| Aneliera | 31.08.2013 12:48 |
Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2013.08.31.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Pc :: PC-PC [Administrator]
Schutz: Aktiviert
31.08.2013 12:10:59
mbam-log-2013-08-31 (12-10-59).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 428654
Laufzeit: 42 Minute(n), 15 Sekunde(n)
Infizierte Speicherprozesse: 2
C:\ProgramData\eSafe\eGdpSvc.exe (PUP.Optional.Esafe.A) -> 1144 -> Löschen bei Neustart.
C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe (PUP.Optional.OptimizerPro.A) -> 1968 -> Löschen bei Neustart.
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 28
HKCR\CLSID\{E8572D1D-25D8-6561-3E3F-D998E9A0F0AE} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8572D1D-25D8-6561-3E3F-D998E9A0F0AE} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E8572D1D-25D8-6561-3E3F-D998E9A0F0AE} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8572D1D-25D8-6561-3E3F-D998E9A0F0AE} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{0499A913-506A-9F01-A9BE-C3ECEDFA9584} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0499A913-506A-9F01-A9BE-C3ECEDFA9584} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0499A913-506A-9F01-A9BE-C3ECEDFA9584} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0499A913-506A-9F01-A9BE-C3ECEDFA9584} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{E87F3511-9587-7141-8D86-4FC403DA83A3} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87F3511-9587-7141-8D86-4FC403DA83A3} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87F3511-9587-7141-8D86-4FC403DA83A3} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87F3511-9587-7141-8D86-4FC403DA83A3} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5893F518-9984-CABD-81CF-5F739F1D7DD7} (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D78F37F3-39F0-AB88-B70D-8205908ED9F6} (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{712BD0D1-CF77-FE5B-C0D8-AE709D01B7A5} (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{62D82EC1-0D3A-DF54-8E3E-07E1337A5311} (PUP.Optional.SilentInstall.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\WsysSvc (PUP.Optional.Esafe.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\DealPlyLive (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\DataMngr (PUP.Optional.DataMngr) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\delta LTD (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\BabSolution\Redir (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\babylontoolbar (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\DealPlyLive (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Registrierungswerte: 2
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0Z1N1J -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\WsysSvc|ImagePath (PUP.Optional.Esafe.A) -> Daten: C:\ProgramData\eSafe\eGdpSvc.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Dateiobjekte der Registrierung: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.SProtect.A) -> Bösartig: (c:\progra~2\savesh~1\sprote~1.dll) Gut: () -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.SProtect.A) -> Bösartig: (c:\progra~2\websea~1\sprote~1.dll) Gut: () -> Erfolgreich ersetzt und in Quarantäne gestellt.
Infizierte Verzeichnisse: 17
C:\Users\Pc\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\DealPlyLive (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\DealPlyLive\Update (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\DealPlyLive\Update\Log (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\Dealply (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\Dealply\UpdateProc (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\DealPlyLive (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\DealPlyLive\CrashReports (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\BetterSoft\OptimizerPro (PUP.Optional.OptimizerPro.A) -> Löschen bei Neustart.
C:\ProgramData\BetterSoft\OptimizerPro\3036567561 (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\OpenCandy\10B8B2A652974DEB8CBB517F778E800C (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\OpenCandy\B08D66AD1AAD4A8A8917EAB388BAB620 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\OpenCandy\EF4833E6F0FB442DB212FE532220C845 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Local\DealPlyLive (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Local\DealPlyLive\CrashReports (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Dateien: 37
C:\Program Files (x86)\SaveShare\sprotector.dll (PUP.Optional.SProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\WebSearch\sprotector.dll (PUP.Optional.SProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\savenshaarrea\520b83c1263a1.dll (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\savenshaarrea\520b83479088f.dll (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\saveNshaRRe\520b81d74144a.dll (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\FRST\Quarantine\cache.dat (Trojan.FakeAlert.RRE) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\{35F6E892-3301-4F90-AD7B-7B23EE15CA64}\Setup.exe (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\{35F6E892-3301-4F90-AD7B-7B23EE15CA64}\TsuDll.dll (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\{79FAFF69-6456-4564-A78F-2C74A219DD9F}\Setup.exe (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\{79FAFF69-6456-4564-A78F-2C74A219DD9F}\TsuDll.dll (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\{A4FD514D-7D93-4B7B-A990-35B17F1E73BB}\Setup.exe (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\{A4FD514D-7D93-4B7B-A990-35B17F1E73BB}\TsuDll.dll (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\savenshaarrea\uninstall.exe (PUP.Optional.SilentInstall.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\saveNshaRRe\uninstall.exe (PUP.Optional.SilentInstall.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\Dealply\UpdateProc\UpdateTask.exe (PUP.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\OpenCandy\EF4833E6F0FB442DB212FE532220C845\DeltaTB.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\Downloads\video.hd.zip (Trojan.FakeAlert.RRE) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files (x86)\SaveShare\sprotector.dll (PUP.Optional.SProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files (x86)\WebSearch\sprotector.dll (PUP.Optional.SProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\eSafe\eGdpSvc.exe (PUP.Optional.Esafe.A) -> Löschen bei Neustart.
C:\Windows\Tasks\schedule!3036567561.job (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\DealPlyLive\Update\Log\DealPlyLive.log (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\Dealply\UpdateProc\config.dat (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\Dealply\UpdateProc\STTL.DAT (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\Dealply\UpdateProc\TTL.DAT (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\BetterSoft\OptimizerPro\3036567561.ini (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe (PUP.Optional.OptimizerPro.A) -> Löschen bei Neustart.
C:\Users\Pc\AppData\Roaming\OpenCandy\10B8B2A652974DEB8CBB517F778E800C\Installer.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\OpenCandy\B08D66AD1AAD4A8A8917EAB388BAB620\speedupmypcDE.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro\Custom.dll (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro\Readme.txt (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro\Setup.dat (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro\Setup.exe (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro\Setup.ico (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro\TsuDll.dll (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro\_Setup.dll (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
Malware-Logfile Code:
# AdwCleaner v3.001 - Report created 31/08/2013 at 13:03:45
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Pc - PC-PC
# Running from : G:\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : winzipersvc
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BetterSoft
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\savenshaarrea
Folder Deleted : C:\ProgramData\saveNshaRRe
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\savenshaarrea
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\saveNshaRRe
Folder Deleted : C:\Program Files (x86)\DealPly
Folder Deleted : C:\Program Files (x86)\optimizer pro
Folder Deleted : C:\Program Files (x86)\WebSearch
Folder Deleted : C:\Program Files (x86)\WinZipper
Folder Deleted : C:\Users\Pc\AppData\Roaming\DSite
Folder Deleted : C:\Users\Pc\AppData\Roaming\WinZipper
Folder Deleted : C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\paigdpbplbcipjjimkahdflpecckmhip
Folder Deleted : C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnbeicpllklbeeehbdebfkdndlgace
File Deleted : C:\END
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml
File Deleted : C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\jsvdjfs6.default-1377179460559\searchplugins\Web Search.xml
File Deleted : C:\Windows\Tasks\Dealply.job
File Deleted : C:\Windows\System32\Tasks\Dealply
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_4e24eecb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_703c874a
Key Deleted : HKLM\SOFTWARE\e28b8fb638ea15
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\delta-homesSoftware
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\Software\qvo6Software
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\Uniblue\DriverScanner
Key Deleted : HKLM\Software\V9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16660
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v23.0.1 (de)
[ File : C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\jsvdjfs6.default-1377179460559\prefs.js ]
Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Line Deleted : user_pref("aol_toolbar.default.search.check", false);
Line Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Line Deleted : user_pref("browser.search.order.1", "delta-homes");
Line Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=aeca5b68-2695-618a-1dec-95579543dcb2&searchtype=hp&fr=linkury-tb&installDate=23/08/2013&ty[...]
Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Line Deleted : user_pref("extensions.helperbar.Visibility", true);
Line Deleted : user_pref("extensions.helperbar.countryiso", "de");
Line Deleted : user_pref("extensions.helperbar.downloadprovider", "yahoooc");
Line Deleted : user_pref("extensions.helperbar.installationid", "aeca5b68-2695-618a-1dec-95579543dcb2");
Line Deleted : user_pref("extensions.helperbar.installdate", "23/08/2013");
Line Deleted : user_pref("extensions.helperbar.publisher", "yahoooc");
Line Deleted : user_pref("extensions.helperbar.type", "hp1000");
Line Deleted : user_pref("keyword.URL", "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=aeca5b68-2695-618a-1dec-95579543dcb2&searchtype=ds&fr=linkury-tb&installDate=23/08/2013&type=hp1000&p="[...]
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");
-\\ Google Chrome v
[ File : C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : homepage
Deleted : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [12654 octets] - [31/08/2013 13:03:09]
AdwCleaner[S0].txt - [9195 octets] - [31/08/2013 13:03:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9255 octets] ##########
Adw Logfile Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.6 (08.30.2013:1)
OS: Windows 7 Professional x64
Ran by Pc on 31.08.2013 at 13:13:43,92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\lyricspal
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\uniblue
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files (x86)\saveshare"
~~~ FireFox
Emptied folder: C:\Users\Pc\AppData\Roaming\mozilla\firefox\profiles\jsvdjfs6.default-1377179460559\minidumps [4 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.08.2013 at 13:21:43,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2013 01
Ran by Pc (administrator) on PC-PC on 31-08-2013 13:31:22
Running from G:\
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
==================== Registry (Whitelisted) ==================
HKCU\...\Run: [Steam] - E:\Steam\Steam.exe [1811880 2013-08-28] (Valve Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [CCleaner] - C:\Program Files\CCleaner\CCleaner64.exe [6185240 2013-06-19] (Piriform Ltd)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] - E:\Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=WDCXWD5000AACS-00ZUB0_WD-WCASU602520225202&ts=1377179147
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=WDCXWD5000AACS-00ZUB0_WD-WCASU602520225202&ts=1377179147
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Office\Office12\GR469A~1.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Office\Office12\GRA32A~1.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\Office\Office12\GR469A~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\jsvdjfs6.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Pc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
Chrome:
=======
CHR Extension: (savenshaarrea ) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpiecnejkncpcoccmhdhkkggpdkefpme\1
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - \User Data\Default\Extensions\newtab.crx
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [476936 2013-08-06] (BitRaider, LLC)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S3 Microsoft Office Groove Audit Service; E:\Office\Office12\GrooveAuditService.exe [65824 2006-10-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-17] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-17] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-17] ()
R1 BSMEM; C:\Windows\system32\drivers\BSMEM.sys [29344 2012-07-26] (BIOSTAR Group)
R1 BSMEM; C:\Windows\system32\drivers\BSMEM.sys [29344 2012-07-26] (BIOSTAR Group)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [x]
S3 BSMI; \??\C:\Program Files (x86)\Tseries BIOS Update\BSMIx64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-31 13:13 - 2013-08-31 13:13 - 00000000 ____D C:\Windows\ERUNT
2013-08-31 13:07 - 2013-08-31 13:31 - 00013308 _____ C:\Windows\WindowsUpdate.log
2013-08-31 13:03 - 2013-08-31 13:03 - 00000000 ____D C:\AdwCleaner
2013-08-31 12:02 - 2013-08-31 12:02 - 00001122 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-31 12:02 - 2013-08-31 12:02 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Malwarebytes
2013-08-31 12:02 - 2013-08-31 12:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-31 12:02 - 2013-08-31 12:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-31 12:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-30 22:12 - 2013-08-30 22:12 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2013-08-30 22:09 - 2013-08-30 22:09 - 00002222 _____ C:\Users\Public\Desktop\AION Free-To-Play.lnk
2013-08-30 22:09 - 2013-08-30 22:09 - 00000000 ____D C:\Program Files (x86)\Gameforge
2013-08-30 22:00 - 2013-08-30 22:06 - 145138568 _____ (Gameforge) C:\Users\Pc\Downloads\setup_20120224.exe
2013-08-30 21:53 - 2013-08-30 21:53 - 02432824 _____ (NCSOFT Corporation) C:\Users\Pc\Downloads\nclauncher_3_20130812.exe
2013-08-30 21:50 - 2013-08-30 21:51 - 19328880 _____ (Gameforge ) C:\Users\Pc\Downloads\AION_GameforgeLiveSetup.exe
2013-08-29 19:13 - 2013-08-29 19:13 - 00000000 ____D C:\FRST
2013-08-29 17:18 - 2013-08-29 17:18 - 00001931 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-25 17:07 - 2013-08-26 12:13 - 00000000 ____D C:\Users\Pc\AppData\Local\Unity
2013-08-25 11:29 - 2013-08-25 15:39 - 00000000 ____D C:\Users\Pc\AppData\Roaming\GetRightToGo
2013-08-25 08:35 - 2013-08-30 22:08 - 00000000 ____D C:\Users\Pc\AppData\Roaming\IDM
2013-08-25 08:35 - 2013-08-25 09:03 - 00000000 ____D C:\Users\Pc\AppData\Roaming\DMCache
2013-08-25 08:35 - 2013-08-25 08:35 - 00000000 ____D C:\ProgramData\IDM
2013-08-25 08:34 - 2013-08-25 09:04 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2013-08-24 13:37 - 2013-08-24 13:37 - 00000561 _____ C:\Users\Pc\Desktop\Pictures - Verknüpfung.lnk
2013-08-24 13:36 - 2013-08-24 13:36 - 00000000 ____D C:\Users\Pc\Desktop\Video
2013-08-24 06:56 - 2013-08-24 06:56 - 00000000 ____D C:\Windows\system32\appmgmt
2013-08-23 19:34 - 2013-08-25 09:11 - 00000386 _____ C:\Users\Pc\Documents\eurotrucks2.CT
2013-08-23 19:27 - 2013-08-23 19:27 - 00001098 _____ C:\Users\Pc\Desktop\Cheat Engine.lnk
2013-08-23 19:27 - 2013-08-23 19:27 - 00000000 ____D C:\Users\Pc\Documents\My Cheat Tables
2013-08-23 19:27 - 2013-08-23 19:27 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-08-22 16:45 - 2013-08-22 16:45 - 00000054 _____ C:\Users\Pc\AppData\Roaming\WB.CFG
2013-08-22 16:45 - 2013-08-22 16:45 - 00000005 _____ C:\Users\Pc\AppData\Roaming\WBPU-TTL.DAT
2013-08-22 15:51 - 2013-08-22 15:51 - 00000000 ____D C:\Users\Pc\Desktop\Alte Firefox-Daten
2013-08-22 15:45 - 2013-08-22 15:45 - 00000000 ____D C:\User Data
2013-08-18 21:33 - 2013-08-18 21:33 - 00000000 ____D C:\Users\Pc\AppData\Local\avgchrome
2013-08-18 21:24 - 2013-08-18 21:33 - 00000000 ____D C:\ProgramData\Freemake
2013-08-18 21:24 - 2013-08-18 21:24 - 00000000 ____D C:\Users\Pc\Documents\Freemake
2013-08-18 21:23 - 2013-08-18 21:33 - 00000000 ____D C:\Program Files (x86)\Freemake
2013-08-18 20:45 - 2013-08-18 20:57 - 02724828 _____ C:\Users\Pc\Documents\08 16 Dollars.wma
2013-08-18 20:31 - 2013-08-18 20:41 - 04583358 _____ C:\Users\Pc\Documents\06 7 Shots.wma
2013-08-17 16:30 - 2013-08-17 22:42 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Kalypso Media
2013-08-17 16:25 - 2013-08-17 16:25 - 00000000 ____D C:\Program Files (x86)\Kalypso Media
2013-08-17 16:22 - 2013-08-18 22:15 - 01589618 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-17 16:06 - 2013-08-17 16:06 - 00000760 _____ C:\Users\Pc\Desktop\Landwirtschafts Simulator 2011 .lnk
2013-08-17 08:55 - 2013-08-17 13:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-15 11:11 - 2013-08-15 11:11 - 00000000 ____D C:\Users\Pc\AppData\Local\Risen2
2013-08-15 11:06 - 2013-08-15 11:06 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-14 15:33 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 15:33 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 15:33 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 15:33 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 15:33 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 15:33 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 15:33 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 15:33 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 15:33 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 15:33 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 15:33 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 15:33 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 15:11 - 2013-08-14 15:11 - 00000000 ____D C:\Users\Pc\AppData\Local\Google
2013-08-14 13:44 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 13:44 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 13:44 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 13:44 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 13:44 - 2013-07-09 16:51 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 13:44 - 2013-07-09 16:51 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2013-08-14 13:44 - 2013-07-09 16:47 - 01472000 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 13:44 - 2013-07-09 16:47 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 13:44 - 2013-07-09 16:47 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 13:44 - 2013-07-09 16:02 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 13:44 - 2013-07-09 16:01 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2013-08-14 13:44 - 2013-07-09 15:57 - 01167360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 13:44 - 2013-07-09 15:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 13:44 - 2013-07-09 15:57 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 13:44 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 13:44 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 13:44 - 2013-07-08 07:22 - 05554624 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 13:44 - 2013-07-08 07:20 - 01737688 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 13:44 - 2013-07-08 07:18 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-08-14 13:44 - 2013-07-08 07:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 13:44 - 2013-07-08 07:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-08-14 13:44 - 2013-07-08 07:18 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-08-14 13:44 - 2013-07-08 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-08-14 13:44 - 2013-07-08 07:14 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-08-14 13:44 - 2013-07-08 07:14 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-08-14 13:44 - 2013-07-08 07:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:08 - 03973056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 13:44 - 2013-07-08 07:08 - 03918272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 13:44 - 2013-07-08 07:06 - 01296312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 13:44 - 2013-07-08 07:05 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-08-14 13:44 - 2013-07-08 07:05 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-08-14 13:44 - 2013-07-08 07:05 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 05:31 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2013-08-14 13:44 - 2013-07-08 05:31 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2013-08-14 13:44 - 2013-07-08 05:31 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2013-08-14 13:44 - 2013-07-08 05:12 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-08-14 13:44 - 2013-07-08 05:07 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 13:44 - 2013-07-08 05:07 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 13:44 - 2013-07-08 05:07 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 13:44 - 2013-07-08 05:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 13:44 - 2013-07-08 05:02 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 05:02 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 05:02 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 05:02 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 04:50 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-08-14 13:44 - 2013-07-06 07:20 - 01900992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 13:44 - 2013-07-06 07:20 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2013-08-14 13:44 - 2013-07-06 07:20 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-08-14 13:44 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-10 17:17 - 2013-08-10 17:17 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-08-10 10:05 - 2013-08-10 10:05 - 00000641 _____ C:\Users\Pc\Documents\Uninstall STAR WARS The Old Republic.log
2013-08-10 10:04 - 2013-08-30 21:43 - 00000000 ____D C:\Program Files (x86)\plaync
2013-08-09 17:25 - 2013-08-09 17:25 - 00000000 ____D C:\Users\Pc\AppData\Local\Chromium
2013-08-07 19:23 - 2013-08-07 19:23 - 00000025 _____ C:\Users\Pc\Desktop\options.ini
2013-08-07 19:23 - 2013-07-09 02:47 - 00575029 _____ C:\Users\Pc\Desktop\left4uncut.exe
2013-08-06 22:06 - 2013-08-10 10:06 - 00000000 ____D C:\ProgramData\BitRaider
2013-08-06 22:06 - 2013-08-06 22:06 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2013-08-06 22:05 - 2013-08-06 22:05 - 00000000 ____D C:\Users\Pc\AppData\Local\SWTORPerf
2013-08-06 21:56 - 2013-08-06 21:57 - 00016608 _____ C:\Users\Pc\Documents\Install STAR WARS The Old Republic.log
2013-08-06 21:56 - 2013-08-06 21:56 - 00000000 ____D C:\Users\hedev
2013-08-06 19:42 - 2013-08-06 22:20 - 00000000 ____D C:\Users\Pc\AppData\Roaming\TS3Client
2013-08-06 19:42 - 2013-08-06 19:42 - 00001175 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-08-06 19:42 - 2013-08-06 19:42 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-08-06 19:39 - 2013-08-16 08:59 - 00000169 _____ C:\Users\Pc\Desktop\Microcomandos.txt
2013-08-04 20:26 - 2013-08-04 20:26 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-08-02 12:21 - 2013-08-02 12:21 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\gamigo
==================== One Month Modified Files and Folders =======
2013-08-31 13:22 - 2013-07-30 07:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-31 13:21 - 2013-08-31 13:21 - 00001250 _____ C:\Users\Pc\Desktop\JRT.txt
2013-08-31 13:13 - 2013-08-31 13:13 - 00000000 ____D C:\Windows\ERUNT
2013-08-31 13:12 - 2009-07-14 06:45 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-31 13:12 - 2009-07-14 06:45 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-31 13:06 - 2013-07-17 16:24 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-08-31 13:05 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-31 13:03 - 2013-08-31 13:03 - 00000000 ____D C:\AdwCleaner
2013-08-31 13:03 - 2013-07-17 01:34 - 00000998 _____ C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-31 13:00 - 2013-07-29 20:50 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Skype
2013-08-31 12:05 - 2011-04-12 09:43 - 00696832 _____ C:\Windows\system32\perfh007.dat
2013-08-31 12:05 - 2011-04-12 09:43 - 00148128 _____ C:\Windows\system32\perfc007.dat
2013-08-31 12:05 - 2009-07-14 07:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-31 12:02 - 2013-08-31 12:02 - 00001122 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-31 12:02 - 2013-08-31 12:02 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Malwarebytes
2013-08-31 12:02 - 2013-08-31 12:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-31 12:02 - 2013-08-31 12:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-31 08:09 - 2013-07-30 15:23 - 00000000 ____D C:\Users\Pc\Documents\Euro Truck Simulator 2
2013-08-30 22:12 - 2013-08-30 22:12 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2013-08-30 22:09 - 2013-08-30 22:09 - 00002222 _____ C:\Users\Public\Desktop\AION Free-To-Play.lnk
2013-08-30 22:09 - 2013-08-30 22:09 - 00000000 ____D C:\Program Files (x86)\Gameforge
2013-08-30 22:08 - 2013-08-25 08:35 - 00000000 ____D C:\Users\Pc\AppData\Roaming\IDM
2013-08-30 22:08 - 2013-07-17 02:23 - 00000000 ____D C:\Windows\Panther
2013-08-30 22:06 - 2013-08-30 22:00 - 145138568 _____ (Gameforge) C:\Users\Pc\Downloads\setup_20120224.exe
2013-08-30 21:53 - 2013-08-30 21:53 - 02432824 _____ (NCSOFT Corporation) C:\Users\Pc\Downloads\nclauncher_3_20130812.exe
2013-08-30 21:51 - 2013-08-30 21:50 - 19328880 _____ (Gameforge ) C:\Users\Pc\Downloads\AION_GameforgeLiveSetup.exe
2013-08-30 21:43 - 2013-08-10 10:04 - 00000000 ____D C:\Program Files (x86)\plaync
2013-08-29 19:13 - 2013-08-29 19:13 - 00000000 ____D C:\FRST
2013-08-29 17:18 - 2013-08-29 17:18 - 00001931 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-29 17:18 - 2013-07-17 16:24 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-08-26 12:13 - 2013-08-25 17:07 - 00000000 ____D C:\Users\Pc\AppData\Local\Unity
2013-08-25 15:39 - 2013-08-25 11:29 - 00000000 ____D C:\Users\Pc\AppData\Roaming\GetRightToGo
2013-08-25 09:11 - 2013-08-23 19:34 - 00000386 _____ C:\Users\Pc\Documents\eurotrucks2.CT
2013-08-25 09:04 - 2013-08-25 08:34 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2013-08-25 09:03 - 2013-08-25 08:35 - 00000000 ____D C:\Users\Pc\AppData\Roaming\DMCache
2013-08-25 08:35 - 2013-08-25 08:35 - 00000000 ____D C:\ProgramData\IDM
2013-08-24 13:37 - 2013-08-24 13:37 - 00000561 _____ C:\Users\Pc\Desktop\Pictures - Verknüpfung.lnk
2013-08-24 13:36 - 2013-08-24 13:36 - 00000000 ____D C:\Users\Pc\Desktop\Video
2013-08-24 06:56 - 2013-08-24 06:56 - 00000000 ____D C:\Windows\system32\appmgmt
2013-08-23 19:27 - 2013-08-23 19:27 - 00001098 _____ C:\Users\Pc\Desktop\Cheat Engine.lnk
2013-08-23 19:27 - 2013-08-23 19:27 - 00000000 ____D C:\Users\Pc\Documents\My Cheat Tables
2013-08-23 19:27 - 2013-08-23 19:27 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-08-22 21:33 - 2011-02-19 23:03 - 00421032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-08-22 21:33 - 2011-02-19 00:40 - 00773800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-08-22 16:45 - 2013-08-22 16:45 - 00000054 _____ C:\Users\Pc\AppData\Roaming\WB.CFG
2013-08-22 16:45 - 2013-08-22 16:45 - 00000005 _____ C:\Users\Pc\AppData\Roaming\WBPU-TTL.DAT
2013-08-22 15:51 - 2013-08-22 15:51 - 00000000 ____D C:\Users\Pc\Desktop\Alte Firefox-Daten
2013-08-22 15:45 - 2013-08-22 15:45 - 00000000 ____D C:\User Data
2013-08-18 22:15 - 2013-08-17 16:22 - 01589618 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-18 21:33 - 2013-08-18 21:33 - 00000000 ____D C:\Users\Pc\AppData\Local\avgchrome
2013-08-18 21:33 - 2013-08-18 21:24 - 00000000 ____D C:\ProgramData\Freemake
2013-08-18 21:33 - 2013-08-18 21:23 - 00000000 ____D C:\Program Files (x86)\Freemake
2013-08-18 21:24 - 2013-08-18 21:24 - 00000000 ____D C:\Users\Pc\Documents\Freemake
2013-08-18 20:57 - 2013-08-18 20:45 - 02724828 _____ C:\Users\Pc\Documents\08 16 Dollars.wma
2013-08-18 20:41 - 2013-08-18 20:31 - 04583358 _____ C:\Users\Pc\Documents\06 7 Shots.wma
2013-08-18 09:13 - 2013-07-22 07:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-17 22:42 - 2013-08-17 16:30 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Kalypso Media
2013-08-17 16:37 - 2013-07-18 22:42 - 00000000 ____D C:\Users\Pc\Documents\My Games
2013-08-17 16:25 - 2013-08-17 16:25 - 00000000 ____D C:\Program Files (x86)\Kalypso Media
2013-08-17 16:06 - 2013-08-17 16:06 - 00000760 _____ C:\Users\Pc\Desktop\Landwirtschafts Simulator 2011 .lnk
2013-08-17 13:52 - 2013-08-17 08:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 08:59 - 2013-08-06 19:39 - 00000169 _____ C:\Users\Pc\Desktop\Microcomandos.txt
2013-08-16 08:59 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-08-15 11:11 - 2013-08-15 11:11 - 00000000 ____D C:\Users\Pc\AppData\Local\Risen2
2013-08-15 11:06 - 2013-08-15 11:06 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-14 15:27 - 2013-07-18 23:16 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 15:25 - 2013-07-17 02:53 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-14 15:11 - 2013-08-14 15:11 - 00000000 ____D C:\Users\Pc\AppData\Local\Google
2013-08-10 17:17 - 2013-08-10 17:17 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-08-10 17:17 - 2013-07-17 01:33 - 00000000 ____D C:\Users\Pc
2013-08-10 10:06 - 2013-08-06 22:06 - 00000000 ____D C:\ProgramData\BitRaider
2013-08-10 10:05 - 2013-08-10 10:05 - 00000641 _____ C:\Users\Pc\Documents\Uninstall STAR WARS The Old Republic.log
2013-08-09 17:25 - 2013-08-09 17:25 - 00000000 ____D C:\Users\Pc\AppData\Local\Chromium
2013-08-07 19:23 - 2013-08-07 19:23 - 00000025 _____ C:\Users\Pc\Desktop\options.ini
2013-08-06 22:44 - 2013-07-17 16:26 - 00000000 ____D C:\Program Files\CCleaner
2013-08-06 22:20 - 2013-08-06 19:42 - 00000000 ____D C:\Users\Pc\AppData\Roaming\TS3Client
2013-08-06 22:06 - 2013-08-06 22:06 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2013-08-06 22:05 - 2013-08-06 22:05 - 00000000 ____D C:\Users\Pc\AppData\Local\SWTORPerf
2013-08-06 21:57 - 2013-08-06 21:56 - 00016608 _____ C:\Users\Pc\Documents\Install STAR WARS The Old Republic.log
2013-08-06 21:56 - 2013-08-06 21:56 - 00000000 ____D C:\Users\hedev
2013-08-06 19:42 - 2013-08-06 19:42 - 00001175 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-08-06 19:42 - 2013-08-06 19:42 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-08-04 20:26 - 2013-08-04 20:26 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-08-02 12:21 - 2013-08-02 12:21 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\gamigo
Files to move or delete:
====================
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\Setup.exe
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\VisualCRT\vc2008redist_x86.exe
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\DirectX\DSETUP.dll
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\DirectX\dsetup32.dll
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\DirectX\DXSETUP.exe
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\data\Star Wars - The Old Republic Uninstaller.exe
C:\Users\Pc\AppData\Local\Temp\Quarantine.exe
C:\Users\Pc\AppData\Local\Temp\{2BD717D7-ED1B-47A7-833B-676E0025335C}\InstallshieldWebClient.dll
C:\Users\Pc\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe
[2012-05-09 17:14] - [2012-05-09 17:14] - 0391168 ____A (Microsoft Corporation) EC5BD25A41E9B633CB39120DBB0939DC
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2012-05-09 17:53] - [2012-05-09 17:53] - 2872320 ____A (Microsoft Corporation) A27FB0CA2971BEC02595902A9FD35D6D
C:\Windows\SysWOW64\explorer.exe
[2012-05-09 17:53] - [2012-05-09 17:53] - 2616320 ____A (Microsoft Corporation) 82B49E32080BF5C469BF877C473B15EB
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2012-05-09 17:23] - [2012-05-09 17:23] - 1008128 ____A (Microsoft Corporation) 7FB4D54B502C6CF2E35B8188FA4CC08C
C:\Windows\SysWOW64\User32.dll
[2012-05-09 17:23] - [2012-05-09 17:23] - 0833024 ____A (Microsoft Corporation) 9B836EE76E3A99052EF6DEA52B41D1BE
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2012-05-09 17:24] - [2012-05-09 17:24] - 0296816 ____A (Microsoft Corporation) ABFECA99D72CE81E5C3612861F03B0CA
LastRegBack: 2013-08-24 07:16
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2013 01
Ran by Pc at 2013-08-31 13:31:46
Running from G:\
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)
AION Free-To-Play (x32 Version: 2.70.0000)
Aliens: Colonial Marines (x32)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.80328.2204)
avast! Free Antivirus (x32 Version: 8.0.1489.0)
BitRaider Web Client (x32 Version: 1.1.8.1)
Bulletstorm (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225)
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225)
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225)
CCC Help Czech (x32 Version: 2013.0328.2217.38225)
CCC Help Danish (x32 Version: 2013.0328.2217.38225)
CCC Help Dutch (x32 Version: 2013.0328.2217.38225)
CCC Help English (x32 Version: 2013.0328.2217.38225)
CCC Help Finnish (x32 Version: 2013.0328.2217.38225)
CCC Help French (x32 Version: 2013.0328.2217.38225)
CCC Help German (x32 Version: 2013.0328.2217.38225)
CCC Help Greek (x32 Version: 2013.0328.2217.38225)
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225)
CCC Help Italian (x32 Version: 2013.0328.2217.38225)
CCC Help Japanese (x32 Version: 2013.0328.2217.38225)
CCC Help Korean (x32 Version: 2013.0328.2217.38225)
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225)
CCC Help Polish (x32 Version: 2013.0328.2217.38225)
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225)
CCC Help Russian (x32 Version: 2013.0328.2217.38225)
CCC Help Spanish (x32 Version: 2013.0328.2217.38225)
CCC Help Swedish (x32 Version: 2013.0328.2217.38225)
CCC Help Thai (x32 Version: 2013.0328.2217.38225)
CCC Help Turkish (x32 Version: 2013.0328.2217.38225)
ccc-utility64 (Version: 2013.0328.2218.38225)
Cheat Engine 6.3 (x32)
Duke Nukem Forever (x32)
DUNGEONS Game of the Year edition (x32 Version: 1.3.3.0)
eaner (Version: 4.03)
Euro Truck Simulator 2 (x32 Version: 1.1.1)
F.E.A.R. 3 (x32)
Google Update Helper (x32 Version: 1.3.23.0)
Landwirtschafts Simulator 2011 (x32 Version: 1.0)
Left 4 Dead 2 (x32)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Security Scan Plus (x32 Version: 3.0.318.3)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
NC Launcher (GameForge) (x32)
NCLauncher (plaync) (x32)
NVIDIA PhysX (x32 Version: 9.10.0513)
Painkiller Hell & Damnation (x32)
Risen 2 - Dark Waters (x32)
Skype™ 6.6 (x32 Version: 6.6.106)
Star Wars: The Old Republic (x32 Version: 1.00)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (x32 Version: 3.0.11)
Unity Web Player (HKCU Version: 2.6.1f3_31223)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
VLC media player 2.0.7 (Version: 2.0.7)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
WinZipper (x32 Version: 1.4.8)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {00E021FB-3621-4DC9-952F-F75CFD0ADF7B} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe No File
Task: {0E968A56-B1D4-4EC0-86E4-5E7B6EC8D0BC} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {222077B0-2C6A-44D8-A859-BF10F6190996} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {600201FA-5B7E-43AF-810F-F681AB7951BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-30] (Adobe Systems Incorporated)
Task: {8AE29DC0-5EA0-4449-98E8-C8C62C4E34B1} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2336365200-1394181775-1535421028-1000
Task: {8F1CC0C5-6A28-4FE1-B0D7-1493CE17AE9C} - \Dealply No Task File
Task: {D020CE08-47E0-4609-ADE3-02672C0504F2} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {F5A5640D-8592-44A4-BE14-94F7C243E186} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-03-29 04:37 - 2013-03-29 04:37 - 00139696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2013-03-29 04:37 - 2013-03-29 04:37 - 01155264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2013-03-29 04:36 - 2013-03-29 04:36 - 08272136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2013-07-17 16:23 - 2013-05-09 10:58 - 00302224 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\snxhk64.dll
2013-04-26 06:36 - 2013-04-26 06:36 - 09797768 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
2010-03-18 14:27 - 2010-03-18 14:27 - 00827744 _____ (Microsoft Corporation) C:\Windows\system32\MSVCR100_CLR0400.dll
2013-08-17 23:37 - 2013-08-17 23:37 - 19358208 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\cb653b6b8da0966098d70da98cba1ef3\mscorlib.ni.dll
2013-04-26 06:36 - 2013-04-26 06:36 - 00068760 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
2012-10-09 10:26 - 2012-10-09 10:26 - 01511000 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
2013-08-17 23:37 - 2013-08-17 23:37 - 11892224 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System\38cbf4b6872aa8f5e31d3421acdfd80d\System.ni.dll
2013-08-22 20:29 - 2013-08-22 20:29 - 02306560 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\f9a3db5c12a423c8452e4bc33f3bf2d8\System.Drawing.ni.dll
2013-08-22 20:30 - 2013-08-22 20:30 - 17355776 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\771380e1dd1d349f7b1de86f5a0ed713\System.Windows.Forms.ni.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00097792 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll
2013-03-28 22:13 - 2013-03-28 22:13 - 00031744 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00025088 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00048640 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00005632 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
2013-08-22 20:29 - 2013-08-22 20:29 - 00995328 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\f93d5d3b7b96ded7d494fb2e4cd231db\System.Runtime.Remoting.ni.dll
2013-08-22 20:27 - 2013-08-22 20:27 - 10440192 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\48c9534b3cc8f11403f0542d7933e15f\System.Core.ni.dll
2013-08-22 20:29 - 2013-08-22 20:29 - 15782912 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web\a689e5d1260a0772dbffda9cbf1b3545\System.Web.ni.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00022528 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll
2013-03-28 22:13 - 2013-03-28 22:13 - 00015872 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00061440 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00018432 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll
2013-08-22 20:27 - 2013-08-22 20:27 - 07062016 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\d71664672edd04f493a8cf12c3303019\System.Xml.ni.dll
2013-08-22 20:26 - 2013-08-22 20:26 - 01291264 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\cd54961311941c9b78206daf90177ea9\System.Configuration.ni.dll
2013-07-17 03:20 - 2013-07-17 03:20 - 00322400 _____ (Microsoft Corporation) C:\Windows\Microsoft.Net\assembly\GAC_MSIL\mscorlib.resources\v4.0_4.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00061440 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00038912 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00029696 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00005632 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00032768 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll
2012-11-07 07:08 - 2012-11-07 07:08 - 00188928 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00035328 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00006144 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00048128 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.CoreAudioAPI.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00007168 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll
2013-03-28 22:13 - 2013-03-28 22:13 - 00007168 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00006656 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00045056 _____ (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00016384 _____ (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00007168 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll
2013-03-29 03:35 - 2013-03-29 03:35 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGY.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00007168 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00005632 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00015360 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.A4.Runtime.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00010752 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.A4.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00009216 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00217088 _____ (Advanced Mirco Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00011776 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\A4.Foundation.dll
2013-08-22 20:30 - 2013-08-22 20:30 - 00281088 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\3db4bc1be7f86051097ec8bdd700a67f\System.ServiceProcess.ni.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00335872 _____ (Advanced Mirco Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00006144 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00005632 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00008704 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00006656 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
2013-08-22 20:28 - 2013-08-22 20:28 - 05237760 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\3b2b52955e90267a01173047fc345b4e\WindowsBase.ni.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00026112 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00009216 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00028672 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00045056 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00061440 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00057344 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.shared.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00005120 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00005120 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0706.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00057856 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00159744 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Runtime.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00032768 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00069632 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00053248 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00028672 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00005120 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00004608 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.shared.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00006656 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0703.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00110592 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00081920 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00004608 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1011.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00094208 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Runtime.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00065536 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00005120 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00013312 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00045056 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.shared.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00014336 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Runtime.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00008192 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00010752 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00013824 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Fuel.Foundation.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00011776 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Runtime.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00009216 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Shared.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00015872 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Runtime.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00013312 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Shared.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00019456 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Shared.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00012288 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00009216 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00067072 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00024576 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll
2013-07-17 03:20 - 2013-07-17 03:20 - 00438648 _____ (Microsoft Corporation) C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Windows.Forms.resources\v4.0_4.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00007680 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00005632 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00385024 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00037376 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00008192 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00036864 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll
2013-08-22 20:28 - 2013-08-22 20:28 - 15909376 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\f667ef84c6cbf994068667e5ad0e0115\PresentationCore.ni.dll
2013-08-22 20:29 - 2013-08-22 20:29 - 24411648 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\d7c8d42f4a18a45fe53870db95360cc4\PresentationFramework.ni.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 01443328 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll
2013-08-22 20:27 - 2013-08-22 20:27 - 02475520 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\97b58d8732145eb6a771324da836f0f0\System.Xaml.ni.dll
2013-07-23 13:35 - 2013-07-23 13:35 - 02154656 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll
2010-03-18 14:27 - 2010-03-18 14:27 - 01098096 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationNative_v0400.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00413696 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00175616 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll
2012-05-04 16:42 - 2012-05-04 16:42 - 00098304 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00035840 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WirelessDisplay.Graphics.Shared.dll
2013-03-28 22:13 - 2013-03-28 22:13 - 00545792 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Private.dll
2013-03-28 22:13 - 2013-03-28 22:13 - 00342528 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.default_Localization.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00008704 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.A4.Dashboard.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00176128 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 01097728 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00028672 _____ (Advanced Mirco Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00057344 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 01416192 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Dashboard.dll
2013-03-28 22:16 - 2013-03-28 22:16 - 00627712 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00369664 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00032768 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2013-03-28 22:16 - 2013-03-28 22:16 - 00393216 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 02498560 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00028672 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MultiVPU2.Graphics.Shared.dll
2013-03-28 22:16 - 2013-03-28 22:16 - 00217088 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
2013-03-28 22:16 - 2013-03-28 22:16 - 00021504 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll
2013-03-28 22:16 - 2013-03-28 22:16 - 00101888 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00045056 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Audio.Graphics.Dashboard.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00008704 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00008192 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Dashboard.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00040960 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Dashboard.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00008704 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll
2013-03-28 22:13 - 2013-03-28 22:13 - 00384512 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.de_Localization.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00311296 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Client.dll
2013-03-29 04:37 - 2013-03-29 04:37 - 00112440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2013-03-29 04:36 - 2013-03-29 04:36 - 06985624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2013-03-29 04:36 - 2013-03-29 04:36 - 05000320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2013-08-22 20:29 - 2013-08-22 20:29 - 00622592 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\5516952f66f039d116ca43e31ad8e423\PresentationFramework.Aero.ni.dll
2013-07-17 03:20 - 2013-07-17 03:20 - 00267648 _____ (Microsoft Corporation) C:\Windows\Microsoft.Net\assembly\GAC_MSIL\PresentationFramework.resources\v4.0_4.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
2013-07-17 03:20 - 2013-07-17 03:20 - 00230240 _____ (Microsoft Corporation) C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.resources\v4.0_4.0.0.0_de_b77a5c561934e089\System.resources.dll
2013-03-28 22:16 - 2013-03-28 22:16 - 00061952 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll
2013-03-28 22:16 - 2013-03-28 22:16 - 01351680 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.dll
2013-03-28 22:12 - 2013-03-28 22:12 - 00490496 _____ (Microsoft) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Microsoft.WindowsAPICodePack.Shell.dll
2013-03-28 22:12 - 2013-03-28 22:12 - 00083456 _____ (Microsoft) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Microsoft.WindowsAPICodePack.dll
2013-07-17 03:20 - 2013-07-17 03:20 - 00110960 _____ (Microsoft Corporation) C:\Windows\Microsoft.Net\assembly\GAC_MSIL\PresentationCore.resources\v4.0_4.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll
2013-08-22 20:34 - 2013-08-22 20:34 - 00337408 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\2e49157228533dff5a0e96fdd8f29317\WindowsFormsIntegration.ni.dll
2013-08-22 20:30 - 2013-08-22 20:30 - 00122368 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\UIAutomationProvider\5e25c6e63fe9de2f9f8056c9275a363e\UIAutomationProvider.ni.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.dll
2013-07-17 16:23 - 2013-05-09 10:58 - 00133840 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\ashShA64.dll
2009-07-14 01:36 - 2009-07-14 03:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\sdautoplay.dll
2012-05-09 16:17 - 2012-05-09 16:17 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\SPP.dll
2010-11-21 05:24 - 2010-11-21 05:24 - 01753088 _____ (Microsoft Corporation) C:\Windows\system32\VSSAPI.DLL
2009-07-14 01:36 - 2009-07-14 03:41 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\VssTrace.DLL
2010-11-21 05:25 - 2010-11-21 05:25 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2010-11-21 05:24 - 2010-11-21 05:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2012-05-09 16:50 - 2012-05-09 16:50 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
==================== Alternate Data Streams (whitelisted) ==========
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
==================== Faulty Device Manager Devices =============
Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 30%
Total physical RAM: 4095.24 MB
Available physical RAM: 2831.63 MB
Total Pagefile: 8188.67 MB
Available Pagefile: 6620.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (Windows 7) (Fixed) (Total:44.58 GB) (Free:2 GB) NTFS
Drive d: (Speicher) (Fixed) (Total:298.34 GB) (Free:280.66 GB) NTFS
Drive e: (Spiele) (Fixed) (Total:122.74 GB) (Free:53.75 GB) NTFS
Drive g: (INTENSO) (Removable) (Total:3.61 GB) (Free:2.71 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E7C775AB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=45 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=123 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=4 GB) - (Type=06)
==================== End Of Log ============================
|
So funktioniert es:
+ R Taste und schreibe notepad in das Ausführen Fenster.
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
FRST 32-Bit | FRST 64-Bit
SecurityCheck und:
