| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Firefox öffnet bei klicken Werbung & und Programm "lomrdjhy" im HintergrundWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.04.2015, 14:59
| #1 |
| |  Firefox öffnet bei klicken Werbung & und Programm "lomrdjhy" im Hintergrund Guten Tag zusammen, Als ich heute morgen ein bisschen im Internet Explorer gebrowst habe, hat sich andauernd Werbung geöffnet und JavaScript hat sich deaktiviert. Ich habe mich natürlch gewundert und meinen PC neugestartet und als ich dann den IE wieder geöffnet habe, hats ihn total zerschossen. Google sieht ganz komisch aus und ich bin dann auf Firefox umgestiegen. Dort öffnet sich auch Werbung beim Klicken, aber irgendwie wird der Tab sofort wieder geschlossen und kann weiterarbeiten. Ich habe dann einen Scan mit Malwarebytes Anti-Malware gemacht und alles gefundene gelöscht. Außerdem läuft im Hintergrund mehrere Programme namens "lomrdjhy", das auch manchmal im Vordergrund als komplett weißes Fenster da ist. Dann X-e ich das immer weg. Ich hoffe, ihr könnt mir helfen... Wie es in der Anleitung vom Forum steh, hab ich auch einige Logs: Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-04-2015
Ran by Tim² at 2015-04-12 14:33:05
Running from C:\Users\Tim²\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29126 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABC-Schutz-Simulator 1.1 (HKLM-x32\...\{8694B919-8C39-41FB-875E-0FC8E3EE3216}_is1) (Version: - rondomedia Marketing & Vertriebs GmbH)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_5f143314a5d434c8511097393d17397) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Aerosoft's - Aerosoft Launcher (HKLM-x32\...\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}) (Version: 1.2.0.3 - Aerosoft)
aerosoft's - Berlin-Wittenberg (HKLM-x32\...\{04D946B3-0B81-41A4-A793-B59000EAEAA8}) (Version: 1.00 - aerosoft)
aerosoft's - Berlin-Wittenberg (HKU\S-1-5-21-2194363954-2173886408-846520025-1006\...\{04D946B3-0B81-41A4-A793-B59000EAEAA8}) (Version: 1.00 - aerosoft)
aerosoft's - Koeln-Duesseldorf (HKLM-x32\...\{D2379705-565A-40AB-B2F6-5CD70D599AE2}) (Version: 1.01 - aerosoft)
aerosoft's - OMSI 2 - Addon Wien (HKLM-x32\...\{FFAB9F9B-C38C-4FC2-A1EC-1099D2832D18}) (Version: 1.10 - aerosoft)
aerosoft's - OMSI 2 - Drei Generationen (HKLM-x32\...\{C88376AA-BF64-40F4-9AD6-F8A18DA394F2}) (Version: 1.10 - aerosoft)
aerosoft's - OMSI 2 - Hamburg (HKLM-x32\...\{5BF6B590-F7F5-46B5-B5F4-B0CA93423AD6}) (Version: 2.02 - aerosoft)
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Aiseesoft AVCHD Video Konverter 6.2.16 (HKLM-x32\...\{160B528D-725A-45d3-B98B-53ADA7E118AF}_is1) (Version: - )
AMD Catalyst Install Manager (HKLM\...\{00957033-C081-5235-665A-A014A6E2FF7B}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Ashampoo AppLauncher (Medion) v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher (Medion)_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Audio Recorder Pro 3.70 (HKLM-x32\...\Audio Recorder Pro_is1) (Version: - )
AutoIt v3.3.12.0 (HKLM-x32\...\AutoItv3) (Version: 3.3.12.0 - AutoIt Team)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.0.3.674 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlefield Heroes (HKU\S-1-5-21-2194363954-2173886408-846520025-1006\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version: - EA Digital illusions)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Battlestations: Midway (HKLM-x32\...\{6BC0CDD6-E0C2-434D-9365-23E79E42DA95}) (Version: 1.00.0000 - Ihr Firmenname)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Blue Byte Game Channel (HKLM-x32\...\Blue Byte Game Channel) (Version: - UbiSoft)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{8DCCC556-265B-478A-8B32-C12DA988BA74}) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Bus-Simulator 2012 (HKLM-x32\...\Bus-Simulator 2012_is1) (Version: - astragon)
Car Mechanic Simulator 2014 Demo (HKLM-x32\...\Steam App 277990) (Version: - Red Dot Games)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
ClearSkinFX for Digital Cameras (HKLM-x32\...\ClearSkinFX for Digital Cameras_is1) (Version: - )
Clone Wars (HKU\S-1-5-21-2194363954-2173886408-846520025-1006\...\SOE-Clone Wars) (Version: - Sony Online Entertainment)
Construction-Simulator 2015 (HKLM-x32\...\Steam App 289950) (Version: - weltenbauer. Software Entwicklung GmbH)
Contents (x32 Version: 15.0.0.258 - Corel Corporation) Hidden
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Corel VideoStudio Pro X5 (HKLM-x32\...\_{1A1BD41E-9854-4957-8959-F9559A8862A7}) (Version: 15.0.0.258 - Corel Corporation)
CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3124 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3815c - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.0913 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Demolition Company Gold (HKLM-x32\...\DemolitionCompanyDE_is1) (Version: - GIANTS Software)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
diclovit's mod pack 9.6.1 (HKLM-x32\...\{28B1238E-1C18-4637-A2B7-95315E94EB29}_is1) (Version: 9.6.1 - diclovit)
Die Polizei 2013 (HKLM-x32\...\Die Polizei 2013) (Version: - Quadriga Games)
Die Siedler IV (HKLM-x32\...\S4Uninst) (Version: - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.17.60 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
DJ_AIO_NS_LP_DocCD (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
DJ_AIO_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
DJ_AIO_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-2194363954-2173886408-846520025-1006\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
eazyzoom (HKLM-x32\...\{08E284AA-B39A-4027-889B-B68E370EA20C}) (Version: 1.1.0.30 - eazyzoom)
Emergency4 (HKLM-x32\...\{9A4C534E-431F-4A17-97D4-D1682B19A054}) (Version: 1.03.001 - )
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version: - The Creative Assembly)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.0.2 - SCS Software)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.1.0.9 Alpha R3 (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.1.0.9 Alpha R3 - ETS2MP Team)
F2100 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
F2100_Help (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
Fahrzeit Vol.7 'Spätschicht' (HKLM-x32\...\C8AE2E19-F404-4A20-9590-4DFCB959692E_is1) (Version: 1.0 - 3DZUG)
Feuer- und Notfallsimulation Wegberg Version 6.0 (HKLM-x32\...\{Wegberg-Modifikation-6-0}_is1) (Version: 6.0 - Marco H.)
Feuerwehr-Simulator 2010 (HKLM-x32\...\FFsim) (Version: - )
Firefighters 2014 (HKLM-x32\...\Steam App 291910) (Version: - VIS - Visual Imagination Software)
Flughafen-Feuerwehr-Simulator 2013 Version 1.0 (HKLM-x32\...\{86D596F4-CB90-4F4B-B752-8A55D0C62664}_is1) (Version: - rondomedia Marketing & Vertriebs GmbH)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free M4a to MP3 Converter 7.2 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free YouTube Download Manager (HKLM-x32\...\{0f2d7150-ef69-406d-abd8-3d6627a6031c}) (Version: 1.0.0.4 - Freetec)
Free YouTube Download Manager (x32 Version: 1.0.0.4 - Freetec) Hidden
Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Gameforge Live 1.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.1.1724 - Gameforge)
GIANTS Editor 4.1.9 (HKLM-x32\...\giants_editor_4.1.9_is1) (Version: 4.1.9 - GIANTS Software GmbH)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Green Line 3 Sprachtrainer (HKLM-x32\...\{EE6F9172-D644-4C45-9892-2F22AF49F88C}) (Version: 1.00.000 - Klett)
Handset WinDriver 1.02.02.00 (HKLM-x32\...\Handset WinDriver) (Version: 1.02.02.00 - Huawei technologies Co., Ltd.)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet All-In-One Software (HKLM\...\{2CB8566A-8EA6-417A-BAB1-1B10A88C79BB}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
ICA (x32 Version: 15.0.0.258 - Corel Corporation) Hidden
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Internet Explorer Toolbar 4.8 by SweetPacks (x32 Version: 4.8.0000 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION
IPM_VS_Pro (x32 Version: 15.0 - Corel Corporation) Hidden
ISCOM (x32 Version: 15.0.0.258 - Corel Corporation) Hidden
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Kehrmaschinen-Simulator 2011 (HKLM-x32\...\Kehrmaschinen-Simulator 2011_is1) (Version: - astragon)
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.1.0.0 - GIANTS Software)
Landwirtschafts Simulator 2013 (HKLM-x32\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.56 (HKLM\...\Logitech Gaming Software) (Version: 8.56.109 - Logitech Inc.)
LONDON CITY AIRPORT (HKLM-x32\...\LONDON CITY AIRPORT FSX Accelaration pack/sp2) (Version: FSX Accelaration pack/sp2 - )
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Man Lion's City 2.10 (HKLM-x32\...\Man Lion's City 2.10) (Version: - )
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Medal of Honor Allied Assault (HKLM-x32\...\{0DEA94ED-915A-4834-A87E-388D012C8E02}) (Version: - )
Mediathek (HKLM-x32\...\{EFFED0C0-5299-422E-AFE6-8B8066D18A2A}) (Version: 1.4.0 - Medion)
Medion Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Medion Home Cinema 10 (x32 Version: 10.1924 - CyberLink Corp.) Hidden
Microsoft Combat Flight Simulator 2 (HKLM-x32\...\Combat Flight Simulator 2.0) (Version: - )
Microsoft Flight Simulator SimConnect Client v10.0.62608.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62608.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Steam Edition (HKLM-x32\...\Steam App 314160) (Version: - Microsoft Game Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.005.15.00.705 - Huawei Technologies Co.,Ltd)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 33.1.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 de)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NaturalReaderFree (HKLM-x32\...\{262EFBD9-A907-490F-81F4-561FDD3A8C5C}) (Version: 1.00.0000 - Naturalsoft limited)
Next Car Game Free Technology Demo (HKLM-x32\...\Next Car Game Free Technology Demo) (Version: - Bugbear Entertainment)
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version: - Gameforge 4D GmbH)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OMSI - Der Omnibussimulator (HKLM-x32\...\{9AE850A4-B89D-4875-A159-B1B64D717EFB}) (Version: 1.04 - aerosoft)
OMSI 2 (HKLM-x32\...\Steam App 252530) (Version: - MR-Software GbR)
OMSI Addon Manager Version 1.2.4 (HKLM-x32\...\{32B08666-1587-435D-988C-7958A04B218A}_is1) (Version: 1.2.4 - Jan Kiesewalter)
Origin (HKLM-x32\...\Origin) (Version: 9.1.10.2728 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PhotoFiltre 7 (HKU\S-1-5-21-2194363954-2173886408-846520025-1006\...\PhotoFiltre 7) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pluspack Nürnberg-Saalfeld (HKLM-x32\...\{044E5F9A-EDAC-45EE-9471-340965CF8AA6}) (Version: 1.0 - vizzart)
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
PriceFountain (remove only) (HKU\S-1-5-21-2194363954-2173886408-846520025-1006\...\PriceFountain) (Version: 1.0.8.6 - Price Fountain) <==== ATTENTION!
Professional Farmer 2014 Demo (HKLM-x32\...\Steam App 264930) (Version: - PlayWay S.A.)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
ProTrain Perfect 2 - Aufgabenfix - (HKLM-x32\...\{0E3DB576-9B7D-43FA-9F4B-D09A86899DAB}) (Version: 1.0.1 - Blue Sky Interactive)
ProTrain Perfect 2 - Nürnberg - Saalfeld - (HKLM-x32\...\{1FE4482C-E7EC-4A88-B3EE-AC13054E789E}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Streckenupdate - (HKLM-x32\...\{9547B52A-58E0-4AB5-B159-506728C5404B}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 (HKLM-x32\...\AuranTS2009_ptp2_is1) (Version: - Auran)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickLaunch (HKLM-x32\...\{A802F1E3-34C8-4C84-9948-C1C4E37D0FA9}) (Version: 1.00.0019 - Lenovo Group Limited)
QuickShare (HKLM-x32\...\{CC1C2EE8-8E03-4D79-9758-C208D4438A3E}) (Version: 1.146.60.12450 - Linkury Inc.) <==== ATTENTION
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Railtraction BR 648 Coradia Lint41 (HKLM-x32\...\{6DB7926B-7DBB-438E-8D66-6CCCC25F0C25}) (Version: 1.0.2 - Railtraction)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.3.25.0 - Razer Inc.)
Real Heroes Firefighter (HKLM-x32\...\Real Heroes - Firefighter_is1) (Version: - rondomedia)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.23.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
RESCUE 2013 (HKU\S-1-5-21-2194363954-2173886408-846520025-1006\...\RESCUE 2013) (Version: 1.00.00.00 - rondomedia GmbH)
RESCUE 2013 DEMO (HKU\S-1-5-21-2194363954-2173886408-846520025-1006\...\RESCUE 2013 DEMO) (Version: 1.00.00.00 - rondomedia GmbH)
Rettungswagen Simulator 2012 (HKLM-x32\...\Rettungswagen Simulator 2012) (Version: - )
Rettungswagen Simulator 2014 (HKLM-x32\...\Rettungswagen Simulator 2014) (Version: 1.0 - Z-Software GmbH)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version: - Piranha Bytes)
RoadRider 0.1.5.9.4 (HKLM-x32\...\{2653CE3E-058A-4DCE-8116-2A9643A83099}) (Version: - Tyroonis)
RTS Wegberg Version 2.0 (HKLM-x32\...\{RTS-Wegberg-2-0}_is1) (Version: 2.0 - Marco H.)
Sandboxie 3.76 (64-bit) (HKLM\...\Sandboxie) (Version: 3.76 - SANDBOXIE L.T.D)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Setup (x32 Version: 15.0.0.258 - Corel Corporation) Hidden
Share (x32 Version: 15.0.0.258 - Corel Corporation) Hidden
Share64 (Version: 15.0.0.258 - Corel Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Silent Hunter 5 (HKLM-x32\...\{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}) (Version: 1.2.0 - Ubisoft)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Ski Region Simulator (HKLM-x32\...\Steam App 270950) (Version: - Giants Software)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.6 - SmartSound Software Inc.) Hidden
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
SpinTires Tech Demo (June 060613) (HKLM-x32\...\{9AF7D6F5-50A5-432C-9F7B-83BCE03B11A0}) (Version: 1.3 - Oovee)
Sprachtrainer Fonts (HKLM-x32\...\{FBCF2ED3-AFB5-475E-BF9A-30BEAD366FBC}) (Version: 1.00.01 - Ernst Klett Verlag GmbH)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: - )
Stronghold Crusader (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: - )
Super Mario 3 Editable (HKLM-x32\...\Super Mario 3 Editable) (Version: - )
Super Mario Bros. X version 1.3 (HKLM-x32\...\{C9EAEE6B-741F-421D-B9CE-9FA300DA92AD}_is1) (Version: 1.3 - SuperMarioBrothers.org)
SweetIM Bundle by SweetPacks (HKLM-x32\...\SweetIM Bundle by SweetPacks) (Version: 1.0.0.0 - SweetPacks LTD) <==== ATTENTION
TaD Premium Pack II (DEMO) (HKLM-x32\...\TaD Premium Pack II (DEMO)) (Version: - )
TeamSpeak 3 Client (HKU\S-1-5-21-2194363954-2173886408-846520025-1006\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
Train Simulator 2014 (HKLM-x32\...\Steam App 24010) (Version: - RailSimulator.com)
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-2194363954-2173886408-846520025-1006\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for PriceFountain (HKU\S-1-5-21-2194363954-2173886408-846520025-1006\...\Price Fountain) (Version: - Update for PriceFountain) <==== ATTENTION
VAFS5 (HKLM-x32\...\309E6243-31FB-434E-9FF5-9AFEB1542DAD) (Version: 5.1.1.20 - VAFINANCIALS)
Vegas Pro 11.0 (64-bit) (HKLM\...\{7E3B2D0F-029B-11E2-BD68-F04DA23A5C58}) (Version: 11.0.701 - Sony)
Versystem Soundboard (HKLM-x32\...\VersystemSoundboard) (Version: - )
vi-view uninstall (HKLM-x32\...\vi-view uninstall) (Version: - vi-view) <==== ATTENTION
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
VMLite Workstation (HKLM\...\{197F2BEF-2705-406E-8CEB-8E404FFFE414}) (Version: 3.2.6 - VMLite)
VSClassic (x32 Version: 15.0.0.258 - Corel Corporation) Hidden
VSHelp (x32 Version: 15.0.0.258 - Corel Corporation) Hidden
VSPro (x32 Version: 15.0.0.258 - Corel Corporation) Hidden
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.2.1739 - 1&1 Mail & Media GmbH)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Werkfeuerwehr-Simulator 2014 Version 1.0 (HKLM-x32\...\{A98167B4-4E26-4DA4-A57C-74A3ED3C845D}_is1) (Version: - rondomedia Marketing & Vertriebs GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xilisoft HD Video Converter (HKLM-x32\...\Xilisoft HD Video Converter) (Version: 7.8.6.20150206 - Xilisoft)
XMedia Recode Version 3.1.7.4 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.7.4 - XMedia Recode)
XTab (HKLM-x32\...\XTab) (Version: 4.0.2.1615 - XTab system) <==== ATTENTION
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled.
Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job =>
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job =>
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job =>
Task: C:\WINDOWS\Tasks\Price Fountain.job =>
==================== Loaded Modules (whitelisted) ==============
2015-04-12 10:05 - 2015-04-12 10:05 - 01149440 _____ () C:\ProgramData\eazyzoom\1.1.0.30\lomr6jhy.dll
2015-04-12 10:06 - 2015-04-12 10:06 - 00449024 _____ () C:\ProgramData\eazyzoom\1.1.0.30\lomrdjhy.exe
2015-04-12 10:06 - 2015-04-12 10:06 - 00245760 _____ () C:\ProgramData\eazyzoom\1.1.0.30\lomr3jhy.exe
2015-04-12 10:05 - 2015-04-12 10:05 - 00561152 _____ () C:\ProgramData\eazyzoom\1.1.0.30\lomr6jhy.exe
2014-09-16 23:02 - 2014-09-16 23:02 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-09-16 23:02 - 2014-09-16 23:02 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-16 23:02 - 2014-09-16 23:02 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-09-16 23:02 - 2014-09-16 23:02 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tammgF119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tammgR119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tammgF119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tammgR119.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2194363954-2173886408-846520025-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Tim²\Pictures\DSCN1115.JPG
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "GameforgeLive"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKU\S-1-5-21-2194363954-2173886408-846520025-1006\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2194363954-2173886408-846520025-1006\...\StartupApproved\Run: => "Cauryferi"
HKU\S-1-5-21-2194363954-2173886408-846520025-1006\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2194363954-2173886408-846520025-1006\...\StartupApproved\Run: => "pricefountainw.exe"
HKU\S-1-5-21-2194363954-2173886408-846520025-1006\...\StartupApproved\Run: => "Skype"
==================== Accounts: =============================
Administrator (S-1-5-21-2194363954-2173886408-846520025-500 - Administrator - Disabled)
******* (S-1-5-21-2194363954-2173886408-846520025-1005 - Limited - Enabled) => C:\Users\*******
Gast (S-1-5-21-2194363954-2173886408-846520025-501 - Limited - Disabled)
Hio (S-1-5-21-2194363954-2173886408-846520025-1007 - Administrator - Enabled) => C:\Users\Hio
Michi (S-1-5-21-2194363954-2173886408-846520025-1008 - Limited - Enabled) => C:\Users\Michi
Tim (S-1-5-21-2194363954-2173886408-846520025-1002 - Limited - Enabled) => C:\Users\Tim
Tim² (S-1-5-21-2194363954-2173886408-846520025-1006 - Limited - Enabled) => C:\Users\Tim²
==================== Faulty Device Manager Devices =============
Name: VMLite Host-Only Ethernet Adapter
Description: VMLite Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMLite Inc.
Service: VBoxNetAdp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/12/2015 00:57:12 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (04/12/2015 00:30:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm lomrdjhy.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 78c
Startzeit: 01d0750752e5c917
Endzeit: 4294967295
Anwendungspfad: C:\ProgramData\eazyzoom\1.1.0.30\lomrdjhy.exe
Berichts-ID: ea69138f-e0fe-11e4-82f3-d8cb8a19534b
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (04/12/2015 11:58:59 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (04/12/2015 11:39:24 AM) (Source: MsiInstaller) (EventID: 11309) (User: Tims-Pc)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.
Error: (04/12/2015 11:00:17 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (04/11/2015 07:19:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
Error: (04/11/2015 07:19:25 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: C:\Windows\System32\winspool.drvSpooler4
Error: (04/11/2015 07:19:24 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (04/11/2015 07:19:24 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
Error: (04/11/2015 07:19:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4
System errors:
=============
Error: (04/12/2015 01:37:57 PM) (Source: DCOM) (EventID: 10010) (User: Tims-Pc)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (04/12/2015 01:37:27 PM) (Source: DCOM) (EventID: 10010) (User: Tims-Pc)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (04/12/2015 00:57:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tammgF119 service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/12/2015 00:57:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (04/12/2015 00:55:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/12/2015 00:55:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Mobile Partner. OUC erreicht.
Error: (04/12/2015 00:55:42 PM) (Source: SbieSvc) (EventID: 9153) (User: )
Description: SBIE9153 Treiber kann nicht gestartet werden (SbieDrv)
Error: (04/12/2015 00:55:37 PM) (Source: SbieDrv) (EventID: 1103) (User: )
Description: SBIE1103 Sandboxie-Treiber (SbieDrv) version 3.76 konnte nicht gestartet werden
Error: (04/12/2015 00:55:37 PM) (Source: SbieDrv) (EventID: 1105) (User: )
Description: SBIE1105 Unbekannte Betriebssystem-Version: 6.3
Error: (04/12/2015 11:59:32 AM) (Source: SbieSvc) (EventID: 9153) (User: )
Description: SBIE9153 Treiber kann nicht gestartet werden (SbieDrv)
Microsoft Office Sessions:
=========================
Error: (04/12/2015 00:57:12 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (04/12/2015 00:30:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: lomrdjhy.exe0.0.0.078c01d0750752e5c9174294967295C:\ProgramData\eazyzoom\1.1.0.30\lomrdjhy.exeea69138f-e0fe-11e4-82f3-d8cb8a19534b
Error: (04/12/2015 11:58:59 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (04/12/2015 11:39:24 AM) (Source: MsiInstaller) (EventID: 11309) (User: Tims-Pc)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/12/2015 11:00:17 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (04/11/2015 07:19:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
Error: (04/11/2015 07:19:25 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: C:\Windows\System32\winspool.drvSpooler4
Error: (04/11/2015 07:19:24 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (04/11/2015 07:19:24 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
Error: (04/11/2015 07:19:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 31%
Total physical RAM: 8127.9 MB
Available physical RAM: 5592.64 MB
Total Pagefile: 9407.9 MB
Available Pagefile: 6099.48 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:869.36 GB) (Free:387.71 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:43.97 GB) NTFS
Drive h: () (Removable) (Total:15.02 GB) (Free:2.45 GB) FAT32
==================== MBR & Partition Table ==================
==================== End Of Log ============================
defogger_disable Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:31 on 12/04/2015 (Hio)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
|
|
12.04.2015, 15:02
| #2 |
| | Firefox öffnet bei klicken Werbung & und Programm "lomrdjhy" im Hintergrund FRST
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-04-2015 Ran by Tim² (ATTENTION: The logged in user is not administrator) on TIMS-PC on 12-04-2015 14:32:17 Running from C:\Users\Tim²\Downloads Loaded Profiles: Tim & ******* & Tim² & Hio & Michi (Available profiles: Tim & ****** & Tim² & Hio & Michi) Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) Failed to access process -> smss.exe Failed to access process -> csrss.exe Failed to access process -> csrss.exe Failed to access process -> wininit.exe Failed to access process -> winlogon.exe Failed to access process -> services.exe Failed to access process -> lsass.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> dwm.exe Failed to access process -> atiesrxx.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> atieclxx.exe Failed to access process -> svchost.exe Failed to access process -> spoolsv.exe Failed to access process -> svchost.exe Failed to access process -> armsvc.exe Failed to access process -> avp.exe Failed to access process -> mDNSResponder.exe Failed to access process -> HD-LogRotatorService.exe Failed to access process -> HD-UpdaterService.exe Failed to access process -> CLMSMonitorService.exe Failed to access process -> CLMSServer.exe Failed to access process -> svchost.exe Failed to access process -> dasHost.exe Failed to access process -> lomrajhy.exe Failed to access process -> ouc.exe Failed to access process -> svchost.exe Failed to access process -> lomrwjhy.exe Failed to access process -> svchost.exe Failed to access process -> PnkBstrA.exe Failed to access process -> PsiService_2.exe Failed to access process -> GameScannerService.exe Failed to access process -> RichVideo64.exe Failed to access process -> RzKLService.exe Failed to access process -> svchost.exe Failed to access process -> TeamViewer_Service.exe Failed to access process -> VMLiteService.exe Failed to access process -> WmiPrvSE.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> WUDFHost.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe (Microsoft Corporation) C:\Windows\System32\WpcMon.exe Failed to access process -> SearchIndexer.exe () C:\ProgramData\eazyzoom\1.1.0.30\lomrdjhy.exe () C:\ProgramData\eazyzoom\1.1.0.30\lomr3jhy.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe () C:\ProgramData\eazyzoom\1.1.0.30\lomr6jhy.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe Failed to access process -> OriginClientService.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\klwtblfs.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe Failed to access process -> PnkBstrB.exe Failed to access process -> SeaPort.EXE (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe Failed to access process -> SearchProtocolHost.exe Failed to access process -> SearchFilterHost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-15] (Realtek Semiconductor) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [11877656 2014-09-16] (Logitech Inc.) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.) HKLM-x32\...\Run: [GameforgeLive] => C:\Program Files (x86)\GameforgeLive\gfl_client.exe [3034496 2014-08-07] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-10-08] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [98256 2015-01-26] (Razer Inc.) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2015-03-17] (Malwarebytes Corporation) HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1 HKU\S-1-5-21-2194363954-2173886408-846520025-1006\...\Run: [uTorrent] => C:\Users\Tim²\AppData\Roaming\uTorrent\uTorrent.exe [1051984 2013-02-20] (BitTorrent Inc.) HKU\S-1-5-21-2194363954-2173886408-846520025-1006\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [765200 2012-12-16] (SANDBOXIE L.T.D) HKU\S-1-5-21-2194363954-2173886408-846520025-1006\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2889408 2015-04-09] (Valve Corporation) HKU\S-1-5-21-2194363954-2173886408-846520025-1006\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.) HKU\S-1-5-21-2194363954-2173886408-846520025-1006\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tim²\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tim²\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tim²\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tim²\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tim²\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tim²\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tim²\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tim²\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) GroupPolicyUsers\S-1-5-21-2194363954-2173886408-846520025-1006\User: Group Policy restriction detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://myhome.vi-view.com/?type=hp&ts=1420388967&from=cor&uid=ST1000DM003-9YN162_Z1D33NAGXXXXZ1D33NAG HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1420388967&from=cor&uid=ST1000DM003-9YN162_Z1D33NAGXXXXZ1D33NAG&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1420388967&from=cor&uid=ST1000DM003-9YN162_Z1D33NAGXXXXZ1D33NAG HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1420388967&from=cor&uid=ST1000DM003-9YN162_Z1D33NAGXXXXZ1D33NAG&q={searchTerms} HKU\S-1-5-21-2194363954-2173886408-846520025-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ HKU\S-1-5-21-2194363954-2173886408-846520025-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com HKU\S-1-5-21-2194363954-2173886408-846520025-1006\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://visualbee.delta-search.com/?affID=121376&tt=gc_&babsrc=HP_ss&mntrId=1463D43D7E2F485C URLSearchHook: [S-1-5-21-2194363954-2173886408-846520025-1002] ATTENTION ==> Default URLSearchHook is missing. URLSearchHook: [S-1-5-21-2194363954-2173886408-846520025-1005] ATTENTION ==> Default URLSearchHook is missing. URLSearchHook: [S-1-5-21-2194363954-2173886408-846520025-1007] ATTENTION ==> Default URLSearchHook is missing. URLSearchHook: [S-1-5-21-2194363954-2173886408-846520025-1008] ATTENTION ==> Default URLSearchHook is missing. SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1420388967&from=cor&uid=ST1000DM003-9YN162_Z1D33NAGXXXXZ1D33NAG&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1420388967&from=cor&uid=ST1000DM003-9YN162_Z1D33NAGXXXXZ1D33NAG&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1420388967&from=cor&uid=ST1000DM003-9YN162_Z1D33NAGXXXXZ1D33NAG&q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1420388967&from=cor&uid=ST1000DM003-9YN162_Z1D33NAGXXXXZ1D33NAG&q={searchTerms} SearchScopes: HKU\S-1-5-21-2194363954-2173886408-846520025-1006 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKU\S-1-5-21-2194363954-2173886408-846520025-1006 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1420388967&from=cor&uid=ST1000DM003-9YN162_Z1D33NAGXXXXZ1D33NAG&q={searchTerms} BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-09] (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-22] (Oracle Corporation) BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-22] (Oracle Corporation) BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2013-10-08] (Adblock Plus) BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO) BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-09] (Kaspersky Lab ZAO) BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.) BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2013-10-08] (Adblock Plus) Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.) DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.203.0.cab DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Tim²\AppData\Roaming\Mozilla\Firefox\Profiles\9ouh5dex.default FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF Homepage: www.google.de FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] () FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-06-22] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-06-22] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] () FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.11.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-01-31] (Oracle Corporation) FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-10-09] () FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-10-09] () FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-10-09] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-03-02] (Pando Networks) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2015-04-12] (globalUpdate) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2015-04-12] (globalUpdate) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2194363954-2173886408-846520025-1006: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Tim²\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll [2012-03-19] () FF Plugin HKU\S-1-5-21-2194363954-2173886408-846520025-1006: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tim²\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-2194363954-2173886408-846520025-1006: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-04-21] (Ubisoft) FF user.js: detected! => C:\Users\Tim²\AppData\Roaming\Mozilla\Firefox\Profiles\9ouh5dex.default\user.js [2014-09-07] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\vi-view.xml [2015-01-04] FF Extension: EazyZoom - C:\Users\Tim²\AppData\Roaming\Mozilla\Firefox\Profiles\9ouh5dex.default\Extensions\do@cireleg.com [2015-04-12] FF Extension: WEB.DE MailCheck - C:\Users\Tim²\AppData\Roaming\Mozilla\Firefox\Profiles\9ouh5dex.default\Extensions\toolbar@web.de [2015-04-12] FF Extension: Adblock Plus - C:\Users\Tim²\AppData\Roaming\Mozilla\Firefox\Profiles\9ouh5dex.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-07] FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-04-12] FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-08-31] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-08-31] FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-08-31] FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-08-31] FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com FF Extension: An toàn giao dịch tài chính - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-08-31] FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Hio\AppData\Roaming\Mozilla\Firefox\Profiles\8csep4al.default\extensions\faststartff@gmail.com Chrome: ======= CHR Profile: C:\Users\Tim²\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Tim²\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-24] CHR Extension: (Google Docs) - C:\Users\Tim²\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-24] CHR Extension: (Google Drive) - C:\Users\Tim²\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-24] CHR Extension: (YouTube) - C:\Users\Tim²\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-24] CHR Extension: (Adblock Plus) - C:\Users\Tim²\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-02] CHR Extension: (Google Search) - C:\Users\Tim²\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-24] CHR Extension: (Kaspersky Protection) - C:\Users\Tim²\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-01-24] CHR Extension: (Google Sheets) - C:\Users\Tim²\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-24] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tim²\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13] CHR Extension: (Google Wallet) - C:\Users\Tim²\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-24] CHR Extension: (Gmail) - C:\Users\Tim²\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-24] CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found] CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO) S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-08] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-08] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-08] (BlueStack Systems, Inc.) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation) R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink) R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink) S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-12-03] (Macrovision Europe Ltd.) [File not signed] S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-04-12] (globalUpdate) [File not signed] S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-04-12] (globalUpdate) [File not signed] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 judkabpirw; C:\ProgramData\eazyzoom\1.1.0.30\lomrajhy.exe [586224 2015-04-12] () R2 lmhosts; C:\Windows\system32\svchost.exe [38792 2014-11-21] (Microsoft Corporation) R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [33088 2014-11-21] (Microsoft Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation) S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [246112 2014-07-27] () R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] R2 NlaSvc; C:\Windows\System32\svchost.exe [38792 2014-11-21] (Microsoft Corporation) R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [33088 2014-11-21] (Microsoft Corporation) R2 nsi; C:\Windows\system32\svchost.exe [38792 2014-11-21] (Microsoft Corporation) R2 nsi; C:\Windows\SysWOW64\svchost.exe [33088 2014-11-21] (Microsoft Corporation) R2 nuqchxi; C:\ProgramData\eazyzoom\1.1.0.30\lomrwjhy.exe [250352 2015-04-12] () R3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-04-01] () R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [348672 2015-04-12] () R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186560 2015-01-31] () R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] () R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-01-26] (Razer Inc.) S2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [123664 2012-12-16] (SANDBOXIE L.T.D) S2 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [297984 2014-04-09] () [File not signed] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH) R2 VMLiteService; C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-03-31] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-03-31] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-06-10] () R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-08] (BlueStack Systems) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-31] (Windows (R) Win 7 DDK provider) R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider) R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider) S3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-07-03] (LogMeIn Inc.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab) R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [142344 2014-10-09] (Kaspersky Lab ZAO) R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [771272 2014-10-09] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [67680 2014-03-19] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-06-10] () R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation) R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [136408 2015-04-12] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation ) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-01-31] (Razer, Inc.) S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202632 2012-12-16] (SANDBOXIE L.T.D) R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.) S3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.) R3 VBoxNetFlt; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.) R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.) R3 vmlitestor; C:\Windows\system32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.) R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-03-31] (Microsoft Corporation) R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-11-21] (Microsoft Corporation) S1 tammgF119; \??\C:\WINDOWS\system32\Drivers\tammgF119.sys [X] S1 tammgR119; \??\C:\WINDOWS\system32\Drivers\tammgR119.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-12 14:32 - 2015-04-12 14:32 - 00033037 _____ () C:\Users\Tim²\Downloads\FRST.txt 2015-04-12 14:32 - 2015-04-12 14:32 - 00000000 ____D () C:\FRST 2015-04-12 14:31 - 2015-04-12 14:32 - 02095616 _____ (Farbar) C:\Users\Tim²\Downloads\FRST64.exe 2015-04-12 14:31 - 2015-04-12 14:31 - 00000468 _____ () C:\Users\Tim²\Downloads\defogger_disable.log 2015-04-12 14:30 - 2015-04-12 14:30 - 00050477 _____ () C:\Users\Tim²\Downloads\Defogger.exe 2015-04-12 12:33 - 2015-04-12 12:35 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-04-12 12:33 - 2015-04-12 12:33 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-04-12 12:33 - 2015-04-12 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-04-12 12:33 - 2015-04-12 12:33 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-04-12 12:33 - 2015-04-12 12:33 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-04-12 12:33 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-04-12 12:33 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-04-12 12:33 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-04-12 12:32 - 2015-04-12 12:32 - 00000000 ____D () C:\Program Files (x86)\WEB.DE MailCheck 2015-04-12 11:39 - 2015-04-12 12:57 - 00000970 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job 2015-04-12 11:39 - 2015-04-12 11:57 - 00000974 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job 2015-04-12 11:39 - 2015-04-12 11:39 - 00000000 ____D () C:\Program Files (x86)\globalUpdate 2015-04-12 11:35 - 2015-04-12 11:35 - 00002320 _____ () C:\WINDOWS\patsearch.bin 2015-04-12 11:35 - 2015-04-12 11:35 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webTinstMKTN_01009.Wdf 2015-04-12 11:34 - 2015-04-12 11:34 - 00000000 ____D () C:\ProgramData\eazyzoom 2015-04-10 20:24 - 2015-04-10 20:27 - 31344869 _____ () C:\Users\Tim²\Downloads\BR 648 Nord-Pack 1.1.zip 2015-04-10 18:44 - 2015-04-10 18:44 - 00000000 ____D () C:\Users\Tim²\AppData\Roaming\Railtraction 2015-04-10 18:37 - 2015-04-10 18:43 - 85608221 _____ () C:\Users\Tim²\Downloads\br648.zip 2015-04-02 19:02 - 2015-04-02 19:09 - 00000000 ____D () C:\FSX 2015-04-02 19:00 - 2015-04-02 19:03 - 39770178 _____ () C:\Users\Tim²\Downloads\ivap-v2.0.2-b2773.zip 2015-04-02 17:25 - 2015-04-02 17:25 - 00117312 _____ (Gibson Research Corp.) C:\Users\Hio\Downloads\securable.exe 2015-04-02 17:11 - 2010-08-18 12:30 - 00135272 _____ (VMLite, Inc.) C:\WINDOWS\system32\Drivers\vmliteusbmon.sys 2015-04-02 16:39 - 2015-04-02 16:39 - 00000000 ____D () C:\Users\Tim²\VMLites 2015-04-02 16:39 - 2015-04-02 16:39 - 00000000 ____D () C:\Users\Tim²\AppData\Roaming\AMD 2015-04-02 16:20 - 2015-04-02 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMLite Workstation 2015-04-02 16:20 - 2015-04-02 16:20 - 00000000 ____D () C:\Program Files\VMLite 2015-04-02 16:20 - 2010-08-11 14:39 - 00204328 _____ (VMLite, Inc.) C:\WINDOWS\system32\Drivers\VBoxDrv.sys 2015-04-02 16:20 - 2010-08-03 20:28 - 00014952 _____ (VMLite, Inc.) C:\WINDOWS\system32\Drivers\vmlitedrv.sys 2015-04-02 16:13 - 2015-04-02 16:18 - 68253288 _____ (VMLite, Inc.) C:\Users\Tim²\Downloads\VMLiteWorkstationSetup326 (1).exe 2015-04-02 15:42 - 2015-04-02 15:42 - 00000794 _____ () C:\WINDOWS\KB942288-v3.log 2015-04-02 15:40 - 2015-04-02 15:41 - 03327000 _____ () C:\Users\Tim²\Downloads\WindowsXP-KB942288-v3-x86.exe 2015-04-02 15:35 - 2015-04-02 16:10 - 486678800 _____ (Microsoft Corporation) C:\Users\Tim²\Downloads\WindowsXPMode_de-de (1).exe 2015-04-02 15:15 - 2015-04-02 15:34 - 270913032 _____ (Microsoft Corporation) C:\Users\Tim²\Downloads\WindowsXPMode_de-de.exe 2015-04-02 12:21 - 2014-11-10 01:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-04-02 12:21 - 2014-11-10 01:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-04-02 12:21 - 2014-11-10 01:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll 2015-04-02 12:21 - 2014-11-10 01:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll 2015-04-02 12:21 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2015-04-02 12:21 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2015-04-02 12:20 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll 2015-04-02 12:20 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll 2015-03-31 22:41 - 2015-03-31 22:41 - 00769536 _____ () C:\Users\Tim²\Downloads\MicrosoftFixit50639.msi 2015-03-31 22:22 - 2015-03-31 22:22 - 00000000 __SHD () C:\Users\Tim²\AppData\Local\EmieUserList 2015-03-31 22:22 - 2015-03-31 22:22 - 00000000 __SHD () C:\Users\Tim²\AppData\Local\EmieSiteList 2015-03-31 22:22 - 2015-03-31 22:22 - 00000000 __SHD () C:\Users\Tim²\AppData\Local\EmieBrowserModeList 2015-03-31 22:20 - 2015-03-31 22:20 - 00000000 ___HD () C:\Program Files (x86)\InstallJammer Registry 2015-03-31 22:20 - 2015-03-31 22:20 - 00000000 ____D () C:\Program Files (x86)\VAFS5 2015-03-31 21:58 - 2015-03-31 21:58 - 00002350 _____ () C:\Users\Tim²\Desktop\Sicherer Zahlungsverkehr.lnk 2015-03-31 21:58 - 2015-03-31 21:58 - 00000000 __SHD () C:\Recovery 2015-03-31 21:58 - 2015-03-31 21:52 - 00000000 ___DC () C:\WINDOWS\Panther 2015-03-31 21:57 - 2015-03-31 21:57 - 00001454 _____ () C:\Users\Tim²\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-03-31 21:56 - 2015-03-31 21:56 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2015-03-31 21:56 - 2015-03-31 21:56 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2015-03-31 21:56 - 2015-03-31 21:56 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2015-03-31 21:56 - 2015-03-31 21:56 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2015-03-31 21:56 - 2015-03-31 21:56 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2015-03-31 21:56 - 2015-03-31 21:56 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2015-03-31 21:56 - 2015-03-31 21:56 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll 2015-03-31 21:56 - 2015-03-31 21:56 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe 2015-03-31 21:56 - 2015-03-31 21:56 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe 2015-03-31 21:56 - 2015-03-31 21:56 - 00000654 __RSH () C:\Users\Tim²\ntuser.pol 2015-03-31 21:56 - 2015-03-31 21:56 - 00000020 ___SH () C:\Users\Tim²\ntuser.ini 2015-03-31 21:55 - 2015-03-31 21:55 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2015-03-31 21:55 - 2015-03-31 21:55 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll 2015-03-31 21:55 - 2015-03-31 21:55 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2015-03-31 21:55 - 2015-03-31 21:55 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2015-03-31 21:55 - 2015-03-31 21:55 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2015-03-31 21:55 - 2015-03-31 21:55 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2015-03-31 21:55 - 2015-03-31 21:55 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2015-03-31 21:55 - 2015-03-31 21:55 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2015-03-31 21:55 - 2015-03-31 21:55 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2015-03-31 21:55 - 2015-03-31 21:55 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2015-03-31 21:55 - 2015-03-31 21:55 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2015-03-31 21:55 - 2015-03-31 21:55 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2015-03-31 21:55 - 2015-03-31 21:55 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2015-03-31 21:55 - 2015-03-31 21:55 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll 2015-03-31 21:54 - 2015-04-02 09:27 - 00000000 ___SD () C:\WINDOWS\system32\GWX 2015-03-31 21:54 - 2015-03-31 21:54 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-03-31 21:54 - 2015-03-31 21:54 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-03-31 21:54 - 2015-03-31 21:54 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2015-03-31 21:54 - 2015-03-31 21:54 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2015-03-31 21:54 - 2015-03-31 21:54 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys 2015-03-31 21:54 - 2015-03-31 21:54 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe 2015-03-31 21:54 - 2015-03-31 21:54 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2015-03-31 21:54 - 2015-03-31 21:54 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll 2015-03-31 21:54 - 2015-03-31 21:54 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX 2015-03-31 21:53 - 2015-03-31 21:53 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2015-03-31 21:53 - 2015-03-31 21:53 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2015-03-31 21:53 - 2015-03-31 21:53 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-03-31 21:53 - 2015-03-31 21:53 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-03-31 21:53 - 2015-03-31 21:53 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll 2015-03-31 21:53 - 2015-03-31 21:53 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll 2015-03-31 21:53 - 2015-03-31 21:53 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2015-03-31 21:53 - 2015-03-31 21:53 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll 2015-03-31 21:53 - 2015-03-31 21:53 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll 2015-03-31 21:53 - 2015-03-31 21:53 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2015-03-31 21:53 - 2015-03-31 21:53 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2015-03-31 21:53 - 2015-03-31 21:53 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls 2015-03-31 21:53 - 2015-03-31 21:53 - 00513488 _____ () C:\WINDOWS\system32\locale.nls 2015-03-31 21:53 - 2015-03-31 21:53 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2015-03-31 21:53 - 2015-03-31 21:53 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2015-03-31 21:53 - 2015-03-31 21:53 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2015-03-31 21:53 - 2015-03-31 21:53 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-03-31 21:53 - 2015-03-31 21:53 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2015-03-31 21:53 - 2015-03-31 21:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2015-03-31 21:53 - 2015-03-31 21:53 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-03-31 21:53 - 2015-03-31 21:53 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2015-03-31 21:53 - 2015-03-31 21:53 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2015-03-31 21:53 - 2015-03-31 21:53 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys 2015-03-31 21:53 - 2015-03-31 21:53 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe 2015-03-31 21:53 - 2015-03-31 21:53 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-03-31 21:53 - 2015-03-31 21:53 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll 2015-03-31 21:53 - 2015-03-31 21:53 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-03-31 21:52 - 2015-03-31 21:52 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-03-31 21:52 - 2015-03-31 21:52 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe 2015-03-31 21:52 - 2015-03-31 21:52 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe 2015-03-31 21:52 - 2015-03-31 21:52 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2015-03-31 21:52 - 2015-03-31 21:52 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll 2015-03-31 21:52 - 2015-03-31 21:52 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll 2015-03-31 21:51 - 2015-03-31 21:51 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-03-31 21:51 - 2015-03-31 21:51 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-03-31 21:51 - 2015-03-31 21:51 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-03-31 21:51 - 2015-03-31 21:51 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll 2015-03-31 21:51 - 2015-03-31 21:51 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2015-03-31 21:51 - 2015-03-31 21:51 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2015-03-31 21:51 - 2015-03-31 21:51 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2015-03-31 21:51 - 2015-03-31 21:51 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll 2015-03-31 21:51 - 2015-03-31 21:51 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2015-03-31 21:51 - 2015-03-31 21:51 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-03-31 21:50 - 2015-03-31 21:50 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-03-31 21:50 - 2015-03-31 21:50 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-03-31 21:50 - 2015-03-31 21:50 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2015-03-31 21:50 - 2015-03-31 21:50 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2015-03-31 21:50 - 2015-03-31 21:50 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2015-03-31 21:50 - 2015-03-31 21:50 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2015-03-31 21:50 - 2015-03-31 21:50 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll 2015-03-31 21:50 - 2015-03-31 21:50 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll 2015-03-31 21:50 - 2015-03-31 21:50 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2015-03-31 21:50 - 2015-03-31 21:50 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2015-03-31 21:50 - 2015-03-31 21:50 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2015-03-31 21:50 - 2015-03-31 21:50 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys 2015-03-31 21:50 - 2015-03-31 21:50 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe 2015-03-31 21:50 - 2015-03-31 21:50 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll 2015-03-31 21:50 - 2015-03-31 21:50 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll 2015-03-31 21:50 - 2015-03-31 21:50 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll 2015-03-31 21:50 - 2015-03-31 21:50 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe 2015-03-31 21:50 - 2015-03-31 21:50 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll 2015-03-31 21:50 - 2015-03-31 21:50 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe 2015-03-31 21:47 - 2015-03-31 21:47 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer 2015-03-31 21:47 - 2015-03-31 21:47 - 00000000 ____D () C:\Program Files\Reference Assemblies 2015-03-31 21:47 - 2015-03-31 21:47 - 00000000 ____D () C:\Program Files\MSBuild 2015-03-31 21:47 - 2015-03-31 21:47 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies 2015-03-31 21:47 - 2015-03-31 21:47 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2015-03-31 21:46 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2015-03-31 21:46 - 2013-08-03 06:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2015-03-31 21:46 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2015-03-31 21:46 - 2013-08-03 06:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-03-31 21:39 - 2015-04-12 11:15 - 01108929 _____ () C:\WINDOWS\WindowsUpdate.log 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Users\Default\Vorlagen 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Users\Default\Startmenü 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Programme 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\ProgramData\Vorlagen 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\ProgramData\Startmenü 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\ProgramData\Dokumente 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien 2015-03-31 21:39 - 2015-03-31 21:39 - 00000000 _SHDL () C:\Dokumente und Einstellungen 2015-03-31 21:38 - 2015-03-31 21:38 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat 2015-03-31 21:17 - 2015-03-31 21:17 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-03-31 21:07 - 2015-04-12 14:31 - 00000000 ____D () C:\Users\Hio 2015-03-31 21:07 - 2015-04-12 12:54 - 00000000 ____D () C:\Users\Tim² 2015-03-31 21:07 - 2015-03-31 21:38 - 00057153 _____ () C:\WINDOWS\diagwrn.xml 2015-03-31 21:07 - 2015-03-31 21:38 - 00057153 _____ () C:\WINDOWS\diagerr.xml 2015-03-31 21:07 - 2015-03-31 21:33 - 00000000 ____D () C:\Users\Michi 2015-03-31 21:07 - 2015-03-31 21:32 - 00000000 ____D () C:\Users\Tim 2015-03-31 21:07 - 2015-03-31 21:32 - 00000000 ____D () C:\Users\******* 2015-03-31 21:07 - 2015-03-31 21:08 - 00000000 ___RD () C:\Users\Tim²\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-03-31 21:07 - 2015-03-31 21:07 - 00000000 _SHDL () C:\Users\Tim²\Vorlagen 2015-03-31 21:07 - 2015-03-31 21:07 - 00000000 _SHDL () C:\Users\Tim²\Startmenü 2015-03-31 21:07 - 2015-03-31 21:07 - 00000000 _SHDL () C:\Users\Tim²\Netzwerkumgebung 2015-03-31 21:07 - 2015-03-31 21:07 - 00000000 _SHDL () C:\Users\Tim²\Lokale Einstellungen 2015-03-31 21:07 - 2015-03-31 21:07 - 00000000 _SHDL () C:\Users\Tim²\Eigene Dateien 2015-03-31 21:07 - 2015-03-31 21:07 - 00000000 _SHDL () C:\Users\Tim²\Druckumgebung 2015-03-31 21:07 - 2015-03-31 21:07 - 00000000 _SHDL () C:\Users\Tim²\Documents\Eigene Musik 2015-03-31 21:07 - 2015-03-31 21:07 - 00000000 _SHDL () C:\Users\Tim²\Documents\Eigene Bilder 2015-03-31 21:07 - 2015-03-31 21:07 - 00000000 _SHDL () C:\Users\Tim²\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-03-31 21:07 - 2015-03-31 21:07 - 00000000 _SHDL () C:\Users\Tim²\AppData\Local\Verlauf 2015-03-31 21:07 - 2015-03-31 21:07 - 00000000 _SHDL () C:\Users\Tim²\AppData\Local\Anwendungsdaten 2015-03-31 21:07 - 2015-03-31 21:07 - 00000000 _SHDL () C:\Users\Tim²\Anwendungsdaten 2015-03-31 21:07 - 2014-11-21 12:52 - 00000000 ___RD () C:\Users\Tim²\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-03-31 21:07 - 2014-11-21 12:52 - 00000000 ___RD () C:\Users\Tim²\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-03-31 21:07 - 2014-11-21 05:42 - 00000369 _____ () C:\Users\Tim²\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2015-03-31 21:07 - 2014-11-21 05:42 - 00000369 _____ () C:\Users\Tim²\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2015-03-31 21:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Tim²\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-03-31 21:01 - 2015-03-31 21:01 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2015-03-31 21:01 - 2015-03-31 21:01 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM 2015-03-31 21:01 - 2015-03-31 21:01 - 00000000 ____D () C:\Program Files\Realtek 2015-03-31 21:01 - 2015-03-31 21:01 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies 2015-03-31 21:01 - 2015-03-31 21:01 - 00000000 ____D () C:\Program Files\AMD 2015-03-31 21:01 - 2015-03-31 21:01 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin 2015-03-31 21:00 - 2015-03-31 21:00 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2015-03-31 21:00 - 2015-03-31 21:00 - 00000000 ____D () C:\ProgramData\Hewlett-Packard 2015-03-31 16:14 - 2015-03-31 16:14 - 00000000 __RHD () C:\ESD 2015-03-31 16:13 - 2015-03-31 16:13 - 01322960 _____ (Microsoft Corporation) C:\Users\Hio\Downloads\mediacreationtool.exe 2015-03-30 16:49 - 2015-03-30 16:49 - 00068781 _____ () C:\Users\Tim²\Downloads\FSX_ABSTURZ_FIX.RAR 2015-03-28 21:11 - 2015-03-28 21:11 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2015-03-28 18:25 - 2015-03-28 18:27 - 00000000 ____D () C:\Users\Tim²\Documents\Battlefield 3 2015-03-28 18:20 - 2015-03-28 18:20 - 00000000 ____D () C:\Users\Tim²\AppData\Local\ESN 2015-03-28 18:08 - 2015-03-28 20:44 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins 2015-03-28 18:08 - 2015-03-28 18:08 - 01533584 _____ () C:\Users\Tim²\Downloads\battlelog-web-plugins_2.6.2_157.exe 2015-03-28 18:02 - 2015-03-31 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3 2015-03-28 18:02 - 2015-03-28 18:02 - 00001387 _____ () C:\Users\Public\Desktop\Battlefield 3.lnk 2015-03-28 15:03 - 2015-03-04 09:26 - 00011105 ____N () C:\WINDOWS\system32\AutoconfigV2.cab 2015-03-28 14:05 - 2015-03-28 14:09 - 40684373 _____ () C:\Users\Tim²\Downloads\oebb_1144_0.9.1.rar 2015-03-28 14:03 - 2015-03-28 14:04 - 09004320 _____ () C:\Users\Tim²\Downloads\oebb_1042_1142.zip 2015-03-28 14:02 - 2015-03-28 14:02 - 00127778 _____ () C:\Users\Tim²\Downloads\der_neue_zug_-_teil_1_fix.zip 2015-03-26 21:15 - 2015-03-26 21:15 - 00078070 _____ () C:\Users\Tim²\Downloads\re_in_richtung_aachen_nach_kln (1).zip 2015-03-26 09:45 - 2015-03-26 09:45 - 08379720 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll 2015-03-26 09:45 - 2015-03-26 09:45 - 08369408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll 2015-03-26 09:45 - 2015-03-26 09:45 - 07558816 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll 2015-03-26 09:45 - 2015-03-26 09:45 - 07077776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll 2015-03-26 09:45 - 2015-03-26 09:45 - 03471376 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap 2015-03-26 09:45 - 2015-03-26 09:45 - 03437632 _____ () C:\WINDOWS\system32\atiumd6a.cap 2015-03-26 09:45 - 2015-03-26 09:45 - 00843776 _____ (AMD) C:\WINDOWS\system32\coinst_14.50.dll 2015-03-26 09:45 - 2015-03-26 09:45 - 00323252 _____ () C:\WINDOWS\system32\ativvaxy_vi.dat 2015-03-26 09:45 - 2015-03-26 09:45 - 00321712 _____ () C:\WINDOWS\system32\ativvaxy_vi_nd.dat 2015-03-26 09:45 - 2015-03-26 09:45 - 00238144 _____ () C:\WINDOWS\system32\ativvaxy_cz_nd.dat 2015-03-26 09:45 - 2015-03-26 09:45 - 00235008 _____ () C:\WINDOWS\system32\clinfo.exe 2015-03-26 09:45 - 2015-03-26 09:45 - 00234292 _____ () C:\WINDOWS\system32\ativvaxy_cik.dat 2015-03-26 09:45 - 2015-03-26 09:45 - 00232624 _____ () C:\WINDOWS\system32\ativvaxy_cik_nd.dat 2015-03-26 09:45 - 2015-03-26 09:45 - 00204952 _____ () C:\WINDOWS\SysWOW64\ativvsvl.dat 2015-03-26 09:45 - 2015-03-26 09:45 - 00204952 _____ () C:\WINDOWS\system32\ativvsvl.dat 2015-03-26 09:45 - 2015-03-26 09:45 - 00158944 _____ () C:\WINDOWS\system32\ativce03.dat 2015-03-26 09:45 - 2015-03-26 09:45 - 00157144 _____ () C:\WINDOWS\SysWOW64\ativvsva.dat 2015-03-26 09:45 - 2015-03-26 09:45 - 00157144 _____ () C:\WINDOWS\system32\ativvsva.dat 2015-03-26 09:45 - 2015-03-26 09:45 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll 2015-03-26 09:45 - 2015-03-26 09:45 - 00140240 _____ () C:\WINDOWS\system32\samu_krnl_ci.sbin 2015-03-26 09:45 - 2015-03-26 09:45 - 00138832 _____ () C:\WINDOWS\system32\samu_krnl_isv_ci.sbin 2015-03-26 09:45 - 2015-03-26 09:45 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll 2015-03-26 09:45 - 2015-03-26 09:45 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll 2015-03-26 09:45 - 2015-03-26 09:45 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll 2015-03-26 09:45 - 2015-03-26 09:45 - 00098816 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll 2015-03-26 09:45 - 2015-03-26 09:45 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll 2015-03-26 09:45 - 2015-03-26 09:45 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll 2015-03-26 09:45 - 2015-03-26 09:45 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll 2015-03-26 09:45 - 2015-03-26 09:45 - 00083456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll 2015-03-26 09:45 - 2015-03-26 09:45 - 00083312 _____ () C:\WINDOWS\system32\ativce02.dat 2015-03-26 09:45 - 2015-03-26 09:45 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll 2015-03-26 09:45 - 2015-03-26 09:45 - 00046128 _____ () C:\WINDOWS\system32\kapp_ci.sbin 2015-03-26 09:45 - 2015-03-26 09:45 - 00041936 _____ () C:\WINDOWS\system32\kapp_si.sbin 2015-03-26 09:44 - 2015-03-26 09:44 - 47899136 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 40987136 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 28354560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 23621632 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 18959360 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys 2015-03-26 09:44 - 2015-03-26 09:44 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 11076784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 09401480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 05837312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 04590592 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 01348928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 01214976 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 01187342 _____ () C:\WINDOWS\system32\amdocl_as64.exe 2015-03-26 09:44 - 2015-03-26 09:44 - 01127496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 01061902 _____ () C:\WINDOWS\system32\amdocl_ld64.exe 2015-03-26 09:44 - 2015-03-26 09:44 - 00995342 _____ () C:\WINDOWS\SysWOW64\amdocl_as32.exe 2015-03-26 09:44 - 2015-03-26 09:44 - 00903168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00798734 _____ () C:\WINDOWS\SysWOW64\amdocl_ld32.exe 2015-03-26 09:44 - 2015-03-26 09:44 - 00774656 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2015-03-26 09:44 - 2015-03-26 09:44 - 00765851 _____ () C:\WINDOWS\system32\amdicdxx.dat 2015-03-26 09:44 - 2015-03-26 09:44 - 00734861 _____ () C:\WINDOWS\system32\atiicdxx.dat 2015-03-26 09:44 - 2015-03-26 09:44 - 00631912 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb 2015-03-26 09:44 - 2015-03-26 09:44 - 00631912 _____ () C:\WINDOWS\system32\atiapfxx.blb 2015-03-26 09:44 - 2015-03-26 09:44 - 00589312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys 2015-03-26 09:44 - 2015-03-26 09:44 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00442368 _____ () C:\WINDOWS\system32\amdmiracast.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe 2015-03-26 09:44 - 2015-03-26 09:44 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe 2015-03-26 09:44 - 2015-03-26 09:44 - 00244736 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe 2015-03-26 09:44 - 2015-03-26 09:44 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00118784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atibtmon.exe 2015-03-26 09:44 - 2015-03-26 09:44 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00065024 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00058880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe 2015-03-26 09:44 - 2015-03-26 09:44 - 00049664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00038912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2015-03-26 09:44 - 2015-03-26 09:44 - 00003917 _____ () C:\WINDOWS\SysWOW64\atipblag.dat 2015-03-26 09:44 - 2015-03-26 09:44 - 00003917 _____ () C:\WINDOWS\system32\atipblag.dat 2015-03-26 09:43 - 2015-03-26 09:43 - 00294600 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys 2015-03-26 09:43 - 2015-03-26 09:43 - 00157248 _____ () C:\WINDOWS\system32\amde31a.dat 2015-03-26 09:43 - 2015-03-26 09:43 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll 2015-03-26 09:43 - 2015-03-26 09:43 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll 2015-03-26 09:43 - 2015-03-26 09:43 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll 2015-03-26 09:43 - 2015-03-26 09:43 - 00118096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll 2015-03-26 09:43 - 2015-03-26 09:43 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll 2015-03-26 09:43 - 2015-03-26 09:43 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll 2015-03-24 17:52 - 2015-03-24 17:52 - 00001023 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2015-03-24 17:52 - 2015-03-24 17:52 - 00001011 _____ () C:\Users\Public\Desktop\Audacity.lnk 2015-03-24 17:52 - 2015-03-24 17:52 - 00000000 ____D () C:\Program Files (x86)\Audacity 2015-03-23 21:23 - 2015-03-23 21:25 - 22892794 _____ (Audacity Team ) C:\Users\Tim²\Downloads\audacity-win-2.0.6.exe 2015-03-23 21:21 - 2015-03-31 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Recorder Pro 2015-03-23 21:21 - 2015-03-23 21:21 - 00000000 ____D () C:\Program Files (x86)\Audio Recorder Pro 2015-03-23 21:20 - 2015-03-23 21:20 - 02015361 _____ (EZ SoftMagic, Inc. ) C:\Users\Tim²\Downloads\rcrdmate37.exe 2015-03-23 21:14 - 2015-03-31 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Naturalsoft 2015-03-23 21:14 - 2015-03-23 21:14 - 00002051 _____ () C:\Users\Public\Desktop\Demo.lnk 2015-03-23 21:14 - 2015-03-23 21:14 - 00002046 _____ () C:\Users\Public\Desktop\NaturalReader Free.lnk 2015-03-23 21:13 - 2015-03-23 21:13 - 00000000 ____D () C:\ProgramData\Naturalsoft 2015-03-23 21:13 - 2015-03-23 21:13 - 00000000 ____D () C:\Program Files (x86)\Naturalsoft 2015-03-23 21:12 - 2015-03-23 21:12 - 00000000 ____D () C:\Users\Tim²\Documents\Naturalsoft 2015-03-23 21:08 - 2015-03-23 21:11 - 19548464 _____ (Naturalsoft limited ) C:\Users\Tim²\Downloads\standardsetup.exe 2015-03-23 20:56 - 2015-03-23 21:00 - 21008112 _____ (NextUp.com ) C:\Users\Tim²\Downloads\textaloud-mp3_2243 2015-03-23 18:22 - 2015-03-23 18:22 - 00641353 _____ () C:\Users\Tim²\Downloads\AnsagenScriptKit.zip 2015-03-21 18:26 - 2015-03-21 18:27 - 03235042 _____ () C:\Users\Tim²\Downloads\blxt_me146_db_destinations_pack.zip 2015-03-21 17:59 - 2015-03-21 17:59 - 00313763 _____ () C:\Users\Tim²\Downloads\ice_935_nach_stralsund.zip 2015-03-21 17:56 - 2015-03-21 17:56 - 00149719 _____ () C:\Users\Tim²\Downloads\IC nach Berlin Hbf_0.zip 2015-03-21 16:01 - 2015-03-21 16:04 - 32628135 _____ () C:\Users\Tim²\Downloads\berlinwittenberg-update1-26 (1).exe 2015-03-21 16:00 - 2015-03-21 16:00 - 00984725 _____ () C:\Users\Tim²\Downloads\TW_DTG_ME146_Soundpack_2.1.rar 2015-03-21 15:58 - 2015-03-21 15:58 - 04627339 _____ () C:\Users\Tim²\Downloads\TW_RSC_ME146_Soundupdate_1.1.rar 2015-03-21 15:58 - 2015-03-21 15:58 - 00483706 _____ () C:\Users\Tim²\Downloads\TW_DTG_ME146_Soundpack_Update_2.2 (1).rwp 2015-03-21 15:25 - 2015-03-21 15:25 - 00257109 _____ () C:\Users\Tim²\Downloads\ec7.zip 2015-03-21 13:44 - 2015-03-21 13:44 - 00513293 _____ () C:\Users\Tim²\Downloads\ic_2356 (1).zip 2015-03-21 13:41 - 2015-03-21 13:41 - 00437376 _____ () C:\Users\Tim²\Downloads\re_4362.zip 2015-03-21 13:39 - 2015-03-21 13:39 - 00123305 _____ () C:\Users\Tim²\Downloads\ice_von_berlin_nach_mnchen_teil_1 (1).zip 2015-03-21 13:38 - 2015-04-10 20:31 - 00000000 ____D () C:\Users\Tim²\Desktop\TS 2015-03-21 13:34 - 2015-03-21 13:34 - 00441377 _____ () C:\Users\Tim²\Downloads\neujahrsnacht1.1.zip 2015-03-21 13:16 - 2015-03-21 13:16 - 00650657 _____ () C:\Users\Tim²\Downloads\lame3.99.5.zip 2015-03-21 13:15 - 2015-03-21 13:17 - 00000000 ____D () C:\Program Files (x86)\mp3DirectCut 2015-03-21 13:15 - 2015-03-21 13:15 - 00000000 ____D () C:\Users\Tim²\AppData\Roaming\mp3DirectCut 2015-03-21 13:12 - 2015-03-21 13:12 - 00308709 _____ () C:\Users\Tim²\Downloads\mp3DC220.exe 2015-03-21 10:42 - 2015-03-21 10:43 - 13273457 _____ () C:\Users\Tim²\Downloads\WR+GZ_71093_Karwendel.zip 2015-03-21 10:41 - 2015-03-21 10:41 - 00082666 _____ () C:\Users\Tim²\Downloads\WR_Weihnachtsueberraschung_2013.zip 2015-03-19 15:31 - 2015-03-19 15:32 - 08221876 _____ () C:\Users\Hio\Downloads\SW_ME_82818.zip 2015-03-16 18:32 - 2015-03-31 21:21 - 00000000 ____D () C:\WINDOWS\SysWOW64\DCS 2015-03-15 21:22 - 2015-03-15 21:22 - 02754009 _____ () C:\Users\Tim²\Downloads\Solaris-Pack-Vestische-by-RW-Gladbeck-EXKLUSIV.rar 2015-03-15 21:21 - 2015-03-15 21:21 - 02766340 _____ () C:\Users\Tim²\Downloads\Solaris-Pack-BOGESTRA-by-RW-Gladbeck-EXKLUSIV.rar 2015-03-15 20:51 - 2015-03-15 20:51 - 228209129 _____ () C:\Users\Tim²\Downloads\Solaris Urbino BVG Releasepack.7z 2015-03-15 17:43 - 2015-03-15 17:43 - 00000781 _____ () C:\Users\Public\Desktop\Aerosoft Launcher.lnk 2015-03-15 17:35 - 2015-03-15 17:41 - 51754688 _____ (Acresso Software Inc. ) C:\Users\Tim²\Downloads\as_aerosoft-launcher_v1203.exe 2015-03-15 17:21 - 2015-03-15 17:21 - 00082079 _____ () C:\Users\Tim²\Downloads\GameKey1632Revealer (2).zip 2015-03-15 13:05 - 2015-03-15 13:05 - 02006022 _____ () C:\Users\Tim²\Downloads\Update-auf-V5.1.2.zip 2015-03-15 08:49 - 2015-03-15 10:27 - 881158639 _____ () C:\Users\Tim²\Downloads\Version 5.1 (mit Wien) inkl. Patches (5.1.5).rar 2015-03-14 14:23 - 2014-03-28 15:49 - 17725955 _____ () C:\Users\Tim²\Downloads\Class 375 DB Repaint für !LondonFavershamHighspeed!.rwp 2015-03-14 12:47 - 2015-03-15 08:42 - 881172959 _____ () C:\Users\Tim²\Downloads\Version 5.1 (ohne Wien) inkl. Patches (5.1.5).rar 2015-03-14 12:09 - 2015-03-14 12:13 - 36532905 _____ () C:\Users\Tim²\Downloads\class_375_db_repaint_0.zip 2015-03-13 15:51 - 2015-03-13 15:59 - 69337652 _____ () C:\Users\Tim²\Downloads\Version 5.1 (5.1.5) (2).rar 2015-03-13 15:13 - 2015-03-13 15:21 - 71015708 _____ () C:\Users\Tim²\Downloads\Version 5.1 (5.1.5)(1).rar 2015-03-13 14:48 - 2015-03-13 15:11 - 72024556 _____ () C:\Users\Tim²\Downloads\Version 5.1 (5.1.5) (1).rar 2015-03-13 14:41 - 2015-03-13 14:48 - 52068572 _____ () C:\Users\Tim²\Downloads\Version 5.1 (5.1.5).rar ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-12 14:31 - 2014-11-23 17:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-04-12 14:30 - 2015-01-04 18:30 - 00000300 _____ () C:\WINDOWS\Tasks\Price Fountain.job 2015-04-12 14:25 - 2013-03-21 08:38 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-04-12 14:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2015-04-12 13:52 - 2015-01-24 19:41 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-04-12 13:11 - 2014-08-31 18:33 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2015-04-12 13:03 - 2014-11-21 05:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-04-12 13:03 - 2014-11-21 04:45 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat 2015-04-12 13:03 - 2014-11-21 04:45 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat 2015-04-12 13:01 - 2013-10-24 17:20 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-04-12 13:01 - 2013-10-23 06:57 - 00348672 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe 2015-04-12 13:01 - 2013-02-10 21:10 - 00348672 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr 2015-04-12 13:01 - 2013-02-10 20:11 - 00280904 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0 2015-04-12 13:00 - 2013-10-12 18:21 - 00000000 ____D () C:\ProgramData\Origin 2015-04-12 12:57 - 2015-01-24 19:41 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-04-12 12:55 - 2015-01-04 18:30 - 00000000 ____D () C:\Program Files (x86)\XTab 2015-04-12 12:55 - 2015-01-04 18:29 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect 2015-04-12 12:55 - 2014-11-20 20:24 - 00014816 _____ () C:\WINDOWS\PFRO.log 2015-04-12 12:55 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\Offline Web Pages 2015-04-12 12:55 - 2013-08-22 16:46 - 00452107 _____ () C:\WINDOWS\setupact.log 2015-04-12 12:55 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-04-12 12:54 - 2013-05-19 11:11 - 00000000 ____D () C:\ProgramData\VisualBee 2015-04-12 11:53 - 2014-04-27 19:29 - 00000000 ____D () C:\Users\Tim²\AppData\Roaming\TS3Client 2015-04-11 17:57 - 2015-03-04 18:32 - 00000000 ____D () C:\Users\Tim²\Desktop\Aufnahmen Panasonic 2015-04-11 17:57 - 2013-05-07 18:57 - 00000000 ____D () C:\Users\Tim²\Desktop\NosTale 2015-04-11 13:57 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache 2015-04-10 21:11 - 2013-10-12 18:20 - 00000000 ____D () C:\Program Files (x86)\Origin 2015-04-02 20:57 - 2015-01-24 19:47 - 00002199 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-04-02 19:15 - 2013-02-02 12:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games 2015-04-02 17:05 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS 2015-04-02 17:05 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS 2015-04-02 16:51 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2015-04-01 09:10 - 2013-10-23 06:57 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2015-04-01 08:42 - 2014-11-06 18:15 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense 2015-03-31 22:32 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\restore 2015-03-31 22:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2015-03-31 21:59 - 2013-02-02 13:41 - 00000000 ____D () C:\Users\Tim²\AppData\Local\Packages 2015-03-31 21:55 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel 2015-03-31 21:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore 2015-03-31 21:54 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-03-31 21:54 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-03-31 21:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender 2015-03-31 21:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2015-03-31 21:52 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-03-31 21:50 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2015-03-31 21:39 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Registration 2015-03-31 21:39 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows NT 2015-03-31 21:39 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Default 2015-03-31 21:38 - 2015-03-03 21:20 - 00008164 _____ () C:\WINDOWS\comsetup.log 2015-03-31 21:35 - 2013-08-22 17:36 - 00000000 __RSD () C:\WINDOWS\Media 2015-03-31 21:35 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries 2015-03-31 21:23 - 2013-08-22 16:44 - 02310632 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2015-03-31 21:21 - 2015-02-25 18:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3 2015-03-31 21:21 - 2015-02-16 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories 2015-03-31 21:21 - 2015-02-15 00:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2015-03-31 21:21 - 2015-01-26 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\diclovit's mod pack 2015-03-31 21:21 - 2015-01-24 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-03-31 21:21 - 2015-01-17 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 2015-03-31 21:21 - 2015-01-04 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Mario Bros. X 2015-03-31 21:21 - 2014-12-07 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media 2015-03-31 21:21 - 2014-12-07 14:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel VideoStudio Pro X5 2015-03-31 21:21 - 2014-10-30 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts Simulator 2015 2015-03-31 21:21 - 2014-10-14 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Demolition Company Gold 2015-03-31 21:21 - 2014-10-09 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2015-03-31 21:21 - 2014-10-04 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-03-31 21:21 - 2014-10-04 12:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer 2015-03-31 21:21 - 2014-09-21 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7 2015-03-31 21:21 - 2014-08-31 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2015-03-31 21:21 - 2014-08-16 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2015-03-31 21:21 - 2014-07-27 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner 2015-03-31 21:21 - 2014-06-16 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies 2015-03-31 21:21 - 2014-06-15 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2015-03-31 21:21 - 2014-05-30 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake 2015-03-31 21:21 - 2014-05-24 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kehrmaschinen-Simulator 2011 2015-03-31 21:21 - 2014-05-09 12:48 - 00000000 ____D () C:\Users\Tim²\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-03-31 21:21 - 2014-05-02 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABC-Schutz-Simulator 2015-03-31 21:21 - 2014-04-27 19:27 - 00000000 ____D () C:\Users\Tim²\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2015-03-31 21:21 - 2014-04-15 16:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2015-03-31 21:21 - 2014-04-15 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2015-03-31 21:21 - 2014-04-15 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3 2015-03-31 21:21 - 2014-03-10 08:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II 2015-03-31 21:21 - 2014-03-08 17:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™ 2015-03-31 21:21 - 2014-03-06 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stronghold 2015-03-31 21:21 - 2014-01-28 20:19 - 00000000 ____D () C:\Users\Tim²\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup 2015-03-31 21:21 - 2014-01-17 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RTS Wegberg 2015-03-31 21:21 - 2014-01-04 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Feuer- und Notfallsimulation Wegberg 2015-03-31 21:21 - 2013-11-02 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode 2015-03-31 21:21 - 2013-11-01 12:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OMSI Addon Manager 2015-03-31 21:21 - 2013-10-31 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aerosoft 2015-03-31 21:21 - 2013-10-27 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2015-03-31 21:21 - 2013-10-27 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2015-03-31 21:21 - 2013-10-24 18:06 - 00000000 ____D () C:\Users\Tim²\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-03-31 21:21 - 2013-10-24 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-03-31 21:21 - 2013-10-14 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oovee 2015-03-31 21:21 - 2013-10-12 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2015-03-31 21:21 - 2013-09-14 15:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rettungswagen Simulator 2014 2015-03-31 21:21 - 2013-09-01 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cube World 2015-03-31 21:21 - 2013-08-27 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTP2 Addons 2015-03-31 21:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2015-03-31 21:21 - 2013-08-05 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bus-Simulator 2012 2015-03-31 21:21 - 2013-08-01 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Werkfeuerwehr-Simulator 2014 2015-03-31 21:21 - 2013-07-22 10:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rettungswagen Simulator 2012 2015-03-31 21:21 - 2013-05-14 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts Simulator 2013 2015-03-31 21:21 - 2013-05-07 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie 2015-03-31 21:21 - 2013-03-29 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Feuerwehr-Simulator 2010 2015-03-31 21:21 - 2013-03-25 18:57 - 00000000 ____D () C:\Users\Tim²\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2015-03-31 21:21 - 2013-03-19 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free M4a to MP3 Converter 2015-03-31 21:21 - 2013-03-14 08:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-03-31 21:21 - 2013-02-22 16:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps 2015-03-31 21:21 - 2013-02-21 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-03-31 21:21 - 2013-02-20 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 2015-03-31 21:21 - 2013-02-06 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flughafen-Feuerwehr-Simulator 2013 2015-03-31 21:21 - 2013-02-02 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nostale(DE) 2015-03-31 21:21 - 2013-02-01 14:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2015-03-31 21:21 - 2012-11-09 16:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3 2015-03-31 21:21 - 2012-11-09 16:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeCinema 2015-03-31 21:21 - 2012-11-09 14:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medion MediaPack 3 2015-03-31 21:21 - 2012-11-09 11:09 - 00000000 ____D () C:\WINDOWS\tr 2015-03-31 21:21 - 2012-11-09 11:09 - 00000000 ____D () C:\WINDOWS\sv 2015-03-31 21:21 - 2012-11-09 11:09 - 00000000 ____D () C:\WINDOWS\sl 2015-03-31 21:21 - 2012-11-09 11:09 - 00000000 ____D () C:\WINDOWS\pl 2015-03-31 21:21 - 2012-11-09 11:09 - 00000000 ____D () C:\WINDOWS\nl 2015-03-31 21:21 - 2012-11-09 11:09 - 00000000 ____D () C:\WINDOWS\it 2015-03-31 21:21 - 2012-11-09 11:09 - 00000000 ____D () C:\WINDOWS\hu 2015-03-31 21:21 - 2012-11-09 11:09 - 00000000 ____D () C:\WINDOWS\fr 2015-03-31 21:21 - 2012-11-09 11:09 - 00000000 ____D () C:\WINDOWS\es 2015-03-31 21:21 - 2012-11-09 11:09 - 00000000 ____D () C:\WINDOWS\da 2015-03-31 21:21 - 2012-11-09 11:08 - 00000000 ____D () C:\WINDOWS\el 2015-03-31 21:21 - 2012-11-09 11:08 - 00000000 ____D () C:\WINDOWS\de 2015-03-31 21:21 - 2012-11-09 10:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerRecover 2015-03-31 21:21 - 2012-07-26 11:43 - 00000000 ____D () C:\WINDOWS\en-GB 2015-03-31 21:17 - 2014-12-03 19:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\spool 2015-03-31 21:17 - 2014-11-21 04:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN 2015-03-31 21:17 - 2014-11-21 04:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep 2015-03-31 21:17 - 2014-11-21 04:45 - 00000000 ____D () C:\WINDOWS\system32\WCN 2015-03-31 21:17 - 2013-12-15 11:33 - 00000000 __SHD () C:\WINDOWS\SysWOW64\AI_RecycleBin 2015-03-31 21:17 - 2013-08-22 17:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log 2015-03-31 21:17 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI 2015-03-31 21:17 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz 2015-03-31 21:17 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME 2015-03-31 21:17 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns 2015-03-31 21:17 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\spool 2015-03-31 21:17 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\MUI 2015-03-31 21:17 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\IME 2015-03-31 21:17 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI 2015-03-31 21:17 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe 2015-03-31 21:17 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe 2015-03-31 21:17 - 2013-03-13 17:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\xlive 2015-03-31 21:17 - 2012-07-26 07:37 - 00000000 ____D () C:\Users\Default.migrated 2015-03-31 21:16 - 2014-11-21 12:51 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel 2015-03-31 21:15 - 2014-12-21 21:44 - 00000000 ____D () C:\WINDOWS\system32\appraiser 2015-03-31 21:15 - 2014-11-21 05:13 - 00000000 ____D () C:\WINDOWS\ShellNew 2015-03-31 21:14 - 2015-03-12 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2015-03-31 21:14 - 2015-02-15 14:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES 2015-03-31 21:14 - 2015-01-13 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft 2015-03-31 21:14 - 2014-09-09 11:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2015-03-31 21:14 - 2014-07-09 14:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mediachance 2015-03-31 21:14 - 2014-06-20 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts 2015-03-31 21:14 - 2014-06-10 09:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Playlogic 2015-03-31 21:14 - 2014-05-25 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2015-03-31 21:14 - 2014-05-17 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks 2015-03-31 21:14 - 2014-05-02 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\rondomedia 2015-03-31 21:14 - 2014-01-03 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\sixteen tons entertainment 2015-03-31 21:14 - 2013-12-14 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thrustmaster 2015-03-31 21:14 - 2013-10-01 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Klett 2015-03-31 21:14 - 2013-08-27 09:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auran 2015-03-31 21:14 - 2013-08-22 17:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker 2015-03-31 21:14 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar 2015-03-31 21:14 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar 2015-03-31 21:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions 2015-03-31 21:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\IME 2015-03-31 21:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help 2015-03-31 21:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat 2015-03-31 21:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\System 2015-03-31 21:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2015-03-31 21:14 - 2013-07-21 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Byte 2015-03-31 21:14 - 2013-05-04 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freetec 2015-03-31 21:14 - 2013-04-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games 2015-03-31 21:14 - 2013-04-16 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefly Studios 2015-03-31 21:14 - 2013-03-09 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIANTS Software 2015-03-31 21:14 - 2012-11-08 14:55 - 00000000 ____D () C:\ProgramData\PRICache 2015-03-31 21:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery 2015-03-31 21:08 - 2014-04-26 15:00 - 00000000 ____D () C:\Users\Tim²\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\aerosoft 2015-03-31 21:08 - 2013-02-13 15:03 - 00000000 ____D () C:\Users\Tim²\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games 2015-03-31 21:04 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep 2015-03-31 20:40 - 2013-01-31 18:34 - 01218977 _____ () C:\WINDOWS\WindowsUpdate (1).log 2015-03-29 20:07 - 2015-02-20 20:18 - 00000000 ____D () C:\Users\Tim²\Desktop\Audio 2015-03-28 21:20 - 2014-02-27 18:05 - 00000000 ___RD () C:\Users\Tim²\Dropbox 2015-03-28 21:01 - 2014-05-09 12:51 - 00001341 _____ () C:\Users\Tim²\Desktop\Dropbox.lnk 2015-03-28 18:25 - 2013-02-10 21:10 - 00000000 ____D () C:\Users\Tim²\AppData\Local\PunkBuster 2015-03-28 18:02 - 2012-11-09 11:07 - 00266438 _____ () C:\WINDOWS\DirectX.log 2015-03-26 16:43 - 2012-11-09 10:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-03-22 21:04 - 2013-02-24 19:19 - 00116224 ___SH () C:\Users\Tim²\Desktop\Thumbs.db 2015-03-22 15:53 - 2013-05-07 18:51 - 00001762 _____ () C:\WINDOWS\Sandboxie.ini 2015-03-21 20:45 - 2013-03-10 12:32 - 00451584 ___SH () C:\Users\Tim²\Downloads\Thumbs.db 2015-03-21 19:48 - 2015-01-06 20:54 - 00002048 _____ () C:\Users\Tim²\Desktop\funkspiel.txt 2015-03-21 15:47 - 2015-02-21 18:09 - 00000000 ____D () C:\Users\Tim²\Desktop\DB Repaint 2015-03-20 20:23 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent 2015-03-19 19:10 - 2014-03-23 13:56 - 00000000 ____D () C:\TempDump 2015-03-18 20:07 - 2013-08-30 21:30 - 00000000 ____D () C:\Users\Tim²\Desktop\Noch hochladen 2015-03-15 10:50 - 2013-03-19 16:18 - 795379027 _____ () C:\WINDOWS\MEMORY.DMP 2015-03-14 15:01 - 2013-08-27 08:56 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-03-14 14:52 - 2012-11-09 10:35 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Files in the root of some directories ======= 2014-07-09 14:15 - 2014-07-09 14:15 - 0534878 _____ () C:\Program Files (x86)\cskinfx.zip 2014-05-28 17:27 - 2014-10-26 16:26 - 0012800 _____ () C:\Users\Tim²\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-08-05 16:33 - 2013-08-05 16:33 - 0000000 _____ () C:\Users\Tim²\AppData\Local\Input.xml 2013-02-18 15:05 - 2013-02-18 15:05 - 0001474 _____ () C:\Users\Tim²\AppData\Local\RecConfig.xml 2014-08-12 11:36 - 2014-08-12 11:36 - 0000860 _____ () C:\Users\Tim²\AppData\Local\recently-used.xbel 2013-08-05 16:32 - 2013-08-05 16:32 - 0000000 _____ () C:\Users\Tim²\AppData\Local\Settings.xml 2015-02-07 15:28 - 2015-02-07 15:28 - 0000000 _____ () C:\Users\Tim²\AppData\Local\{458AF548-DEFF-4255-A1A5-C1D1375E9878} 2014-06-15 15:21 - 2014-06-15 15:43 - 0000821 _____ () C:\ProgramData\hpzinstall.log ZeroAccess: C:\Users\Tim²\AppData\Local\Google\Desktop\Install ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================ |
|
12.04.2015, 16:45
| #3 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Firefox öffnet bei klicken Werbung & und Programm "lomrdjhy" im Hintergrund Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?[/b] Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zitat:
2. Leider hast du unsere Anleitung nicht richtig befolgt: Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
12.04.2015, 18:12
| #4 |
| | Firefox öffnet bei klicken Werbung & und Programm "lomrdjhy" im Hintergrund Hallo cosinus, Entschuldigung... Da hab ich nicht richtig gelesen. Ich habs jetzt nochmal gemacht, aber der passt hier leider nicht rein... hat 1000 Buchstaben zu viel. Was soll ich da machen? Von Anti-Malware hab ich auch ein Log. Diesmal auch mit Adminrechte, aber auch zu lang. Hat 100000 Zeichen zu viel.  |
|
| Themen zu Firefox öffnet bei klicken Werbung & und Programm "lomrdjhy" im Hintergrund |
| .com, adware, converter, cpu-z, defender, desktop, failed, firefox, flash player, google, help, helper, home, internet, internet explorer, kaspersky, mp3, object, programm, scan, security, server, software, system error, werbung, windows |
Linear-Darstellung
