1 fh=4f81c51847428f3f vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\ct3311336\statisticsStub.exe" sh=4C265AAF9AE88D06269ADD7034D63A115606DDFA ft=1 fh=3189627c07c08170 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\ct3311336\stub.exe" sh=D8F10BDFCF1D7203A10EDD44BFA91E63429F7509 ft=1 fh=125879de58b34aa1 vn="Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\D93252B1-BAB0-7891-8977-D0A157DEA686\Latest\BabMaint.exe" sh=DED201AE02FB9EA3646489AFEDA49270C4620D9C ft=1 fh=c71c001196f8c3ac vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\D93252B1-BAB0-7891-8977-D0A157DEA686\Latest\BExternal.dll" sh=F8038444575EE679FE4AD4CBA6E6E613774ACD8B ft=1 fh=315c344bd11af187 vn="Win32/Toolbar.Babylon.M evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\D93252B1-BAB0-7891-8977-D0A157DEA686\Latest\ccp.exe" sh=1466BC1893B6D4B277A177CD2C7D1BEF65F6AAEB ft=1 fh=407239d3cdeb51cc vn="Win32/Toolbar.Babylon.U evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\D93252B1-BAB0-7891-8977-D0A157DEA686\Latest\CrxInstaller.dll" sh=7759A3318DE2ABC3755EBB7F50322C6D586B5286 ft=1 fh=e3d39714b3bfb2a0 vn="Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\D93252B1-BAB0-7891-8977-D0A157DEA686\Latest\IEHelper.dll" sh=964116A6BE5925057953284D9CFBD8E0CD15A962 ft=1 fh=c71c00112ecb5df5 vn="Win32/Toolbar.Babylon.V evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\D93252B1-BAB0-7891-8977-D0A157DEA686\Latest\MntrDLLInstall.dll" sh=7A6DB990BC1AB9B6DB4C8F9C05CAAF60D8CF2434 ft=1 fh=a9fcfec3bb49415d vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\D93252B1-BAB0-7891-8977-D0A157DEA686\Latest\MySgolTB.exe" sh=F66942E9329A4BD18EA548F1A3F537D5CB7B42A2 ft=1 fh=bedea595f68eb738 vn="Variante von Win32/Toolbar.Babylon.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\D93252B1-BAB0-7891-8977-D0A157DEA686\Latest\Setup.exe" sh=AA8FF80CB504D6C7CD680D0F098A3896E680A8E9 ft=1 fh=4fc511e7f3924f0b vn="Win32/DealPly.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\GUM8239.tmp\BonanzaDealsLive.exe" sh=D5639EC96BB23E91CCC655C4E765797930866676 ft=1 fh=611e9e9c9165914e vn="Win32/DealPly.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\GUM8239.tmp\BonanzaDealsLiveBroker.exe" sh=AA8FF80CB504D6C7CD680D0F098A3896E680A8E9 ft=1 fh=4fc511e7f3924f0b vn="Win32/DealPly.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\GUM8239.tmp\BonanzaDealsLiveHandler.exe" sh=609D8E76D3CC9811543AE9FF60C99FA238755DEB ft=1 fh=ae6efe48edf4869d vn="Variante von Win32/DealPly.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\GUM8239.tmp\BonanzaDealsLiveOnDemand.exe" sh=FEC645D6BF74FD011FA9EE2075478E9E059B3EEF ft=1 fh=258f8231b82cc0cb vn="Win32/DealPly.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\GUM8239.tmp\goopdate.dll" sh=E59C40DBDFFBFC64CB01080F85ADB47515919AAD ft=1 fh=25b1bb1ca23e3ee4 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\GUM8239.tmp\npGoogleUpdate3.dll" sh=61999ADB14A580A2D965FB8E6AA0AC31B61CF3C1 ft=1 fh=54b10837e69fea4a vn="Win32/DealPly.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\GUM8239.tmp\psmachine.dll" sh=7589639BBD0B6B0B2A054F7DFDBA593FD29024C8 ft=1 fh=695860d343b88911 vn="Variante von Win32/DealPly.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\GUM8239.tmp\psuser.dll" sh=A836A8346F791EC8A83B51BC78E84B2F6659E6DA ft=1 fh=0a2e45c370149901 vn="Win32/Wajam.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\is1070216317\414467_stp\wajam_validate.exe" sh=22EA12E23878248FEBC79C3B7FD1FA8B91F03725 ft=1 fh=fe2b149769bf0004 vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\is1070216317\414637_stp\SearchGol.exe" sh=175A8A0C7650EF29B0E1AE7137F5F48FDFCD6588 ft=1 fh=deea2a09617af006 vn="Variante von Win32/AdWare.SpeedingUpMyPC.G Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\is1070216317\414718_stp\PCSpeedMaximizer_AQDE_AFD_PPI.exe" sh=A836A8346F791EC8A83B51BC78E84B2F6659E6DA ft=1 fh=0a2e45c370149901 vn="Win32/Wajam.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\is266438442\403655_stp\wajam_validate.exe" sh=37CCAD86409E08816A4C00F1DBEA4604BA36D3A1 ft=1 fh=919a9505016e0e1e vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\is266438442\403725_stp\DeltaTB.exe" sh=9F82BB5DC8D4EC6B8B2BB47CB6C329B8AF1C14CE ft=1 fh=c92ed1f3ca58c043 vn="Win32/InstallCore.AZ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\is266438442\403956_stp\uninstaller.exe" sh=A836A8346F791EC8A83B51BC78E84B2F6659E6DA ft=1 fh=0a2e45c370149901 vn="Win32/Wajam.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\is266438442\837658_stp\wajam_validate.exe" sh=37CCAD86409E08816A4C00F1DBEA4604BA36D3A1 ft=1 fh=919a9505016e0e1e vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\is266438442\837785_stp\DeltaTB.exe" sh=D1937AEB8ADBC5C7EB69C1AEFEEA4DEC6A1A90B5 ft=1 fh=e6c02fe7d3021daa vn="Win32/Wajam.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\is266438442\837911_stp\wajam_download.exe" sh=002548F3B9BFE8A86FB88938D3DCAA6ED95B08FE ft=1 fh=dd86d8dfd2141560 vn="Variante von Win32/DealPly.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\is266438442\837989_stp\bd.exe" sh=9F82BB5DC8D4EC6B8B2BB47CB6C329B8AF1C14CE ft=1 fh=c92ed1f3ca58c043 vn="Win32/InstallCore.AZ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\is266438442\838212_stp\uninstaller.exe" sh=16068B8977B4DC562AE782D91BC009472667E331 ft=1 fh=c3b5a87b7d152749 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\OCS\ocs_v71a.exe" sh=705761CE546199C3EF51F4BBDC30B49DB4D96A35 ft=1 fh=feecfd7c534a9d83 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\OCS\ocs_v71b.exe" sh=D4D640E4A04D91DEF41DAD844D1EC046FA1D5F3E ft=1 fh=f32a1de57c3d142e vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\TestIfExeExist\CT3311336\nativeMessaging\TBMessagingHost.exe" sh=BEA88C3FE74817B048951BD218E70D9DEAD617D9 ft=1 fh=c71c001198f425ea vn="Win32/InstalleRex.M evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\{29C70F5F-3576-404D-A2A6-7D54F2242DA9}\Custom.dll" sh=1785224868C76C58B355317BFAA911DCBF00BC05 ft=1 fh=ead4beb724780827 vn="Variante von Win32/AdWare.MultiPlug.P Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\{29C70F5F-3576-404D-A2A6-7D54F2242DA9}\Addons\browsecoupon_setup.exe" sh=2B7D5F8309C39B8B87FB4C8ABFB1AF898FD02BCB ft=1 fh=48c07f48735d7e78 vn="Variante von Win32/AdWare.MultiPlug.P Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\{29C70F5F-3576-404D-A2A6-7D54F2242DA9}\Addons\extIE_setup.exe" sh=32551C78C6463663416009F23A7C3AAD871D9336 ft=1 fh=214cac76f2989efc vn="Variante von Win32/AdWare.MultiPlug.P Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\{29C70F5F-3576-404D-A2A6-7D54F2242DA9}\Addons\ext_setup.exe" sh=E0F8A3449829FFFCB019006B27AB1B5107C97FB3 ft=1 fh=5afcc0a2e7933b4a vn="Variante von Win32/AdWare.MultiPlug.P Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\{29C70F5F-3576-404D-A2A6-7D54F2242DA9}\Addons\ytab_setup.exe" sh=908FF50DB1379D3165034AFC32146AAAFAB54EDC ft=1 fh=e33c4efe427f8092 vn="Variante von Win32/AdWare.MultiPlug.P Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\{29C70F5F-3576-404D-A2A6-7D54F2242DA9}\Addons\ytbmk_setup.exe" sh=CE07161EE6BA037A4911C32E7FF99D6D62167F51 ft=1 fh=d703e280c9387f8b vn="Variante von Win32/DealPly.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\AppData\Local\Temp\{382BA411-B7EE-439E-804C-63FCF6BEEFE6}\files\BonanzaDealsIE.dll" sh=64A7F2B16BA95902EE02075FBB923A1EF58E82D1 ft=1 fh=5b9d1938b39c32c3 vn="Variante von Win32/Packed.Themida evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Documents\sirius.20.13.rev.client.exe" sh=76E1BF3E192141F8524B155C50BB726831B86AF0 ft=1 fh=925b5b646a747b07 vn="Win32/InstallMonetizer.AL evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\autoexec.cfg.exe" sh=E0C5E31B4A4DAA88C64BB4CA1E304C4D70481F1F ft=1 fh=626d7421e12db363 vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\cbsidlm-cbsi145-MP_Navigator_EX_for_Windows-ORG_DE-10971618.exe" sh=6C0B1F09BF9BBA8D258A6BB3E7F8A6505DD44617 ft=1 fh=d8193133a2feecb4 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\CPU Z - CHIP-Downloader.exe" sh=94AEFB3A09616973257080C207CB212B54C0ADF7 ft=1 fh=f1fa8f4d169889e7 vn="Variante von Win32/AdWare.iBryte.K.gen Anwendung" ac=I fn="C:\Users\Arthur\Downloads\DayZ_Commander_Setup.exe" sh=2C758E5DA906E79DD9CF9689FA308CAB1642C9C5 ft=1 fh=c71c00115d480c4b vn="Variante von Win32/InstallCore.BY evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\ds3-tool.exe" sh=C0C6561206F043AFE64A9953B0FC8E9285B0A3CD ft=1 fh=e701b05a78b70ed8 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\f lux - CHIP-Downloader.exe" sh=9605937B14BBDBEEC491B115CFA08824AD54EEBB ft=1 fh=c71c0011eb0fa09f vn="Variante von Win32/Amonetize.AW evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\File0294 Downloader__3687_i912453925_il4139733.exe" sh=EF0A0E5CB87035C6B703F8E68DC70812B186402C ft=1 fh=3a0fab4bfcc86de4 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\JoyToKey - CHIP-Installer.exe" sh=B017681FCEB58717231AFFB3FB905AEF8691A6B8 ft=1 fh=e4973408196558cd vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\jZipSetup-r230-n-bc.exe" sh=C5BE4EC55607B792A93F6FAD0020F1AEA3033C51 ft=1 fh=a1255492bbe1996c vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\Origin EA Download Manager - CHIP-Downloader.exe" sh=32C469DB028BD040260369C4DBCD649458FC2129 ft=1 fh=7bd74554b8592681 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\Origin EA Download Manager - CHIP-Installer.exe" sh=4F713B3BE3B4519349D13C574385C03DC175D3A3 ft=1 fh=89134eac3619babb vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\PaintTool SAI - CHIP-Downloader.exe" sh=98092962B0D4BE667D94B8AD297572ED9642A417 ft=1 fh=d6453fa57406663c vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\SoftonicDownloader_for_visual-basic-runtime-files.exe" sh=F2616125A4F6C22FDBD8A2F2FCC2AB5079052FC7 ft=1 fh=4ce8b51de6db8130 vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\SoftonicDownloader_fuer_visual-basic-2010-express.exe" sh=E020E104173620E8E49E53ABE1043B5FA78F7673 ft=1 fh=52bf1d3aa8b3c052 vn="Win32/InstalleRex.M evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\Steins Gate - Believe Me.exe" sh=D0F1AB3129456C2AF9528F1648A12C936F715587 ft=1 fh=655956a4bca1e78e vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\The-Unfinished-Swan-lnstall.exe" ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=80e60c1daec9754d8faf53295d410eff # engine=19530 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2014-08-07 01:11:16 # local_time=2014-08-07 03:11:16 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='avast! Antivirus' # compatibility_mode=783 16777213 100 97 2514636 171794366 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 52169 159003726 0 0 # scanned=806369 # found=84 # cleaned=0 # scan_time=27066 sh=CEBD8625D6788BFB217B8CE6EB355A191C6BCA2D ft=0 fh=0000000000000000 vn="Win32/Trustezeb.F Trojaner" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1559702124-2180151018-3086550288-1000\$RCYFPO0.zip" sh=3E99AFB3D4FACF72C322737AAC6785C32954C7B7 ft=0 fh=0000000000000000 vn="Variante von Win32/HackTool.Crack.BQ potenziell unsichere Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1559702124-2180151018-3086550288-1000\$RACKET4\Binaries\rld-outlast_Crack.rar" sh=1B8EA6831A7E7EEC295C3E3A90B614A67BB67132 ft=0 fh=0000000000000000 vn="Variante von Win32/HackTool.Crack.BQ potenziell unsichere Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1559702124-2180151018-3086550288-1000\$RWK2WL2\rld-outlast.iso" sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir" sh=C7C0F42A23562AA6DCCD60326FD8CC2AA41B5448 ft=1 fh=c053642cee9f3def vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir" sh=125B1C393F2104CBA08183E495C0907BFF7EDA22 ft=1 fh=ea25908c8365106f vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir" sh=8E85792765D0E0BF52107CFF4A6620995DB19BB0 ft=1 fh=627da500ea2e265f vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterfacef32.dll.vir" sh=2FCA2173F2DD16DF8F1F990170FA4479FC5D5BFC ft=1 fh=c528dd1cda99a111 vn="Variante von Win32/ELEX.AR evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\RSHP.exe.vir" sh=6043D1ACD51FD373472020FBB748C405AAF22397 ft=1 fh=4c716dbbae6c21b9 vn="Win32/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir" sh=FF431CD8693F4045BD7BD87DBCE54B820F000FC0 ft=1 fh=16c2e1bd3fd6b7e2 vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir" sh=5836A5DF3860241F6B69F2292ABCE592A13689B6 ft=1 fh=a3db04555f559ea8 vn="Variante von Win32/Thinknice.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv32.dll.vir" sh=E97CBDBD7CFED2C58464C1ABF186520022DE5666 ft=1 fh=7a2ea5ecc33ad0e3 vn="Variante von Win64/Thinknice.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv64.dll.vir" sh=9DC13DB9C123270C2356ED410128E11D5ADF7C6E ft=1 fh=023ab782f0a9b07d vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir" sh=56659F7FF1F1FA7906A77228E315F65F38BCEF73 ft=1 fh=0ff759dfc352fd03 vn="Variante von Win32/ELEX.AD evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir" sh=926D9D657C7080EF11DC050F84192C66B6D586BD ft=1 fh=a969f747000403ce vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Conduit\Chrome\CT3311336\CHUninstaller.exe.vir" sh=1426B95F2619E462F812F6807C88694DF9FBECE7 ft=1 fh=a10496de67a69999 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\DownloadGuide\mconduitinstaller.exe.vir" sh=A8C9182D911F84D68DB74AC3DD3E40CCEAA37761 ft=1 fh=faa8286a77c9d18c vn="Win32/Packed.ScrambleWrapper.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\DownloadGuide\plus-hd-3-8.exe.vir" sh=D4D640E4A04D91DEF41DAD844D1EC046FA1D5F3E ft=1 fh=f32a1de57c3d142e vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\NativeMessaging\CT3311336\1_0_0_7\TBMessagingHost.exe.vir" sh=D1F56FA2825C6E2FD0BCB11C7B2258CF6EADCBFC ft=1 fh=0232bf4495528b99 vn="Variante von MSIL/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\BrowserHelper.exe.vir" sh=F907E547DEFDFCC3F3CBD18A49B0ABC0801136B3 ft=1 fh=63772d676c406bcf vn="Variante von Win32/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll.vir" sh=7C29FB5A386C0148E74423792451583EB910CAF2 ft=1 fh=cbe6358faad4011d vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir" sh=7C29FB5A386C0148E74423792451583EB910CAF2 ft=1 fh=cbe6358faad4011d vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir" sh=7EDB7FF3CFFDBACD584C9F2DDCA65DDC23D550D1 ft=1 fh=305e230fee1da144 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir" sh=7EDB7FF3CFFDBACD584C9F2DDCA65DDC23D550D1 ft=1 fh=305e230fee1da144 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir" sh=06BEB5B2B3E25165211B1D71E2E009D236CA7F0F ft=1 fh=f65f53b288275da6 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.vir" sh=8520F4C85F42290559528707B355FFEBC1E7645F ft=1 fh=d9e861a2ae4f8737 vn="Variante von Win32/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\SnapDo.exe.vir" sh=18AD36C1D432C815A0F65753EBC22ACB1E7AB647 ft=1 fh=19e31eca17c5ad29 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\sppsm.dll.vir" sh=D6AB4D246B7E1033A3D6DF9E14F67604D13ADAA9 ft=1 fh=bd6af278fad9ed0f vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\srbs.dll.vir" sh=C554B58F31093906A232C378692468C2BFFB6EBD ft=1 fh=7d826b3294de89e7 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\srprl.dll.vir" sh=BF18F60853A40C3A945D5F50DFCCFC7D679810C6 ft=1 fh=9fc2ddd0efacf51d vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir" sh=0740238F3E5675F082CF8D1023567198565F4A6C ft=1 fh=a86561aa07752019 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=BE6CAA4F0EA25EC03B5D15F1576AF3DD61576BC8 ft=1 fh=6455c5588e6cd5a6 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=AA8561C86E08D96C26DFEC7AC373542F8F19BDC7 ft=1 fh=bd085c34cc024fbd vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=54D9F2251197CED907AD14EC99177CB0EDCDAA06 ft=1 fh=5651b1d09d727752 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=72A0381DBF1D076049854FEA309250E330B6D4EF ft=1 fh=e1c67bb4e35d99f9 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=C7E054C7BA58AE2D703DB29C52346A3ED84FEF57 ft=1 fh=53532950b9749a4f vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_20.dll.vir" sh=C546BA3CA78F93EB65DCCEA191BC40B9F940E2EA ft=1 fh=6fd80785d353cf5d vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_21.dll.vir" sh=7C15DA5A80F24F0383C992CFB03CF68E95A464B1 ft=1 fh=be427aaf403ae2ff vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_22.dll.vir" sh=95544372D9D68E8AFAE5E9DA8B07C14CE5406ABB ft=1 fh=dd489ec711c15129 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_23.dll.vir" sh=BA8871127FB23B24A8963B6A5992DED58259E590 ft=1 fh=65df87dcc97c6ea8 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_24.dll.vir" sh=C88DAF3FB5D3FEC090233FF251F7F0CFC73EF4CD ft=1 fh=b74c7f4df627386b vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_25.dll.vir" sh=4B9D59EFA89F628628CE74083961743D56E460C7 ft=1 fh=8e9074b2b2075a48 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_26.dll.vir" sh=3C586EBE6226CA74FBBDCE835DA7200658114064 ft=1 fh=21f65be5e0c03b13 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=A808812E64B1DE3502DCE72C8B0D3CD787C33E38 ft=1 fh=8e0368cbb880afe3 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=BFB6488C699C5C2AC711A63AE5D8A304520E1E27 ft=1 fh=4dfaa51bc945ce0d vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=111BB23FCD955AF8DA6B84E295258468A578895D ft=1 fh=ad18e64cdff241d3 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=B7E7F9A69EC3BBEE3E1FE49EC0D2D7CF54B6CCF8 ft=1 fh=bafc8994486e68f3 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=6720B7E04065E17233DDBFDE54E9FDF29B41D46E ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Temp\NativeMessaging\CT3311336.crx.vir" sh=D4D640E4A04D91DEF41DAD844D1EC046FA1D5F3E ft=1 fh=f32a1de57c3d142e vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Temp\NativeMessaging\CT3311336\nativeMessaging\TBMessagingHost.exe.vir" sh=FED7CAA2E24771B66065C8D30131FC8037B6BD2A ft=1 fh=b41296876ed186e5 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Temp\OCS\ocs_v71b.exe.vir" sh=848C686280EAA04B172FCCFFBD312132A0C46172 ft=1 fh=7764b0effb0b9556 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Local\Temp\OCS\ocs_v7f.exe.vir" sh=374CA69E67A1ABC42A8D39CAD7337F3BD3351926 ft=1 fh=feae0fe2f16b04d3 vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Roaming\OpenCandy\6C08C844F391400DB3FFB315DD67C777\dlm.exe.vir" sh=C790F2451C02BFC0D53E40DBC3335079D8B175CF ft=1 fh=0b6d186e686ed0e2 vn="Variante von Win32/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Roaming\OpenCandy\6C08C844F391400DB3FFB315DD67C777\Installer.exe.vir" sh=A8B409544BB3876BF1F8D75B12EB8B624300AA05 ft=1 fh=4fe979dec6cc4938 vn="Variante von Win32/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arthur\AppData\Roaming\OpenCandy\6C08C844F391400DB3FFB315DD67C777\SnapDo_RBCB_p4v7.exe.vir" sh=6720B7E04065E17233DDBFDE54E9FDF29B41D46E ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\Arthur\AppData\Local\CRE\jopemfhojpebdeollanchfjhpbkcijoi.crx.xBAD" sh=DB05A8DF8D7F88C675BB3DC7CE3E3E11B1AD70F5 ft=1 fh=b2a611f984e48149 vn="Variante von Win32/HackTool.Patcher.AD potenziell unsichere Anwendung" ac=I fn="C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\adobe.photoshop.cs6-patch.exe" sh=DB05A8DF8D7F88C675BB3DC7CE3E3E11B1AD70F5 ft=1 fh=b2a611f984e48149 vn="Variante von Win32/HackTool.Patcher.AD potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\adobe.photoshop.cs6-patch.exe" sh=724EB6A527AF3BB9C8E1F7DF76F8D25D0AC65C87 ft=1 fh=2d28668520f8d7e0 vn="Variante von Win32/HackTool.Crack.BL potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Dark Souls 2\Game\steam_api.dll" sh=83D2ECD232CCB255B99FD4AB258A8E4813AEB6A3 ft=1 fh=127cd30e5f7b1da2 vn="Variante von Win32/Packed.Themida evtl. unerwünschte Anwendung" ac=I fn="C:\Sirius MT2\metin2client_Sirius.MT21.bin" sh=864677F46B5D9F3A49AFBA520BE2C98118676E07 ft=1 fh=ede4ca474f3fe045 vn="Variante von Win32/Packed.Themida evtl. unerwünschte Anwendung" ac=I fn="C:\Sirius MT2\neuer_patcher" sh=DB05A8DF8D7F88C675BB3DC7CE3E3E11B1AD70F5 ft=1 fh=b2a611f984e48149 vn="Variante von Win32/HackTool.Patcher.AD potenziell unsichere Anwendung" ac=I fn="C:\Users\Arthur\Desktop\Neuer Ordner\Ordner\PS\Adobe.Photos.CS6.v13.0.Ex.LS4.Multi\Crack\adobe.photoshop.cs6-patch.exe" sh=BA98D867519CF01BDA64E9BEED9D03F290B6AF32 ft=0 fh=0000000000000000 vn="Variante von Win32/HackTool.Patcher.AD potenziell unsichere Anwendung" ac=I fn="C:\Users\Arthur\Desktop\Neuer Ordner\Ordner\PS\Adobe.Photos.CS6.v13.0.Ex.LS4.Multi\Crack\adobe.photoshop.cs6-patch.rar" sh=0D539BFC4A1B059CEE31AB52B499825BEBE3D745 ft=0 fh=0000000000000000 vn="Variante von Win32/HackTool.Patcher.AD potenziell unsichere Anwendung" ac=I fn="C:\Users\Arthur\Downloads\Adobe.Photos.CS6.v13.0.Ex.LS4.Multi.rar" sh=46636E34FBB5071DB64BFC3FD81326CF2B9E69C1 ft=1 fh=bd4aa95bd3c95b67 vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\Cabal-2-lnstall.exe" sh=E0C5E31B4A4DAA88C64BB4CA1E304C4D70481F1F ft=1 fh=626d7421e12db363 vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\cbsidlm-cbsi145-MP_Navigator_EX_for_Windows-ORG_DE-10971618.exe" sh=D12F2B7B95F3EB52E57E5E034F4315F4716670FF ft=1 fh=fa0e3acfd523f7f9 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Arthur\Downloads\ccsetup415.exe" sh=6C0B1F09BF9BBA8D258A6BB3E7F8A6505DD44617 ft=1 fh=d8193133a2feecb4 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\CPU Z - CHIP-Downloader.exe" sh=31E7953D4BA63DC227E2355BF3131810A0125401 ft=0 fh=0000000000000000 vn="Variante von Win32/HackTool.Crack.BL potenziell unsichere Anwendung" ac=I fn="C:\Users\Arthur\Downloads\Da2rkSou2lsIIUpd1.02-elamigos.rar" sh=C0C6561206F043AFE64A9953B0FC8E9285B0A3CD ft=1 fh=e701b05a78b70ed8 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\f lux - CHIP-Downloader.exe" sh=9C2A3603F9019902AD86B67203EF7F8060103C0D ft=1 fh=05c56e24388febc9 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\Glary Utilities - CHIP-Installer.exe" sh=EF0A0E5CB87035C6B703F8E68DC70812B186402C ft=1 fh=3a0fab4bfcc86de4 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\JoyToKey - CHIP-Installer.exe" sh=377EE62E929C6B884FD4462EDA9A3BD6C3FBC846 ft=1 fh=9bba980f3c722b73 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\MSI Afterburner - CHIP-Installer.exe" sh=411015F7AA4708715B96030A0952848CE63C2CD3 ft=1 fh=ab88adf44d910d9c vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\OpenOffice - CHIP-Installer.exe" sh=C5BE4EC55607B792A93F6FAD0020F1AEA3033C51 ft=1 fh=a1255492bbe1996c vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\Origin EA Download Manager - CHIP-Downloader.exe" sh=32C469DB028BD040260369C4DBCD649458FC2129 ft=1 fh=7bd74554b8592681 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\Origin EA Download Manager - CHIP-Installer.exe" sh=8193728637D16FEDD8E5809E6A5F177DEAE87145 ft=1 fh=8b9917ca3e69a6ac vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Arthur\Downloads\SweetHome3D-4.3-windows-oc.exe" sh=D0F1AB3129456C2AF9528F1648A12C936F715587 ft=1 fh=655956a4bca1e78e vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arthur\Downloads\The-Unfinished-Swan-lnstall.exe" sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von Win32/HackTool.Crack.BL potenziell unsichere Anwendung" ac=I fn="C:\Users\Arthur\Downloads\Dark Souls II\Dark Souls II.iso" sh=22A467225575691F51F0DEB95AB65C79865716D3 ft=0 fh=0000000000000000 vn="Variante von Win32/Keygen.HA potenziell unsichere Anwendung" ac=I fn="C:\Users\Arthur\Downloads\Manga Studio EX\Crack\xf-sms502ex.7z" sh=22A467225575691F51F0DEB95AB65C79865716D3 ft=0 fh=0000000000000000 vn="Variante von Win32/Keygen.HA potenziell unsichere Anwendung" ac=I fn="C:\Users\Arthur\Downloads\Manga.Studio.Ex.V5.0.3\Crack\xf-sms50ex.7z" sh=3E99AFB3D4FACF72C322737AAC6785C32954C7B7 ft=0 fh=0000000000000000 vn="Variante von Win32/HackTool.Crack.BQ potenziell unsichere Anwendung" ac=I fn="E:\Spiele\rld-outlast_Crack.rar" sh=1B8EA6831A7E7EEC295C3E3A90B614A67BB67132 ft=0 fh=0000000000000000 vn="Variante von Win32/HackTool.Crack.BQ potenziell unsichere Anwendung" ac=I fn="E:\Spiele\Outlast-RELOADED\rld-outlast.iso" sh=CDBC988DDFBC29151F1BF926055B7FC819DB54B9 ft=1 fh=39f4b1d84fa2e3ab vn="Variante von Win32/HackTool.Crack.BQ potenziell unsichere Anwendung" ac=I fn="E:\Spiele\Outlast-RELOADED\Crack\Binaries\Win32\steam_api.dll" sh=2C758E5DA906E79DD9CF9689FA308CAB1642C9C5 ft=1 fh=c71c00115d480c4b vn="Variante von Win32/InstallCore.BY evtl. unerwünschte Anwendung" ac=I fn="E:\DS3 Kontrolla\ds3-tool.exe" Code:
ATTFilter Results of screen317's Security Check version 0.99.86 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 10 Out of date! ``````````````Antivirus/Firewall Check:`````````````` avast! Antivirus Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 55 Java version out of Date! Adobe Flash Player 14.0.0.145 Adobe Reader XI Mozilla Firefox (30.0) Google Chrome 35.0.1916.153 Google Chrome 36.0.1985.125 ````````Process Check: objlist.exe by Laurent```````` AVAST Software Avast AvastSvc.exe AVAST Software Avast avastui.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` |
07.08.2014, 16:19 | #14 |
| Fake E-Mail mit anhang erhalten. Dummerweise (.zip) datei heruntergeladen aber nicht geöffnet. FRST FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-08-2014 Ran by Arthur (administrator) on ARTHUR-PC on 07-08-2014 03:29:15 Running from C:\Users\Arthur\Desktop Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe () C:\Program Files (x86)\puush\puush.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Portrait Displays, Inc) C:\Program Files (x86)\BenQ\Display Pilot\dthtml.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelper.exe () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe (ppy) C:\Program Files (x86)\osu!\osu!.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Users\Arthur\Desktop\SecurityCheck.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7512680 2011-10-25] (Realtek Semiconductor) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-05-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-07-04] (AVAST Software) HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [112424 2013-06-18] () HKLM-x32\...\Run: [DT BEN] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [122384 2013-11-12] (Portrait Displays, Inc.) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.) HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-09-23] (Microsoft Corporation) HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect" HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1743552 2014-08-04] (Valve Corporation) HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2014-01-17] (Sandboxie Holdings, LLC) HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-04-19] () HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\Run: [GoogleChromeAutoLaunch_F60E728FC0755B5DBDB7EA812CDE9796] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.) HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\MountPoints2: E - E:\XeonKing.exe HKU\S-1-5-21-1559702124-2180151018-3086550288-1000\...\MountPoints2: H - H:\setup.exe HKU\S-1-5-21-1559702124-2180151018-3086550288-1465\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) BootExecute: autocheck autochk * sh4native Sh4Removal ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x52BD7912E8B5CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{268E32A1-D16F-410C-A561-2276A5C9AFA5}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 FireFox: ======== FF ProfilePath: C:\Users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\l246q0wt.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Arthur\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: MEGA - C:\Users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\l246q0wt.default\Extensions\firefox@mega.co.nz.xpi [2014-07-23] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-22] Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR Extension: (Turn Off the Lights) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2014-05-17] CHR Extension: (WOT) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-05-24] CHR Extension: (James White) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2014-05-18] CHR Extension: (Adblock Plus) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-17] CHR Extension: (Turn Off the Lights) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\labjanboighjienkhiabgpefblkbmemd [2014-05-17] CHR Extension: (Google Wallet) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-20] CHR Extension: (Hover Zoom) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2014-07-04] CHR Extension: (Auto Refresh Plus) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilipfekkmncanaajkapbpancpelijih [2014-06-06] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-05-04] (Advanced Micro Devices, Inc.) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-25] (AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-10-03] () [File not signed] R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138768 2013-11-12] (Portrait Displays, Inc.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4868640 2013-08-25] (INCA Internet Co., Ltd.) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-05] () R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [635160 2014-04-22] (Wacom Technology, Corp.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55936 2011-11-13] (Advanced Micro Devices) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-25] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-25] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-25] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-25] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-25] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-25] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-25] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-25] () R3 hamachi; C:\Windows\System32\DRIVERS\Hamdrv.sys [46136 2013-07-03] (LogMeIn Inc.) R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC) S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\EasyBoost\GPCIDrv64.sys [X] S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X] S3 TVICHW32; \??\C:\Program Files (x86)\GIGABYTE\EasyBoost\TVicHW64.sys [X] S3 USBMULCD; system32\drivers\CM10664.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-07 03:15 - 2014-08-07 03:15 - 00854410 _____ () C:\Users\Arthur\Downloads\SecurityCheck.exe 2014-08-07 03:15 - 2014-08-07 03:15 - 00854410 _____ () C:\Users\Arthur\Desktop\SecurityCheck.exe 2014-08-06 19:37 - 2014-08-06 19:37 - 02347384 _____ (ESET) C:\Users\Arthur\Downloads\esetsmartinstaller_deu (1).exe 2014-08-06 19:37 - 2014-08-06 19:37 - 02347384 _____ (ESET) C:\Users\Arthur\Desktop\esetsmartinstaller_deu (1).exe 2014-08-06 12:50 - 2014-08-06 12:50 - 00049041 _____ () C:\Users\Arthur\Desktop\Addition.txt 2014-08-06 12:48 - 2014-08-07 03:29 - 00019553 _____ () C:\Users\Arthur\Desktop\FRST.txt 2014-08-06 12:46 - 2014-08-06 12:46 - 00005089 _____ () C:\Users\Arthur\Desktop\MBAM Suchverlauf.txt 2014-08-06 12:37 - 2014-08-06 12:37 - 09807534 _____ () C:\Users\Arthur\Downloads\Feyris+Nyan+Mix.rar 2014-08-06 12:22 - 2014-08-06 12:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-06 12:22 - 2014-08-06 12:22 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-08-06 12:22 - 2014-08-06 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-06 12:22 - 2014-08-06 12:22 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-06 12:22 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-08-06 12:22 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-08-06 12:22 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-08-06 12:19 - 2014-08-06 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2014-08-06 12:16 - 2014-08-06 19:31 - 00008868 _____ () C:\Windows\PFRO.log 2014-08-06 12:11 - 2014-08-06 12:11 - 01361309 _____ () C:\Users\Arthur\Downloads\adwcleaner_3.302.exe 2014-08-06 12:11 - 2014-08-06 12:11 - 01361309 _____ () C:\Users\Arthur\Desktop\adwcleaner_3.302.exe 2014-08-06 12:09 - 2014-08-06 12:40 - 00000091 _____ () C:\Users\Arthur\Desktop\youtube.txt 2014-08-06 10:36 - 2014-08-06 10:37 - 00049870 _____ () C:\Users\Arthur\Downloads\Addition.txt 2014-08-06 10:34 - 2014-08-07 03:29 - 00000000 ____D () C:\FRST 2014-08-06 10:34 - 2014-08-06 10:37 - 00057540 _____ () C:\Users\Arthur\Downloads\FRST.txt 2014-08-06 10:34 - 2014-08-06 10:34 - 02094080 _____ (Farbar) C:\Users\Arthur\Desktop\FRST64.exe 2014-08-06 10:15 - 2014-08-06 10:17 - 00011862 _____ () C:\Users\Arthur\Desktop\hijackthis.log 2014-08-06 09:27 - 2014-08-06 09:27 - 00000195 _____ () C:\Users\Arthur\Desktop\redditpost.txt 2014-08-05 11:55 - 2014-08-05 11:55 - 00019164 _____ () C:\Users\Arthur\AppData\Local\recently-used.xbel 2014-08-05 03:56 - 2014-08-05 03:56 - 12875367 _____ () C:\Users\Arthur\Downloads\Escalon+v6 (1).rar 2014-08-05 03:41 - 2014-08-05 12:00 - 00000618 _____ () C:\Users\Arthur\Desktop\[box image dinger].txt 2014-08-05 03:33 - 2014-08-05 03:33 - 12067624 _____ () C:\Users\Arthur\Downloads\bestest+evar.rar 2014-08-04 18:31 - 2014-08-04 18:31 - 12875367 _____ () C:\Users\Arthur\Downloads\Escalon+v6.rar 2014-08-04 07:38 - 2014-08-04 07:39 - 208775365 _____ () C:\Users\Arthur\Downloads\Approved #5.rar 2014-08-04 07:36 - 2014-08-04 07:38 - 199019790 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #322.rar 2014-08-04 07:35 - 2014-08-04 07:38 - 205572784 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #321.rar 2014-08-02 07:47 - 2014-08-02 07:47 - 23301624 _____ (ArenaNet) C:\Users\Arthur\Downloads\Gw2Setup.exe 2014-08-02 03:40 - 2014-08-02 03:40 - 01010652 _____ () C:\Users\Arthur\Downloads\Clonk-Clonk.rar 2014-08-02 03:16 - 2014-08-02 03:16 - 01726708 _____ () C:\Users\Arthur\Downloads\Red+as+fuck.osk 2014-08-02 02:11 - 2014-08-02 02:11 - 00001399 _____ () C:\Users\Arthur\Desktop\osuTrainer - Verknüpfung.lnk 2014-08-02 00:55 - 2014-08-02 00:55 - 31604446 _____ () C:\Users\Arthur\Downloads\Nara+4.7.zip 2014-08-02 00:55 - 2014-08-02 00:55 - 07135462 _____ () C:\Users\Arthur\Downloads\default.zip 2014-08-01 23:34 - 2014-08-01 23:34 - 00000000 ____D () C:\Users\Arthur\AppData\Local\osuTrainer 2014-08-01 23:33 - 2014-08-02 02:11 - 00000000 ____D () C:\Program Files (x86)\Osu!trainer 2014-08-01 23:32 - 2014-08-01 23:32 - 01277651 _____ () C:\Users\Arthur\Downloads\osuTrainer.zip 2014-07-31 23:48 - 2014-07-31 23:48 - 07694565 _____ () C:\Users\Arthur\Downloads\39043 Nicki Minaj - Super Bass.osz 2014-07-31 06:11 - 2014-07-31 06:11 - 04065865 _____ () C:\Users\Arthur\Downloads\28751 07th Expansion - rog-unlimitation.osz 2014-07-28 23:18 - 2014-07-28 23:18 - 00000219 _____ () C:\Users\Arthur\Desktop\Counter-Strike Global Offensive.url 2014-07-27 20:02 - 2014-07-27 20:03 - 00000000 ____D () C:\Users\Arthur\Documents\BFBC2 2014-07-27 20:01 - 2014-07-27 20:01 - 02434856 _____ () C:\Windows\SysWOW64\pbsvc_bc2.exe 2014-07-27 20:00 - 2014-07-27 20:00 - 00018511 _____ () C:\Windows\DirectX.log 2014-07-27 07:58 - 2014-07-27 07:59 - 27377569 _____ () C:\Users\Arthur\Downloads\Syrasu2.rar 2014-07-26 23:39 - 2014-07-26 23:39 - 02239108 _____ () C:\Users\Arthur\Downloads\osuStreamSpeed.jar 2014-07-26 17:31 - 2014-07-26 17:32 - 87502847 _____ () C:\Users\Arthur\Downloads\WWWskin (2).rar 2014-07-26 17:31 - 2014-07-26 17:32 - 113746536 _____ () C:\Users\Arthur\Downloads\WWWskin (1).rar 2014-07-26 16:28 - 2014-07-26 16:28 - 87502847 _____ () C:\Users\Arthur\Downloads\WWWskin.rar 2014-07-25 23:02 - 2014-07-25 23:02 - 09791148 _____ () C:\Users\Arthur\Downloads\Skins.rar 2014-07-25 23:02 - 2014-07-25 23:02 - 07241953 _____ () C:\Users\Arthur\Downloads\cptnxn2.rar 2014-07-25 19:57 - 2014-07-25 19:57 - 00024919 _____ () C:\Users\Arthur\Downloads\Scorebar.rar 2014-07-25 01:19 - 2014-07-25 01:31 - 2228035460 _____ () C:\Users\Arthur\Downloads\DLC.rar 2014-07-25 00:36 - 2014-07-25 00:36 - 00002899 _____ () C:\Users\Arthur\Desktop\iw4m - Verknüpfung.lnk 2014-07-25 00:29 - 2014-07-25 00:30 - 1506894037 _____ () C:\Users\Arthur\Downloads\MW2 English Patch.zip 2014-07-25 00:25 - 2014-07-25 00:25 - 00221087 _____ () C:\Users\Arthur\Downloads\Default Style Client UpdaterV3.rar 2014-07-25 00:24 - 2014-07-25 01:43 - 00000000 ____D () C:\Users\Arthur\Documents\RepZIW4M 2014-07-24 15:38 - 2014-07-24 15:38 - 00000000 ____D () C:\ProgramData\Last.fm 2014-07-24 15:38 - 2014-07-24 15:38 - 00000000 ____D () C:\Program Files (x86)\Winamp 2014-07-24 15:32 - 2014-07-24 15:32 - 00000985 _____ () C:\Users\Public\Desktop\Last.fm Scrobbler.lnk 2014-07-24 15:32 - 2014-07-24 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm 2014-07-24 15:31 - 2014-08-06 07:57 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Last.fm 2014-07-24 15:31 - 2014-07-24 15:32 - 00000000 ____D () C:\Program Files (x86)\Last.fm 2014-07-24 15:31 - 2014-07-24 15:31 - 14916216 _____ (Last.fm ) C:\Users\Arthur\Downloads\Last.fm-2.1.36.exe 2014-07-24 15:29 - 2014-07-24 15:29 - 00000125 _____ () C:\Users\Arthur\Downloads\playlist.pls 2014-07-24 15:25 - 2014-07-24 15:25 - 00000200 _____ () C:\Users\Arthur\Downloads\listen (1).pls 2014-07-24 15:21 - 2014-07-24 15:21 - 00214688 _____ () C:\Users\Arthur\Downloads\metro_skin_for_aimp3_by_ikorolkov-d4qqujr.rar 2014-07-24 15:05 - 2014-08-06 08:03 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\AIMP3 2014-07-24 15:05 - 2014-07-24 15:05 - 00000909 _____ () C:\Users\Public\Desktop\AIMP3.lnk 2014-07-24 15:05 - 2014-07-24 15:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3 2014-07-24 15:05 - 2014-07-24 15:05 - 00000000 ____D () C:\Program Files (x86)\AIMP3 2014-07-24 15:03 - 2014-07-24 15:03 - 07771936 _____ (AIMP DevTeam) C:\Users\Arthur\Downloads\aimp_3.55.1355.exe 2014-07-24 03:03 - 2014-07-25 02:28 - 00003030 _____ () C:\Windows\System32\Tasks\RTSS 2014-07-24 02:57 - 2014-08-06 12:17 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server 2014-07-24 02:57 - 2014-07-24 02:57 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server 2014-07-24 02:56 - 2014-07-25 02:28 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner 2014-07-24 02:56 - 2014-07-24 02:56 - 00001090 _____ () C:\Users\Arthur\Desktop\MSI Afterburner.lnk 2014-07-24 02:56 - 2014-07-24 02:56 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner 2014-07-24 02:55 - 2014-07-24 02:55 - 29239096 _____ () C:\Users\Arthur\Downloads\MSIAfterburnerSetup301.zip 2014-07-24 02:53 - 2014-07-24 02:53 - 00826192 _____ (Chip Digital GmbH) C:\Users\Arthur\Downloads\MSI Afterburner - CHIP-Installer.exe 2014-07-23 22:04 - 2014-07-23 22:04 - 00002966 _____ () C:\Users\Arthur\Desktop\BlackOpsMP.lnk 2014-07-23 22:04 - 2014-07-23 22:04 - 00002936 _____ () C:\Users\Arthur\Desktop\BlackOps.lnk 2014-07-23 22:04 - 2014-07-23 22:04 - 00002909 _____ () C:\Users\Arthur\Desktop\repzOps.lnk 2014-07-23 22:03 - 2014-07-23 22:03 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Macromedia 2014-07-23 21:59 - 2014-07-23 21:59 - 00000000 __RHD () C:\Users\Arthur\AppData\Roaming\SecuROM 2014-07-23 21:59 - 2014-07-23 21:59 - 00000000 ____D () C:\Users\Public\Documents\EA Games 2014-07-23 21:08 - 2014-07-23 21:08 - 17089296 _____ (Electronic Arts, Inc.) C:\Users\Arthur\Downloads\OriginThinSetup.exe 2014-07-23 19:10 - 2014-07-23 19:10 - 00001943 _____ () C:\Users\Public\Desktop\Display Pilot.lnk 2014-07-23 19:10 - 2014-07-23 19:10 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\DisplayTune 2014-07-23 19:10 - 2014-07-23 19:10 - 00000000 ____D () C:\Users\Arthur\AppData\Local\DisplayTune 2014-07-23 19:10 - 2014-07-23 19:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BenQ 2014-07-23 19:09 - 2014-07-23 19:09 - 00000000 ____D () C:\Program Files (x86)\Portrait Displays 2014-07-23 19:09 - 2011-02-19 23:03 - 00421200 _____ (Microsoft Corporation) C:\Windows\msvcp100.dll 2014-07-23 19:09 - 2011-02-19 00:40 - 00773968 _____ (Microsoft Corporation) C:\Windows\msvcr100.dll 2014-07-23 19:09 - 2009-07-12 00:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\mfcm80.dll 2014-07-23 19:09 - 2009-07-12 00:55 - 00632656 _____ (Microsoft Corporation) C:\Windows\msvcr80.dll 2014-07-23 19:09 - 2009-07-12 00:55 - 00554832 _____ (Microsoft Corporation) C:\Windows\msvcp80.dll 2014-07-23 19:09 - 2009-07-12 00:55 - 00479232 _____ (Microsoft Corporation) C:\Windows\msvcm80.dll 2014-07-23 19:09 - 2009-07-12 00:55 - 00057856 _____ (Microsoft Corporation) C:\Windows\mfcm80u.dll 2014-07-23 19:09 - 2009-07-11 19:46 - 01105920 _____ (Microsoft Corporation) C:\Windows\mfc80.dll 2014-07-23 19:09 - 2009-07-11 19:46 - 01093120 _____ (Microsoft Corporation) C:\Windows\mfc80u.dll 2014-07-23 19:09 - 2009-07-11 19:46 - 00002372 _____ () C:\Windows\Microsoft.VC80.MFC.manifest 2014-07-23 19:09 - 2009-07-11 18:10 - 00097280 _____ (Microsoft Corporation) C:\Windows\atl80.dll 2014-07-23 19:09 - 2009-07-11 18:10 - 00001870 _____ () C:\Windows\Microsoft.VC80.CRT.manifest 2014-07-23 19:09 - 2009-07-11 18:10 - 00000466 _____ () C:\Windows\Microsoft.VC80.ATL.manifest 2014-07-23 19:09 - 2007-04-04 10:30 - 00007432 _____ () C:\Windows\SysWOW64\Machnm32.sys 2014-07-23 19:09 - 2004-08-04 00:56 - 01392671 _____ (Microsoft Corporation) C:\Windows\msvbvm60.dll 2014-07-23 19:09 - 2002-01-05 04:48 - 00974848 _____ (Microsoft Corporation) C:\Windows\mfc70.dll 2014-07-23 19:09 - 2002-01-05 03:40 - 00487424 _____ (Microsoft Corporation) C:\Windows\msvcp70.dll 2014-07-23 19:09 - 2002-01-05 03:37 - 00344064 _____ (Microsoft Corporation) C:\Windows\msvcr70.dll 2014-07-23 19:09 - 2001-06-01 08:26 - 00372736 _____ (Intel Corporation) C:\Windows\ijl15.dll 2014-07-23 19:08 - 2014-07-23 19:08 - 00000000 ____D () C:\Program Files (x86)\BenQ 2014-07-23 19:07 - 2014-07-23 19:07 - 27745611 _____ () C:\Users\Arthur\Downloads\benq_display_pilot-setup.rar 2014-07-23 19:02 - 2014-08-06 19:31 - 00000168 _____ () C:\Windows\setupact.log 2014-07-23 19:02 - 2014-07-23 19:02 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-23 07:19 - 2014-07-23 22:04 - 00000000 ____D () C:\Users\Arthur\Documents\RepZOps 2014-07-23 03:39 - 2014-07-23 03:39 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-07-23 03:39 - 2014-07-23 03:39 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-07-23 03:39 - 2014-07-23 03:39 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Mozilla 2014-07-23 03:39 - 2014-07-23 03:39 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Mozilla 2014-07-23 03:39 - 2014-07-23 03:39 - 00000000 ____D () C:\ProgramData\Mozilla 2014-07-23 03:36 - 2014-07-23 03:36 - 30063128 _____ (Mozilla) C:\Users\Arthur\Downloads\Firefox Setup 30.0_de.exe 2014-07-22 22:42 - 2014-07-22 23:10 - 00000000 ____D () C:\Users\Arthur\Desktop\Gimp 2014-07-22 22:39 - 2014-07-22 22:39 - 00000000 ____D () C:\Users\Arthur\AppData\Local\webkit 2014-07-22 16:53 - 2014-07-22 16:53 - 00000000 ____D () C:\Users\Arthur\Desktop\Beta 2ns sugoi ! 1 2014-07-22 16:52 - 2014-07-22 16:53 - 00000000 ____D () C:\Users\Arthur\Desktop\Schlagsounds AKA Tischtennismatch 2014-07-21 19:49 - 2014-08-06 12:19 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk 2014-07-15 20:56 - 2014-07-15 20:56 - 00019682 _____ () C:\Users\Arthur\Downloads\OsuLastFm.zip 2014-07-15 17:50 - 2014-07-15 17:52 - 137078872 _____ () C:\Users\Arthur\Downloads\(pro) Players Skin Compendium (Part 1).rar 2014-07-15 07:36 - 2014-07-15 07:36 - 06345434 _____ () C:\Users\Arthur\Downloads\cookie-.rar 2014-07-14 03:55 - 2014-07-14 03:55 - 17013628 _____ () C:\Users\Arthur\Downloads\chocolat+vanilla.rar 2014-07-14 01:16 - 2014-07-14 01:16 - 04562655 _____ () C:\Users\Arthur\Downloads\Hitlerrede.webm 2014-07-14 01:12 - 2014-07-14 01:13 - 207874831 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #361.rar 2014-07-13 17:48 - 2014-07-13 17:48 - 07275566 _____ () C:\Users\Arthur\Downloads\Andrea.rar 2014-07-13 17:12 - 2014-07-13 17:13 - 216063371 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #362.rar 2014-07-13 17:12 - 2014-07-13 17:13 - 210028588 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #363.rar 2014-07-13 01:46 - 2014-07-13 01:47 - 01080480 _____ (Unity Technologies ApS) C:\Users\Arthur\Downloads\UnityWebPlayer (1).exe 2014-07-13 00:19 - 2014-07-13 00:19 - 20495624 _____ () C:\Users\Arthur\Downloads\FunOrange 4.15.2014.rar 2014-07-13 00:12 - 2014-07-13 00:12 - 07868105 _____ () C:\Users\Arthur\Downloads\FunOrange8.4 (1).rar 2014-07-12 22:40 - 2014-07-12 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sirius MT2 2014-07-12 22:17 - 2014-07-12 22:17 - 00003180 _____ () C:\Windows\System32\Tasks\{87793036-60BC-4D33-BC8C-69C6E3256169} 2014-07-12 21:57 - 2014-07-12 21:57 - 00836112 _____ (SiriusMT2) C:\Users\Arthur\Downloads\sirius.20.13.rev.installer (1).exe 2014-07-11 20:28 - 2014-07-11 20:28 - 00034332 _____ () C:\Users\Arthur\Downloads\High Precision Cursor by FynnFTW - More Colors.rar 2014-07-11 20:27 - 2014-07-11 20:27 - 07868105 _____ () C:\Users\Arthur\Downloads\FunOrange8.4.rar 2014-07-11 17:33 - 2014-07-11 17:33 - 00000000 ____D () C:\Users\Public\Documents\sun 2014-07-11 17:31 - 2014-07-11 17:31 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0 2014-07-11 17:24 - 2014-07-11 17:24 - 00961360 _____ (Chip Digital GmbH) C:\Users\Arthur\Downloads\OpenOffice - CHIP-Installer.exe 2014-07-10 06:53 - 2014-07-10 06:53 - 00001214 _____ () C:\Users\UpdatusUser\Desktop\AK Cabal Launcher.lnk 2014-07-10 06:52 - 2014-07-10 06:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arena Knights Cabal Episode 10 2014-07-10 06:36 - 2014-07-14 06:38 - 00000000 ____D () C:\Program Files (x86)\Arena Knights Cabal Episode 10 2014-07-10 06:35 - 2014-07-10 06:36 - 1717330663 _____ (Arena Knights ) C:\Users\Arthur\Downloads\AKCabalEp10.exe 2014-07-10 06:32 - 2014-07-10 06:32 - 01915058 _____ () C:\Users\Arthur\Downloads\TGCabalEP8.torrent 2014-07-09 01:22 - 2014-07-09 01:29 - 00000000 ____D () C:\Users\Arthur\AppData\Local\2K Games 2014-07-09 00:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-07-09 00:35 - 2014-07-09 00:35 - 01346519 _____ () C:\Users\Arthur\Downloads\adwcleaner_3.214.exe 2014-07-09 00:31 - 2014-07-09 00:31 - 00000000 ____D () C:\Users\Arthur\Downloads\Cabal-2 2014-07-09 00:31 - 2014-07-09 00:31 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Temp842aac0f581a708d0ea973e67a58ad18_ 2014-07-09 00:30 - 2014-07-09 00:30 - 01063312 _____ () C:\Users\Arthur\Downloads\Cabal-2-lnstall.exe 2014-07-08 20:19 - 2014-07-08 20:19 - 23673366 _____ () C:\Users\Arthur\Downloads\91214 Lucky Star no Minna - Kumikyoku 'Lucky Star Douga'.osz 2014-07-08 03:06 - 2014-07-08 03:07 - 1137512686 _____ () C:\Users\Arthur\Downloads\wom2_installer_20140512.exe 2014-07-08 02:21 - 2014-07-08 02:58 - 00000000 ____D () C:\Users\Arthur\Documents\dragoon ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-07 03:29 - 2014-08-06 12:48 - 00019553 _____ () C:\Users\Arthur\Desktop\FRST.txt 2014-08-07 03:29 - 2014-08-06 10:34 - 00000000 ____D () C:\FRST 2014-08-07 03:15 - 2014-08-07 03:15 - 00854410 _____ () C:\Users\Arthur\Downloads\SecurityCheck.exe 2014-08-07 03:15 - 2014-08-07 03:15 - 00854410 _____ () C:\Users\Arthur\Desktop\SecurityCheck.exe 2014-08-07 03:12 - 2014-04-19 22:35 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-08-07 03:07 - 2014-04-25 08:52 - 00000000 ____D () C:\Program Files (x86)\osu! 2014-08-07 02:39 - 2013-09-20 12:05 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-08-07 02:36 - 2013-09-20 12:21 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-08-07 01:45 - 2013-09-22 19:08 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\TS3Client 2014-08-06 19:44 - 2013-09-20 10:48 - 01388422 _____ () C:\Windows\WindowsUpdate.log 2014-08-06 19:40 - 2009-07-14 06:45 - 00014368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-08-06 19:40 - 2009-07-14 06:45 - 00014368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-08-06 19:37 - 2014-08-06 19:37 - 02347384 _____ (ESET) C:\Users\Arthur\Downloads\esetsmartinstaller_deu (1).exe 2014-08-06 19:37 - 2014-08-06 19:37 - 02347384 _____ (ESET) C:\Users\Arthur\Desktop\esetsmartinstaller_deu (1).exe 2014-08-06 19:33 - 2013-10-17 22:04 - 00000000 ____D () C:\Users\Arthur\AppData\Local\LogMeIn Hamachi 2014-08-06 19:32 - 2013-09-20 12:21 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-08-06 19:31 - 2014-08-06 12:16 - 00008868 _____ () C:\Windows\PFRO.log 2014-08-06 19:31 - 2014-07-23 19:02 - 00000168 _____ () C:\Windows\setupact.log 2014-08-06 19:31 - 2013-09-22 16:46 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-08-06 19:31 - 2013-09-20 11:26 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-08-06 19:31 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-08-06 19:27 - 2014-01-02 09:50 - 00000000 ____D () C:\Users\Arthur\AppData\Local\CRE 2014-08-06 12:50 - 2014-08-06 12:50 - 00049041 _____ () C:\Users\Arthur\Desktop\Addition.txt 2014-08-06 12:46 - 2014-08-06 12:46 - 00005089 _____ () C:\Users\Arthur\Desktop\MBAM Suchverlauf.txt 2014-08-06 12:46 - 2014-08-06 12:22 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-06 12:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\L2Schemas 2014-08-06 12:40 - 2014-08-06 12:09 - 00000091 _____ () C:\Users\Arthur\Desktop\youtube.txt 2014-08-06 12:37 - 2014-08-06 12:37 - 09807534 _____ () C:\Users\Arthur\Downloads\Feyris+Nyan+Mix.rar 2014-08-06 12:26 - 2014-02-01 22:34 - 00002580 _____ () C:\Windows\Sandboxie.ini 2014-08-06 12:22 - 2014-08-06 12:22 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-08-06 12:22 - 2014-08-06 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-06 12:22 - 2014-08-06 12:22 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-06 12:22 - 2013-11-17 18:49 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-06 12:19 - 2014-08-06 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2014-08-06 12:19 - 2014-07-21 19:49 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk 2014-08-06 12:19 - 2013-10-20 14:23 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi 2014-08-06 12:19 - 2013-09-22 19:06 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client 2014-08-06 12:17 - 2014-07-24 02:57 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server 2014-08-06 12:14 - 2014-01-27 01:33 - 00000000 ____D () C:\AdwCleaner 2014-08-06 12:11 - 2014-08-06 12:11 - 01361309 _____ () C:\Users\Arthur\Downloads\adwcleaner_3.302.exe 2014-08-06 12:11 - 2014-08-06 12:11 - 01361309 _____ () C:\Users\Arthur\Desktop\adwcleaner_3.302.exe 2014-08-06 10:37 - 2014-08-06 10:36 - 00049870 _____ () C:\Users\Arthur\Downloads\Addition.txt 2014-08-06 10:37 - 2014-08-06 10:34 - 00057540 _____ () C:\Users\Arthur\Downloads\FRST.txt 2014-08-06 10:34 - 2014-08-06 10:34 - 02094080 _____ (Farbar) C:\Users\Arthur\Desktop\FRST64.exe 2014-08-06 10:17 - 2014-08-06 10:15 - 00011862 _____ () C:\Users\Arthur\Desktop\hijackthis.log 2014-08-06 10:17 - 2014-01-27 01:39 - 00000000 ____D () C:\Users\Arthur\Downloads\backups 2014-08-06 09:27 - 2014-08-06 09:27 - 00000195 _____ () C:\Users\Arthur\Desktop\redditpost.txt 2014-08-06 08:43 - 2014-02-19 01:31 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\vlc 2014-08-06 08:03 - 2014-07-24 15:05 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\AIMP3 2014-08-06 07:57 - 2014-07-24 15:31 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Last.fm 2014-08-06 01:46 - 2014-02-12 22:47 - 00000000 ____D () C:\ProgramData\Origin 2014-08-06 00:00 - 2013-10-04 17:46 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr 2014-08-06 00:00 - 2013-10-04 17:37 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-08-06 00:00 - 2013-10-04 17:37 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2014-08-05 23:52 - 2014-02-12 22:47 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-08-05 12:00 - 2014-08-05 03:41 - 00000618 _____ () C:\Users\Arthur\Desktop\[box image dinger].txt 2014-08-05 11:57 - 2014-05-06 21:37 - 00000000 ____D () C:\Users\Arthur\.gimp-2.8 2014-08-05 11:55 - 2014-08-05 11:55 - 00019164 _____ () C:\Users\Arthur\AppData\Local\recently-used.xbel 2014-08-05 11:55 - 2014-05-06 21:57 - 00000000 ____D () C:\Users\Arthur\AppData\Local\gtk-2.0 2014-08-05 08:21 - 2014-04-09 02:56 - 00000000 ____D () C:\Users\Arthur\Desktop\Neuer Ordner 2014-08-05 07:02 - 2013-10-04 17:37 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-08-05 03:56 - 2014-08-05 03:56 - 12875367 _____ () C:\Users\Arthur\Downloads\Escalon+v6 (1).rar 2014-08-05 03:33 - 2014-08-05 03:33 - 12067624 _____ () C:\Users\Arthur\Downloads\bestest+evar.rar 2014-08-04 22:29 - 2014-05-12 21:50 - 00000000 ____D () C:\ProgramData\boost_interprocess 2014-08-04 18:31 - 2014-08-04 18:31 - 12875367 _____ () C:\Users\Arthur\Downloads\Escalon+v6.rar 2014-08-04 07:48 - 2014-04-29 00:14 - 00000000 ____D () C:\Users\Arthur\Desktop\Osu 2014-08-04 07:39 - 2014-08-04 07:38 - 208775365 _____ () C:\Users\Arthur\Downloads\Approved #5.rar 2014-08-04 07:38 - 2014-08-04 07:36 - 199019790 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #322.rar 2014-08-04 07:38 - 2014-08-04 07:35 - 205572784 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #321.rar 2014-08-02 10:20 - 2014-01-02 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2 2014-08-02 08:14 - 2014-01-02 22:45 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2 2014-08-02 08:13 - 2014-04-22 08:43 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Guild Wars 2 2014-08-02 07:47 - 2014-08-02 07:47 - 23301624 _____ (ArenaNet) C:\Users\Arthur\Downloads\Gw2Setup.exe 2014-08-02 03:40 - 2014-08-02 03:40 - 01010652 _____ () C:\Users\Arthur\Downloads\Clonk-Clonk.rar 2014-08-02 03:16 - 2014-08-02 03:16 - 01726708 _____ () C:\Users\Arthur\Downloads\Red+as+fuck.osk 2014-08-02 02:11 - 2014-08-02 02:11 - 00001399 _____ () C:\Users\Arthur\Desktop\osuTrainer - Verknüpfung.lnk 2014-08-02 02:11 - 2014-08-01 23:33 - 00000000 ____D () C:\Program Files (x86)\Osu!trainer 2014-08-02 00:55 - 2014-08-02 00:55 - 31604446 _____ () C:\Users\Arthur\Downloads\Nara+4.7.zip 2014-08-02 00:55 - 2014-08-02 00:55 - 07135462 _____ () C:\Users\Arthur\Downloads\default.zip 2014-08-01 23:34 - 2014-08-01 23:34 - 00000000 ____D () C:\Users\Arthur\AppData\Local\osuTrainer 2014-08-01 23:32 - 2014-08-01 23:32 - 01277651 _____ () C:\Users\Arthur\Downloads\osuTrainer.zip 2014-07-31 23:48 - 2014-07-31 23:48 - 07694565 _____ () C:\Users\Arthur\Downloads\39043 Nicki Minaj - Super Bass.osz 2014-07-31 06:11 - 2014-07-31 06:11 - 04065865 _____ () C:\Users\Arthur\Downloads\28751 07th Expansion - rog-unlimitation.osz 2014-07-28 23:18 - 2014-07-28 23:18 - 00000219 _____ () C:\Users\Arthur\Desktop\Counter-Strike Global Offensive.url 2014-07-27 22:35 - 2013-10-12 03:20 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-07-27 20:03 - 2014-07-27 20:02 - 00000000 ____D () C:\Users\Arthur\Documents\BFBC2 2014-07-27 20:02 - 2013-10-04 17:46 - 00000000 ____D () C:\Users\Arthur\AppData\Local\PunkBuster 2014-07-27 20:01 - 2014-07-27 20:01 - 02434856 _____ () C:\Windows\SysWOW64\pbsvc_bc2.exe 2014-07-27 20:00 - 2014-07-27 20:00 - 00018511 _____ () C:\Windows\DirectX.log 2014-07-27 07:59 - 2014-07-27 07:58 - 27377569 _____ () C:\Users\Arthur\Downloads\Syrasu2.rar 2014-07-26 23:39 - 2014-07-26 23:39 - 02239108 _____ () C:\Users\Arthur\Downloads\osuStreamSpeed.jar 2014-07-26 17:32 - 2014-07-26 17:31 - 87502847 _____ () C:\Users\Arthur\Downloads\WWWskin (2).rar 2014-07-26 17:32 - 2014-07-26 17:31 - 113746536 _____ () C:\Users\Arthur\Downloads\WWWskin (1).rar 2014-07-26 16:28 - 2014-07-26 16:28 - 87502847 _____ () C:\Users\Arthur\Downloads\WWWskin.rar 2014-07-25 23:02 - 2014-07-25 23:02 - 09791148 _____ () C:\Users\Arthur\Downloads\Skins.rar 2014-07-25 23:02 - 2014-07-25 23:02 - 07241953 _____ () C:\Users\Arthur\Downloads\cptnxn2.rar 2014-07-25 19:57 - 2014-07-25 19:57 - 00024919 _____ () C:\Users\Arthur\Downloads\Scorebar.rar 2014-07-25 02:28 - 2014-07-24 03:03 - 00003030 _____ () C:\Windows\System32\Tasks\RTSS 2014-07-25 02:28 - 2014-07-24 02:56 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner 2014-07-25 01:43 - 2014-07-25 00:24 - 00000000 ____D () C:\Users\Arthur\Documents\RepZIW4M 2014-07-25 01:31 - 2014-07-25 01:19 - 2228035460 _____ () C:\Users\Arthur\Downloads\DLC.rar 2014-07-25 00:36 - 2014-07-25 00:36 - 00002899 _____ () C:\Users\Arthur\Desktop\iw4m - Verknüpfung.lnk 2014-07-25 00:30 - 2014-07-25 00:29 - 1506894037 _____ () C:\Users\Arthur\Downloads\MW2 English Patch.zip 2014-07-25 00:25 - 2014-07-25 00:25 - 00221087 _____ () C:\Users\Arthur\Downloads\Default Style Client UpdaterV3.rar 2014-07-24 15:38 - 2014-07-24 15:38 - 00000000 ____D () C:\ProgramData\Last.fm 2014-07-24 15:38 - 2014-07-24 15:38 - 00000000 ____D () C:\Program Files (x86)\Winamp 2014-07-24 15:32 - 2014-07-24 15:32 - 00000985 _____ () C:\Users\Public\Desktop\Last.fm Scrobbler.lnk 2014-07-24 15:32 - 2014-07-24 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm 2014-07-24 15:32 - 2014-07-24 15:31 - 00000000 ____D () C:\Program Files (x86)\Last.fm 2014-07-24 15:31 - 2014-07-24 15:31 - 14916216 _____ (Last.fm ) C:\Users\Arthur\Downloads\Last.fm-2.1.36.exe 2014-07-24 15:29 - 2014-07-24 15:29 - 00000125 _____ () C:\Users\Arthur\Downloads\playlist.pls 2014-07-24 15:25 - 2014-07-24 15:25 - 00000200 _____ () C:\Users\Arthur\Downloads\listen (1).pls 2014-07-24 15:21 - 2014-07-24 15:21 - 00214688 _____ () C:\Users\Arthur\Downloads\metro_skin_for_aimp3_by_ikorolkov-d4qqujr.rar 2014-07-24 15:05 - 2014-07-24 15:05 - 00000909 _____ () C:\Users\Public\Desktop\AIMP3.lnk 2014-07-24 15:05 - 2014-07-24 15:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3 2014-07-24 15:05 - 2014-07-24 15:05 - 00000000 ____D () C:\Program Files (x86)\AIMP3 2014-07-24 15:03 - 2014-07-24 15:03 - 07771936 _____ (AIMP DevTeam) C:\Users\Arthur\Downloads\aimp_3.55.1355.exe 2014-07-24 03:36 - 2013-09-20 20:28 - 00000000 ____D () C:\Users\Arthur\Documents\My Games 2014-07-24 03:32 - 2014-06-25 23:24 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin 2014-07-24 02:58 - 2014-03-15 21:37 - 00000000 ___HD () C:\Windows\msdownld.tmp 2014-07-24 02:58 - 2014-03-15 21:37 - 00000000 ____D () C:\Windows\SysWOW64\directx 2014-07-24 02:57 - 2014-07-24 02:57 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server 2014-07-24 02:56 - 2014-07-24 02:56 - 00001090 _____ () C:\Users\Arthur\Desktop\MSI Afterburner.lnk 2014-07-24 02:56 - 2014-07-24 02:56 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner 2014-07-24 02:55 - 2014-07-24 02:55 - 29239096 _____ () C:\Users\Arthur\Downloads\MSIAfterburnerSetup301.zip 2014-07-24 02:53 - 2014-07-24 02:53 - 00826192 _____ (Chip Digital GmbH) C:\Users\Arthur\Downloads\MSI Afterburner - CHIP-Installer.exe 2014-07-23 22:04 - 2014-07-23 22:04 - 00002966 _____ () C:\Users\Arthur\Desktop\BlackOpsMP.lnk 2014-07-23 22:04 - 2014-07-23 22:04 - 00002936 _____ () C:\Users\Arthur\Desktop\BlackOps.lnk 2014-07-23 22:04 - 2014-07-23 22:04 - 00002909 _____ () C:\Users\Arthur\Desktop\repzOps.lnk 2014-07-23 22:04 - 2014-07-23 07:19 - 00000000 ____D () C:\Users\Arthur\Documents\RepZOps 2014-07-23 22:03 - 2014-07-23 22:03 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Macromedia 2014-07-23 21:59 - 2014-07-23 21:59 - 00000000 __RHD () C:\Users\Arthur\AppData\Roaming\SecuROM 2014-07-23 21:59 - 2014-07-23 21:59 - 00000000 ____D () C:\Users\Public\Documents\EA Games 2014-07-23 21:59 - 2013-10-03 15:38 - 00000000 ____D () C:\Users\Arthur\Documents\EA Games 2014-07-23 21:29 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-07-23 21:13 - 2014-06-13 18:28 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-07-23 21:08 - 2014-07-23 21:08 - 17089296 _____ (Electronic Arts, Inc.) C:\Users\Arthur\Downloads\OriginThinSetup.exe 2014-07-23 19:10 - 2014-07-23 19:10 - 00001943 _____ () C:\Users\Public\Desktop\Display Pilot.lnk 2014-07-23 19:10 - 2014-07-23 19:10 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\DisplayTune 2014-07-23 19:10 - 2014-07-23 19:10 - 00000000 ____D () C:\Users\Arthur\AppData\Local\DisplayTune 2014-07-23 19:10 - 2014-07-23 19:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BenQ 2014-07-23 19:09 - 2014-07-23 19:09 - 00000000 ____D () C:\Program Files (x86)\Portrait Displays 2014-07-23 19:09 - 2013-09-20 11:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-07-23 19:08 - 2014-07-23 19:08 - 00000000 ____D () C:\Program Files (x86)\BenQ 2014-07-23 19:07 - 2014-07-23 19:07 - 27745611 _____ () C:\Users\Arthur\Downloads\benq_display_pilot-setup.rar 2014-07-23 19:02 - 2014-07-23 19:02 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-23 17:39 - 2014-04-19 23:57 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2014-07-23 07:14 - 2014-05-04 18:26 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Activision 2014-07-23 03:39 - 2014-07-23 03:39 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-07-23 03:39 - 2014-07-23 03:39 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-07-23 03:39 - 2014-07-23 03:39 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Mozilla 2014-07-23 03:39 - 2014-07-23 03:39 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Mozilla 2014-07-23 03:39 - 2014-07-23 03:39 - 00000000 ____D () C:\ProgramData\Mozilla 2014-07-23 03:39 - 2013-10-12 13:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-07-23 03:36 - 2014-07-23 03:36 - 30063128 _____ (Mozilla) C:\Users\Arthur\Downloads\Firefox Setup 30.0_de.exe 2014-07-23 03:21 - 2014-06-26 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-07-23 03:20 - 2014-06-26 11:35 - 00000997 _____ () C:\Users\Arthur\Desktop\CCleaner.lnk 2014-07-22 23:10 - 2014-07-22 22:42 - 00000000 ____D () C:\Users\Arthur\Desktop\Gimp 2014-07-22 22:39 - 2014-07-22 22:39 - 00000000 ____D () C:\Users\Arthur\AppData\Local\webkit 2014-07-22 16:53 - 2014-07-22 16:53 - 00000000 ____D () C:\Users\Arthur\Desktop\Beta 2ns sugoi ! 1 2014-07-22 16:53 - 2014-07-22 16:52 - 00000000 ____D () C:\Users\Arthur\Desktop\Schlagsounds AKA Tischtennismatch 2014-07-17 13:19 - 2014-02-25 01:29 - 00000000 ____D () C:\Program Files (x86)\TERA 2014-07-15 20:56 - 2014-07-15 20:56 - 00019682 _____ () C:\Users\Arthur\Downloads\OsuLastFm.zip 2014-07-15 17:52 - 2014-07-15 17:50 - 137078872 _____ () C:\Users\Arthur\Downloads\(pro) Players Skin Compendium (Part 1).rar 2014-07-15 07:36 - 2014-07-15 07:36 - 06345434 _____ () C:\Users\Arthur\Downloads\cookie-.rar 2014-07-14 06:38 - 2014-07-10 06:36 - 00000000 ____D () C:\Program Files (x86)\Arena Knights Cabal Episode 10 2014-07-14 03:55 - 2014-07-14 03:55 - 17013628 _____ () C:\Users\Arthur\Downloads\chocolat+vanilla.rar 2014-07-14 01:17 - 2014-05-15 19:30 - 00000000 ____D () C:\Users\Arthur\Downloads\Screens 2014-07-14 01:16 - 2014-07-14 01:16 - 04562655 _____ () C:\Users\Arthur\Downloads\Hitlerrede.webm 2014-07-14 01:13 - 2014-07-14 01:12 - 207874831 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #361.rar 2014-07-13 17:48 - 2014-07-13 17:48 - 07275566 _____ () C:\Users\Arthur\Downloads\Andrea.rar 2014-07-13 17:13 - 2014-07-13 17:12 - 216063371 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #362.rar 2014-07-13 17:13 - 2014-07-13 17:12 - 210028588 _____ () C:\Users\Arthur\Downloads\Beatmap Pack #363.rar 2014-07-13 01:47 - 2014-07-13 01:46 - 01080480 _____ (Unity Technologies ApS) C:\Users\Arthur\Downloads\UnityWebPlayer (1).exe 2014-07-13 01:47 - 2014-04-04 22:38 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Unity 2014-07-13 00:19 - 2014-07-13 00:19 - 20495624 _____ () C:\Users\Arthur\Downloads\FunOrange 4.15.2014.rar 2014-07-13 00:12 - 2014-07-13 00:12 - 07868105 _____ () C:\Users\Arthur\Downloads\FunOrange8.4 (1).rar 2014-07-12 22:40 - 2014-07-12 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sirius MT2 2014-07-12 22:26 - 2013-11-03 23:24 - 00000000 ____D () C:\Sirius MT2 2014-07-12 22:17 - 2014-07-12 22:17 - 00003180 _____ () C:\Windows\System32\Tasks\{87793036-60BC-4D33-BC8C-69C6E3256169} 2014-07-12 22:13 - 2013-11-03 21:22 - 1572305527 _____ (Sirius MT2 ) C:\Users\Arthur\Documents\sirius.20.13.rev.client.exe 2014-07-12 21:57 - 2014-07-12 21:57 - 00836112 _____ (SiriusMT2) C:\Users\Arthur\Downloads\sirius.20.13.rev.installer (1).exe 2014-07-11 20:46 - 2009-07-14 06:45 - 05004720 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-11 20:28 - 2014-07-11 20:28 - 00034332 _____ () C:\Users\Arthur\Downloads\High Precision Cursor by FynnFTW - More Colors.rar 2014-07-11 20:27 - 2014-07-11 20:27 - 07868105 _____ () C:\Users\Arthur\Downloads\FunOrange8.4.rar 2014-07-11 17:48 - 2013-09-20 12:02 - 00094248 _____ () C:\Users\Arthur\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-11 17:33 - 2014-07-11 17:33 - 00000000 ____D () C:\Users\Public\Documents\sun 2014-07-11 17:31 - 2014-07-11 17:31 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0 2014-07-11 17:31 - 2014-01-03 08:25 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4 2014-07-11 17:24 - 2014-07-11 17:24 - 00961360 _____ (Chip Digital GmbH) C:\Users\Arthur\Downloads\OpenOffice - CHIP-Installer.exe 2014-07-10 06:53 - 2014-07-10 06:53 - 00001214 _____ () C:\Users\UpdatusUser\Desktop\AK Cabal Launcher.lnk 2014-07-10 06:52 - 2014-07-10 06:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arena Knights Cabal Episode 10 2014-07-10 06:36 - 2014-07-10 06:35 - 1717330663 _____ (Arena Knights ) C:\Users\Arthur\Downloads\AKCabalEp10.exe 2014-07-10 06:32 - 2014-07-10 06:32 - 01915058 _____ () C:\Users\Arthur\Downloads\TGCabalEP8.torrent 2014-07-09 01:29 - 2014-07-09 01:22 - 00000000 ____D () C:\Users\Arthur\AppData\Local\2K Games 2014-07-09 00:38 - 2013-09-20 10:57 - 00000000 ____D () C:\Users\Arthur 2014-07-09 00:35 - 2014-07-09 00:35 - 01346519 _____ () C:\Users\Arthur\Downloads\adwcleaner_3.214.exe 2014-07-09 00:31 - 2014-07-09 00:31 - 00000000 ____D () C:\Users\Arthur\Downloads\Cabal-2 2014-07-09 00:31 - 2014-07-09 00:31 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Temp842aac0f581a708d0ea973e67a58ad18_ 2014-07-09 00:30 - 2014-07-09 00:30 - 01063312 _____ () C:\Users\Arthur\Downloads\Cabal-2-lnstall.exe 2014-07-08 20:19 - 2014-07-08 20:19 - 23673366 _____ () C:\Users\Arthur\Downloads\91214 Lucky Star no Minna - Kumikyoku 'Lucky Star Douga'.osz 2014-07-08 20:12 - 2014-04-29 17:12 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2014-07-08 20:12 - 2014-04-19 22:35 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-08 20:12 - 2014-03-20 01:46 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-08 20:12 - 2014-03-20 01:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-08 18:47 - 2014-05-27 06:26 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Ubisoft Game Launcher 2014-07-08 03:07 - 2014-07-08 03:06 - 1137512686 _____ () C:\Users\Arthur\Downloads\wom2_installer_20140512.exe 2014-07-08 02:58 - 2014-07-08 02:21 - 00000000 ____D () C:\Users\Arthur\Documents\dragoon 2014-07-08 02:18 - 2013-11-09 18:12 - 00000000 ____D () C:\ProgramData\Package Cache Files to move or delete: ==================== C:\Users\Arthur\VOCALOID2.dll C:\Users\Arthur\VOCALOID2_Realtime.dll C:\Users\Arthur\VocaloidVSTi.dll Some content of TEMP: ==================== C:\Users\Arthur\AppData\Local\Temp\drm_dyndata_7400009.dll C:\Users\Arthur\AppData\Local\Temp\Gw2.exe C:\Users\Arthur\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-28 04:26 ==================== End Of Log ============================ --- --- --- --- --- --- Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-08-2014 Ran by Arthur at 2014-08-07 03:30:50 Running from C:\Users\Arthur\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 100% Orange Juice (HKLM-x32\...\Steam App 282800) (Version: - Orange_Juice) A.V.A - Alliance of Valiant Arms (HKLM-x32\...\Steam App 102700) (Version: - RED DUCK Inc.) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Afterfall InSanity Extended Edition (HKLM-x32\...\Steam App 224420) (Version: - Intoxicate Studios) Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios) AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1355, 14.07.2014 - AIMP DevTeam) AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version: - Gameforge) AlternativA (HKLM-x32\...\Steam App 33990) (Version: - Centauri Production) altPUG (HKLM-x32\...\{4FC41018-ABBF-47A0-B917-2DA88C04DA7D}) (Version: 1.2 - altPUG LLC) AMD APP SDK Runtime (Version: 10.0.873.1 - Advanced Micro Devices Inc.) Hidden AMD Catalyst Install Manager (HKLM\...\{DD562794-C098-A1E5-66ED-10E8BD1C84C5}) (Version: 3.0.864.0 - Advanced Micro Devices, Inc.) AMD Fuel (Version: 2012.0504.1554.26509 - Ihr Firmenname) Hidden Archeblade (HKLM-x32\...\Steam App 207230) (Version: - CodeBrush Games) Arena Knights Cabal Episode 10 version 1.0 (HKLM-x32\...\{13D2BCED-7F48-468A-9296-3FB1150A7CDD}_is1) (Version: 1.0 - Arena Knights) Arma: Cold War Assault (HKLM-x32\...\Steam App 65790) (Version: - Bohemia Interactive) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology) Audiosurf (HKLM-x32\...\Steam App 12900) (Version: - Dylan Fitterer) Aura Kingdom (HKLM-x32\...\Steam App 268420) (Version: - X-Legend) AuraKingdom-DE (HKLM-x32\...\AuraKingdom-DE) (Version: - ) avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software) Battlefield 2 (HKLM-x32\...\Steam App 24860) (Version: - DICE) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version: - DICE) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB) BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - ) BioShock (HKLM-x32\...\Steam App 7670) (Version: - 2K Boston) Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software) Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward) Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version: - Treyarch) Catalyst Control Center (x32 Version: 2012.0504.1554.26509 - Ihr Firmenname) Hidden Catalyst Control Center InstallProxy (x32 Version: 2012.0504.1554.26509 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2012.0504.1554.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2012.0504.1554.26509 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform) Command and Conquer: Red Alert 3 (HKLM-x32\...\Steam App 17480) (Version: - EA Los Angeles) Corel Painter 12 - IPM (Version: 12.4 - Corel Corporation) Hidden Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Croixleur Sigma (HKLM-x32\...\Steam App 250640) (Version: - souvenir circ.) Dark Souls 2 (HKLM-x32\...\RGFya1NvdWxzMg==_is1) (Version: 1 - ) Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware) DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc) DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - THQ) DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) DayZ Commander (HKLM-x32\...\{99C28455-E285-4639-B4C6-9F747C0C3D4C}) (Version: 0.92.90 - Dotjosh Studios) Defy Gravity (HKLM-x32\...\Steam App 96100) (Version: - Fish Factory Games) Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version: - Eidos Montreal) Display Pilot (HKLM-x32\...\{6DD25D67-4339-47A1-950E-EEFC321CBB24}) (Version: 2.11.002 - Portrait Displays, Inc.) Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD) eXceed 3rd - Jade Penetrate Black Package (HKLM-x32\...\Steam App 207400) (Version: - Tennen-sozai) Gameforge Live 2.0.2 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.2 - Gameforge) GameSpy Comrade (HKLM-x32\...\{894084B6-BC69-43B7-BF06-B93AECFEA520}) (Version: 2.1.1.214 - GameSpy) GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) GundeadliGne (HKLM-x32\...\Steam App 92220) (Version: - Platine Dispositif) Hotline Miami (HKLM-x32\...\Steam App 219150) (Version: - Dennaton Games) IconHandler 64 bit (Version: 2.0 - Corel Corporation) Hidden Infestation: Survivor Stories (HKLM-x32\...\Steam App 226700) (Version: - Hammerpoint Interactive) Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) KAMI (HKLM-x32\...\Steam App 272040) (Version: - State of Play Games) Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm) Left 4 Dead (HKLM-x32\...\Steam App 500) (Version: - Valve) Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.227 - LogMeIn, Inc.) Hidden Long Live The Queen (HKLM-x32\...\Steam App 251990) (Version: - Hanako Games) Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech) Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Manga Studio (HKLM-x32\...\{CFA66508-B19D-4032-AB0A-EBBA2BDF1368}) (Version: 5.0.0 - Smith Micro) Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version: - 4A Games) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (DEU) (Version: 4.5.51209 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.7969.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Basic 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Mitsurugi Kamui Hikae (HKLM-x32\...\Steam App 263620) (Version: - Zenith Blue) Monaco (HKLM-x32\...\Steam App 113020) (Version: - Pocketwatch Games) MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com) Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla) MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD) NEOTOKYO° (HKLM-x32\...\Steam App 244630) (Version: - STUDIO RADI-8) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.50.3 - Black Tree Gaming) NVIDIA 3D Vision Controller Driver (x32 Version: 280.19 - NVIDIA Corporation) Hidden NVIDIA 3D Vision Controller-Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.22 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 314.22 - NVIDIA Corporation) NVIDIA Grafiktreiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.22 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.23.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.23.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.133.902 - NVIDIA Corporation) Hidden NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1422 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 314.22 (Version: 314.22 - NVIDIA Corporation) Hidden NVIDIA Update 1.12.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.12.12 - NVIDIA Corporation) NVIDIA Update Components (Version: 1.12.12 - NVIDIA Corporation) Hidden Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.) osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy) Painter 12 - Content (Version: 12.4 - Corel Corporation) Hidden Painter 12 - Core (Version: 12.4 - Corel Corporation) Hidden Painter 12 - Corex64 (Version: 12.4 - Corel Corporation) Hidden Painter 12 - DE (Version: 12.4 - Corel Corporation) Hidden Painter 12 - EN (Version: 12.4 - Corel Corporation) Hidden Painter 12 - FR (Version: 12.4 - Corel Corporation) Hidden Painter 12 - IT (Version: 12.4 - Corel Corporation) Hidden Painter 12 - Setup Files (Version: 12.4 - Corel Corporation) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Pivot Pro Plugin (x32 Version: 9.61.004 - Portrait Displays, Inc.) Hidden PowerISO (HKLM-x32\...\PowerISO) (Version: 5.7 - Power Software Ltd) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.) puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert) Q.U.B.E: Director's Cut (HKLM-x32\...\Steam App 239430) (Version: - Toxic Games) Quake Live (HKLM-x32\...\Quake Live) (Version: - id Software) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6487 - Realtek Semiconductor Corp.) RIFT™ (HKLM-x32\...\Steam App 39120) (Version: - Trion Worlds) Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version: - Tripwire Interactive) RivaTuner Statistics Server 6.1.2 (HKLM-x32\...\RTSS) (Version: 6.1.2 - Unwinder) Sandboxie 4.08 (64-bit) (HKLM\...\Sandboxie) (Version: 4.08 - Sandboxie Holdings, LLC) Savant - Ascent (HKLM-x32\...\Steam App 259530) (Version: - DPad Studios) SDK (x32 Version: 2.40.007 - Portrait Displays, Inc.) Hidden Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version: - United Front Games) Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion) Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version: - Valve) Space Hack (HKLM-x32\...\Steam App 315260) (Version: - Rebelmind) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Steins;Gate version 1.0 (HKLM\...\{2A05A52B-BDD8-4FD5-A65A-687CB10D98DF}_is1) (Version: 1.0 - JAST USA) Super Hexagon (HKLM-x32\...\Steam App 221640) (Version: - Terry Cavanagh) Takedown: Red Sabre (HKLM-x32\...\Steam App 236510) (Version: - Serellan LLC) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer) TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH) The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) The Last Remnant (HKLM-x32\...\Steam App 23310) (Version: - SQUARE ENIX) The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts) The Walking Dead (HKLM-x32\...\Steam App 207610) (Version: - ) The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version: - Telltale Games) Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version: - Ubisoft Singapore) Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version: - Ubisoft Toronto) TrackMania² Canyon (HKLM-x32\...\Steam App 228760) (Version: - Nadeo) TrackMania² Stadium (HKLM-x32\...\Steam App 232910) (Version: - Nadeo) TrackMania² Valley (HKLM-x32\...\Steam App 243360) (Version: - Nadeo) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS) Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton) Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft) Vampire - The Masquerade Bloodlines (HKLM-x32\...\InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}) (Version: 1.00.0000 - Activision) Vampire - The Masquerade Bloodlines (x32 Version: 1.00.0000 - Activision) Hidden Vanguard Princess (HKLM-x32\...\Steam App 262150) (Version: - Tomoaki Sugeno) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) VVVVVV (HKLM-x32\...\Steam App 70300) (Version: - Terry Cavanagh) Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.8-4 - Wacom Technology Corp.) Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH) WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft) WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.) Window On Top version 3.8 (HKCU\...\{7F2C28D2-EE31-49A5-94F2-67285DAE372B}_is1) (Version: 3.8 - Skybn Software) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 06-08-2014 03:35:09 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2014-08-06 10:17 - 00000809 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05D8B960-D139-468A-BE4C-7B7FEB377383} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-20] (Google Inc.) Task: {2D9ECFD7-D91F-4799-B2DC-9C92C450438B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-25] (AVAST Software) Task: {44FEF404-4360-42DC-B6E2-D5F49A8D7701} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-20] (Google Inc.) Task: {76F23228-68F2-45B0-A716-AB3257B3B6B2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated) Task: {9788D847-1B07-4F98-866C-EC7E8AE3A945} - System32\Tasks\RTSS => C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe [2014-06-05] () Task: {AE68021E-B918-45BC-89F3-B31020938B78} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd) Task: {D127D84C-9C8C-49B5-B998-227887969A88} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-09-20 11:26 - 2013-03-15 06:16 - 00086304 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-06-05 11:41 - 2014-06-05 11:41 - 00399360 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll 2014-07-23 19:09 - 2013-11-12 11:44 - 00274960 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dthook.dll 2014-05-05 20:12 - 2014-04-22 00:30 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll 2014-06-05 11:41 - 2014-06-05 11:41 - 00188928 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe 2012-01-10 14:41 - 2014-04-19 23:50 - 00567880 _____ () C:\Program Files (x86)\puush\puush.exe 2014-07-23 19:09 - 2013-06-18 12:26 - 00677160 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpctrl.exe 2014-07-23 19:09 - 2013-06-18 12:26 - 00714024 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\floater.exe 2014-06-05 11:40 - 2014-06-05 11:40 - 00026112 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe 2014-06-05 11:41 - 2014-06-05 11:41 - 00088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe 2013-10-04 17:37 - 2014-08-05 07:02 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-08-07 03:15 - 2014-08-07 03:15 - 00854410 _____ () C:\Users\Arthur\Desktop\SecurityCheck.exe 2014-08-06 16:45 - 2014-08-06 16:45 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14080600\algo.dll 2014-08-06 19:32 - 2014-08-06 19:32 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14080601\algo.dll 2014-06-05 11:40 - 2014-06-05 11:40 - 00056320 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll 2014-06-05 11:40 - 2014-06-05 11:40 - 00127488 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll 2014-06-05 11:40 - 2014-06-05 11:40 - 00071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll 2014-06-05 11:40 - 2014-06-05 11:40 - 00354816 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll 2014-06-25 02:03 - 2014-06-25 02:03 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-07-23 19:09 - 2013-11-12 11:44 - 00187920 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll 2014-07-19 00:41 - 2014-07-15 11:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll 2014-07-19 00:41 - 2014-07-15 11:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll 2014-07-19 00:41 - 2014-07-15 11:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll 2014-07-19 00:41 - 2014-07-15 11:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll 2014-07-19 00:41 - 2014-07-15 11:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll 2014-03-13 17:16 - 2014-03-13 17:16 - 00148480 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\quazip.dll 2014-03-13 17:16 - 2014-03-13 17:16 - 00864768 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\platforms\qwindows.dll 2014-03-13 17:16 - 2014-03-13 17:16 - 00677376 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\sqldrivers\qsqlite.dll 2013-09-09 10:31 - 2014-08-06 12:19 - 00092104 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll 2013-09-09 10:31 - 2014-08-06 12:19 - 00105416 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll 2014-03-13 17:16 - 2014-03-13 17:16 - 00025600 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qgif.dll 2014-03-13 17:16 - 2014-03-13 17:16 - 00242688 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qjpeg.dll 2013-09-09 10:31 - 2014-08-06 12:19 - 00477128 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll 2013-09-09 10:31 - 2014-08-06 12:19 - 00484808 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll 2014-03-13 17:16 - 2014-03-13 17:16 - 00123904 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll 2013-03-19 13:10 - 2014-05-13 20:39 - 50284616 _____ () C:\Program Files (x86)\osu!\osu.dll 2014-03-15 11:49 - 2014-07-22 15:37 - 11808840 _____ () C:\Program Files (x86)\osu!\osu!ui.dll 2014-04-08 15:26 - 2014-06-21 17:22 - 16392264 _____ () C:\Program Files (x86)\osu!\osu!gameplay.dll 2014-05-01 02:31 - 2014-08-04 21:19 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll 2014-03-04 16:08 - 2014-08-04 21:19 - 00441856 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll 2013-12-14 04:31 - 2014-08-04 21:19 - 00332288 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll 2013-09-20 12:05 - 2014-08-04 21:18 - 00769024 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2014-05-01 02:31 - 2014-08-06 04:30 - 02143936 _____ () C:\Program Files (x86)\Steam\video.dll 2014-05-01 02:31 - 2014-08-04 21:19 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll 2014-05-01 02:31 - 2014-07-31 04:51 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll 2013-09-20 15:12 - 2014-08-06 04:29 - 00677056 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2013-09-20 15:12 - 2014-08-04 21:18 - 34586816 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2014-07-24 02:53 - 2014-08-04 21:18 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/07/2014 03:11:59 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (08/06/2014 07:37:39 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (08/06/2014 07:37:36 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (08/06/2014 07:37:25 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (08/06/2014 00:55:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24 Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000c4102 ID des fehlerhaften Prozesses: 0xad0 Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0 Pfad der fehlerhaften Anwendung: Explorer.EXE1 Pfad des fehlerhaften Moduls: Explorer.EXE2 Berichtskennung: Explorer.EXE3 Error: (08/06/2014 00:38:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24 Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000c4102 ID des fehlerhaften Prozesses: 0x6f4 Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0 Pfad der fehlerhaften Anwendung: Explorer.EXE1 Pfad des fehlerhaften Moduls: Explorer.EXE2 Berichtskennung: Explorer.EXE3 Error: (08/06/2014 10:43:58 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (08/06/2014 08:53:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: SHLWAPI.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9ab Ausnahmecode: 0xc000041d Fehleroffset: 0x0000000000013d13 ID des fehlerhaften Prozesses: 0x4940 Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0 Pfad der fehlerhaften Anwendung: explorer.exe1 Pfad des fehlerhaften Moduls: explorer.exe2 Berichtskennung: explorer.exe3 Error: (08/06/2014 08:53:23 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: SHLWAPI.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9ab Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000013d13 ID des fehlerhaften Prozesses: 0x4940 Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0 Pfad der fehlerhaften Anwendung: explorer.exe1 Pfad des fehlerhaften Moduls: explorer.exe2 Berichtskennung: explorer.exe3 Error: (08/06/2014 08:51:44 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24 Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000c4102 ID des fehlerhaften Prozesses: 0xde4 Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0 Pfad der fehlerhaften Anwendung: explorer.exe1 Pfad des fehlerhaften Moduls: explorer.exe2 Berichtskennung: explorer.exe3 System errors: ============= Error: (08/06/2014 07:32:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/06/2014 07:32:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (08/06/2014 07:32:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AMD FUEL Service erreicht. Error: (08/06/2014 07:31:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Adobe Acrobat Update Service erreicht. Error: (08/06/2014 00:42:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/06/2014 00:19:35 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren. Error: (08/06/2014 00:16:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/06/2014 04:40:02 AM) (Source: volsnap) (EventID: 36) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (08/01/2014 04:58:54 AM) (Source: volsnap) (EventID: 36) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (07/27/2014 05:03:45 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht. Microsoft Office Sessions: ========================= Error: (08/07/2014 03:11:59 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe Error: (08/06/2014 07:37:39 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Arthur\Desktop\esetsmartinstaller_deu (1).exe Error: (08/06/2014 07:37:36 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Arthur\Desktop\esetsmartinstaller_deu (1).exe Error: (08/06/2014 07:37:25 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Arthur\Desktop\esetsmartinstaller_deu (1).exe Error: (08/06/2014 00:55:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c000037400000000000c4102ad001cfb16330d8f2a8C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll2effd634-1d58-11e4-bd05-8c89a59cdb65 Error: (08/06/2014 00:38:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c000037400000000000c41026f401cfb15f78effab3C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dlld536eb51-1d55-11e4-9d6b-8c89a59cdb65 Error: (08/06/2014 10:43:58 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Arthur\Downloads\esetsmartinstaller_deu.exe Error: (08/06/2014 08:53:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: explorer.exe6.1.7601.175674d672ee4SHLWAPI.dll6.1.7601.175144ce7c9abc000041d0000000000013d13494001cfb142e92a3231C:\Windows\explorer.exeC:\Windows\system32\SHLWAPI.dll670778c7-1d36-11e4-990f-8c89a59cdb65 Error: (08/06/2014 08:53:23 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: explorer.exe6.1.7601.175674d672ee4SHLWAPI.dll6.1.7601.175144ce7c9abc00000050000000000013d13494001cfb142e92a3231C:\Windows\explorer.exeC:\Windows\system32\SHLWAPI.dll5b2b41c2-1d36-11e4-990f-8c89a59cdb65 Error: (08/06/2014 08:51:44 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: explorer.exe6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c000037400000000000c4102de401cfa83fe9335ba0C:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll203c7caa-1d36-11e4-990f-8c89a59cdb65 ==================== Memory info =========================== Percentage of memory in use: 64% Total physical RAM: 6114.15 MB Available physical RAM: 2179.35 MB Total Pagefile: 12226.48 MB Available Pagefile: 7828.23 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.41 GB) (Free:83.16 GB) NTFS Drive e: (INTENSO) (Fixed) (Total:931.28 GB) (Free:487.69 GB) FAT32 Drive g: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 5B9EA6E7) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 932 GB) (Disk ID: 8AF3720B) Partition 1: (Not Active) - (Size=932 GB) - (Type=0C) ==================== End Of Log ============================ |
07.08.2014, 19:59 | #15 |
/// TB-Ausbilder | Fake E-Mail mit anhang erhalten. Dummerweise (.zip) datei heruntergeladen aber nicht geöffnet. Reste entfernen Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start C:\Users\Arthur\Downloads\*CHIP-Installer.exe Reboot: end Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Lösche alle Cracks, Keygens und Hacktools, sonst kommt die Malware schneller zurück als dir lieb ist. Wenn du keine Probleme mehr hast, dann sind wir hier fertig. Deine Logdateien sind sauber. Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern. Schritt 1 Du verwendest veraltete Software auf deinem Rechner, was ein Sicherheitsrisiko darstellt. Daher solltest du veraltete Software deinstallieren und anschließend die aktuellste Version installieren. Folge dem Pfad Start > Systemsteuerung > Sofware / Programme deinstallieren. Deinstalliere die folgenden Programme von deinem Rechner:
Downloade und installiere dir bitte nun:Starte deinen Rechner nach der Installation neu auf. Schritt 2 Die Reihenfolge ist hier entscheidend.
Schritt 3 Abschließend habe ich noch ein paar Tipps zur Absicherung deines Systems. Ich kann gar nicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti-Viren-Programm und zusätzlicher Schutz
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden. Mozilla Firefox
Performance
Was du vermeiden solltest:
Nun bleibt mir nur noch dir viel Spaß beim sicheren Surfen zu wünschen... ... und vielleicht möchtest du ja das Trojaner-Board unterstützen? Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |