Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 29.08.2013, 17:37   #1
Aneliera
 
Weißer Bildschirm  - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten - Standard

Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten



ich habe beim booten von windows ein weißes fenster und im Tasgmanager den Polizeihinweis- hintergrund. ich habe alle schritte bereits durchgearbeitet und würde nun gern meinen logfile posten

Alt 29.08.2013, 17:54   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Weißer Bildschirm  - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten - Standard

Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten



hi,


dann poste mal

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 29.08.2013, 18:32   #3
Aneliera
 
Weißer Bildschirm  - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten - Standard

Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-08-2013
Ran by SYSTEM on 29-08-2013 18:14:04
Running from H:\
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] - "E:\Office\Office12\GrooveMonitor.exe" [x]
HKU\Pc\...\Run: [Steam] - "E:\Steam\Steam.exe" -silent [x]
HKU\Pc\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKU\Pc\...\Winlogon: [Shell] explorer.exe,C:\Users\Pc\AppData\Roaming\cache.dat [117760 2013-07-08] () <==== ATTENTION 
AppInit_DLLs-x32: c:\progra~2\savesh~1\sprote~1.dll c:\progra~2\websea~1\sprote~1.dll [1050112 2013-01-24] ()

==================== Services (Whitelisted) =================

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [476936 2013-08-06] (BitRaider, LLC)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2013-08-22] (Taiwan Shui Mu Chih Ching Technology Limited.)
S2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [303680 2013-08-22] (Wsys Co., Ltd.)
S3 Microsoft Office Groove Audit Service; E:\Office\Office12\GrooveAuditService.exe [x]

==================== Drivers (Whitelisted) ====================

S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-17] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-17] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-17] ()
S1 BSMEM; C:\Windows\system32\drivers\BSMEM.sys [29344 2012-07-26] (BIOSTAR Group)
S1 BSMEM; C:\Windows\system32\drivers\BSMEM.sys [29344 2012-07-26] (BIOSTAR Group)
S3 BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [x]
S3 BSMI; \??\C:\Program Files (x86)\Tseries BIOS Update\BSMIx64.sys [x]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys FEF046400B75C4495AEC3D8A8CCE6014
C:\Windows\System32\drivers\ACPI.sys F84676C7D6684E86D3F05B2C5E9019B1
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 79CC9BE187E3144E1B58A54B842475E7
C:\Windows\System32\DRIVERS\atikmpag.sys 07561D3B7FD99F6E186C49C2D0628E38
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys FE1C253B40DF210E1CC29EE5A3DB53E6
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\Drivers\aswFsBlk.sys 0BAEFD3F648C6E7AB52990DD9565E4E2
C:\Windows\system32\drivers\aswMonFlt.sys FA562F34ED6633C66170B09182B4C049
C:\Windows\System32\Drivers\aswrdr2.sys 64E2BAB4096C13D2342BC4661C967E07
C:\Windows\System32\Drivers\aswRvrt.sys 5573AA70993A2BB81525B1C704B88763
C:\Windows\System32\Drivers\aswSnx.sys 8C0800CDB501CFC1164B286A0478DC10
C:\Windows\System32\Drivers\aswSP.sys 3815DB16CDA62190F5C0A65118F3D714
C:\Windows\System32\Drivers\aswTdi.sys 29DD8E458A84171202AA4979364C30C0
C:\Windows\System32\Drivers\aswVmm.sys 22F521108881DC59837F6FC614E0568F
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtihdW76.sys ED3A041014FBBFDC23D6C04F9C7A5D79
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BSMEM.sys 49FE3D1F3D5C2E50A0DF0F6E8436D778
C:\Windows\system32\drivers\BSMEM.sys 49FE3D1F3D5C2E50A0DF0F6E8436D778
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys D50B14C87DDD0068BFF6F103A7A0FFEE
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys DE76D8886D588D76D2FF1142BFD733C6
C:\Windows\System32\Drivers\dfsc.sys 9FCDC4EEBCE39173122F9FEE53A054FC
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys AF2E16242AA723F68F461B6EAE2EAD3D
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys FEC8B6CFA1813471ED30D88233EFA10F
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys FDF5EAD19FD8B2D0C50A9CCDD7836F9E
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys 8774FA7B32947E08F926099D2221D625
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys ==> MD5 is legit
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys 3CB3DBEECB9672698B5C1A6EAB2940B0
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 93BAB494589382B1D54FCF125CEAB49D
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys 3985332405FA64D8E679A1DB24901596
C:\Windows\System32\Drivers\ksecdd.sys E2A74E21F4362A36C5610CAE4FA0B3F7
C:\Windows\System32\Drivers\ksecpkg.sys 2D466699839F92FD5B5BFF734A391291
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys BFFB0C93D9FB43CA42EF11C9240BFF7F
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys B3F55C20008956239A2190DBD7CC4C31
C:\Windows\system32\drivers\mpio.sys 3253A370ED4BB3D651785585301B332D
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys DC65ADF532B7CD3622AE47CE29C052E0
C:\Windows\System32\DRIVERS\mrxsmb.sys 73F488BC627CB0AC91840AA9FAC30104
C:\Windows\System32\DRIVERS\mrxsmb10.sys 311B774EC01B8BE17C9508049EA77875
C:\Windows\System32\DRIVERS\mrxsmb20.sys E4488209DEA21A52AFE086D939D138F1
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys 4F42C9CE2BD3444B1B98593A2DFBC547
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys 4948435B96A6FA63914DA3B4090E6700
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys 6785ECF9AB0549364B12D2F80ABF507B
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys 436EE51D8F206B79DF7B9CBB057299C0
C:\Windows\System32\Drivers\Ntfs.sys A6AE4551BF8EED09FA3B6FCDF472F3E1
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys 977D0720B9E15C2C9BF6050BCA52C1A7
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys D8874711B6C3DD308F84E42BA6EFF179
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys 77682DE44B334E6AAFCD0ED61FB7404F
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys 70DB12930F84CF947BDAA32B83978393
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys 9E53D41BD99BEB981180978C4AE0BDEB
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys A115F49BEA840A5F049BC6310F35F776
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys ABCB5A38A0D85BDF69B7877E1AD1EED5
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys CDF622EFC748F82EA9571138406871EA
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys C3D57658C34C68DB5D8970A1CF96284E
C:\Windows\system32\drivers\sffp_mmc.sys 21EACBEFFFB0FB4999D3D10245CF10A5
C:\Windows\system32\drivers\sffp_sd.sys AF660EA3039E8FE3C2051D7224C82F34
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 218F6F1BD7ED3F2167759E6A9C9DDD53
C:\Windows\System32\DRIVERS\srv2.sys B4068F3DF10D87FF1E935C5E53A5E0E9
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys B27F13153343BC37A27EAE01634D94E1
C:\Windows\System32\DRIVERS\tcpip.sys B27F13153343BC37A27EAE01634D94E1
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys 1288D7F75DD594D270324ABE877830E6
C:\Windows\system32\drivers\terminpt.sys EF4469AB69EB15E5D3754E6AEAFBCD3D
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys 17C6B51CBCCDED95B3CC14E22791F85E
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys 5AF0E7D020F6CA55AC57CD89AE089673
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys 7397C449E1C74AC9F41A9004BCAD6CB0
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbaudio.sys ADC6BDFDF282B283BCD33C3322AC8008
C:\Windows\System32\DRIVERS\usbccgp.sys 2B26FCB7C634C49313FD72120FB9946E
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys AA68C758B3F225618A5FD1ED40C383C4
C:\Windows\System32\DRIVERS\usbhub.sys 66E1EF753543785D7E2C44719B2C5DAD
C:\Windows\system32\drivers\usbohci.sys B26ACA4784AD1295C25A7501FD4AB79E
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS 73B84C8CE467E81A94D4194F8009F2A0
C:\Windows\System32\DRIVERS\usbuhci.sys 35944CFF264134FFD2E7EED0F8B81A56
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys 2E9907E787CDAFA2AAA7F928853B7142
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys 80E731A278695B47345D0171A19E428B
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys 7643697199083A8517D44E3F5FCD2D90
C:\Windows\System32\drivers\volmgrx.sys 0904EF550B3D3FEB326638A4BAD9937E
C:\Windows\System32\drivers\volsnap.sys ABFECA99D72CE81E5C3612861F03B0CA
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys 226028D956C43CE4D8DDFFA89873E890
C:\Windows\System32\DRIVERS\wanarp.sys 226028D956C43CE4D8DDFFA89873E890
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys B1FC27C1066B74839E61CB73FF7E0378
C:\Windows\System32\DRIVERS\wfplwf.sys 009604986BAE004733728282BD98BB03
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys 04F908311A08F1196C1D37BFCF5E688F
C:\Windows\System32\DRIVERS\WUDFRd.sys B310186EBCCD4BC4A3BDD12676E2A4F9
C:\Windows\System32\DRIVERS\xusb21.sys 2EE48CFCE7CA8E0DB4C44C7476C0943B

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-29 16:18 - 2013-08-29 16:18 - 00001931 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-26 17:15 - 2013-08-26 17:15 - 00003240 ____N C:\bootsqm.dat
2013-08-26 11:31 - 2013-08-29 16:28 - 00000004 _____ C:\Users\Pc\AppData\Roaming\cache.ini
2013-08-26 11:25 - 2013-08-26 11:26 - 00057182 _____ C:\Users\Pc\Downloads\video.hd.zip
2013-08-25 16:09 - 2013-08-25 16:09 - 03249480 _____ (Unity Technologies ApS) C:\Users\Pc\Downloads\UnityWebPlayer(1).exe
2013-08-25 16:07 - 2013-08-26 11:13 - 00000000 ____D C:\Users\Pc\AppData\Local\Unity
2013-08-25 16:07 - 2013-08-25 16:07 - 03249480 _____ (Unity Technologies ApS) C:\Users\Pc\Downloads\UnityWebPlayer.exe
2013-08-25 10:29 - 2013-08-25 14:39 - 00000000 ____D C:\Users\Pc\AppData\Roaming\GetRightToGo
2013-08-25 10:28 - 2013-08-25 10:28 - 00438096 _____ ( gamigo AG) C:\Users\Pc\Downloads\KingofKings3Downloader.exe
2013-08-25 07:35 - 2013-08-25 08:03 - 00000000 ____D C:\Users\Pc\AppData\Roaming\DMCache
2013-08-25 07:35 - 2013-08-25 07:43 - 00000000 ____D C:\Users\Pc\AppData\Roaming\IDM
2013-08-25 07:35 - 2013-08-25 07:35 - 00000000 ____D C:\ProgramData\IDM
2013-08-25 07:34 - 2013-08-25 08:04 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2013-08-24 12:37 - 2013-08-24 12:37 - 00000561 _____ C:\Users\Pc\Desktop\Pictures - Verknüpfung.lnk
2013-08-24 12:36 - 2013-08-24 12:36 - 00000000 ____D C:\Users\Pc\Desktop\Video
2013-08-24 05:56 - 2013-08-24 05:56 - 00000000 ____D C:\Windows\System32\appmgmt
2013-08-23 18:34 - 2013-08-25 08:11 - 00000386 _____ C:\Users\Pc\Documents\eurotrucks2.CT
2013-08-23 18:27 - 2013-08-23 18:27 - 00001098 _____ C:\Users\Pc\Desktop\Cheat Engine.lnk
2013-08-23 18:27 - 2013-08-23 18:27 - 00000000 ____D C:\Users\Pc\Documents\My Cheat Tables
2013-08-23 18:27 - 2013-08-23 18:27 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-08-23 14:45 - 2013-08-23 14:45 - 00000000 _____ C:\end
2013-08-22 20:33 - 2013-08-29 15:46 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-08-22 20:33 - 2013-08-23 15:36 - 00000000 ____D C:\Users\Pc\AppData\Roaming\WinZipper
2013-08-22 15:45 - 2013-08-22 15:45 - 00000054 _____ C:\Users\Pc\AppData\Roaming\WB.CFG
2013-08-22 15:45 - 2013-08-22 15:45 - 00000005 _____ C:\Users\Pc\AppData\Roaming\WBPU-TTL.DAT
2013-08-22 14:51 - 2013-08-22 14:51 - 00000000 ____D C:\Users\Pc\Desktop\Alte Firefox-Daten
2013-08-22 14:45 - 2013-08-29 15:46 - 00000000 ____D C:\ProgramData\eSafe
2013-08-22 14:45 - 2013-08-25 18:45 - 00000278 _____ C:\Windows\Tasks\Dealply.job
2013-08-22 14:45 - 2013-08-24 06:50 - 00000000 ____D C:\Program Files (x86)\DealPlyLive
2013-08-22 14:45 - 2013-08-24 05:57 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-08-22 14:45 - 2013-08-22 14:45 - 00003206 _____ C:\Windows\System32\Tasks\Dealply
2013-08-22 14:45 - 2013-08-22 14:45 - 00000000 ____D C:\Users\Pc\AppData\Roaming\DSite
2013-08-22 14:45 - 2013-08-22 14:45 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Dealply
2013-08-22 14:45 - 2013-08-22 14:45 - 00000000 ____D C:\Users\Pc\AppData\Local\DealPlyLive
2013-08-22 14:45 - 2013-08-22 14:45 - 00000000 ____D C:\User Data
2013-08-22 14:45 - 2013-08-22 14:45 - 00000000 ____D C:\ProgramData\DealPlyLive
2013-08-18 20:33 - 2013-08-18 20:33 - 00000000 ____D C:\Users\Pc\AppData\Local\avgchrome
2013-08-18 20:24 - 2013-08-18 20:33 - 00000000 ____D C:\ProgramData\Freemake
2013-08-18 20:24 - 2013-08-18 20:24 - 00000000 ____D C:\Users\Pc\Documents\Freemake
2013-08-18 20:23 - 2013-08-23 18:27 - 00000000 ____D C:\Users\Pc\AppData\Roaming\OpenCandy
2013-08-18 20:23 - 2013-08-18 20:33 - 00000000 ____D C:\Program Files (x86)\Freemake
2013-08-18 19:45 - 2013-08-18 19:57 - 02724828 _____ C:\Users\Pc\Documents\08 16 Dollars.wma
2013-08-18 19:31 - 2013-08-18 19:41 - 04583358 _____ C:\Users\Pc\Documents\06 7 Shots.wma
2013-08-17 15:30 - 2013-08-17 21:42 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Kalypso Media
2013-08-17 15:25 - 2013-08-17 15:25 - 00000000 ____D C:\Program Files (x86)\Kalypso Media
2013-08-17 15:22 - 2013-08-18 21:15 - 01589618 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-17 15:06 - 2013-08-17 15:06 - 00000760 _____ C:\Users\Pc\Desktop\Landwirtschafts Simulator 2011 .lnk
2013-08-17 07:55 - 2013-08-17 12:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-15 10:11 - 2013-08-15 10:11 - 00000000 ____D C:\Users\Pc\AppData\Local\Risen2
2013-08-15 10:06 - 2013-08-15 10:06 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-15 10:04 - 2013-08-15 10:05 - 00017361 _____ C:\Windows\DirectX.log
2013-08-14 14:33 - 2013-07-26 06:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-08-14 14:33 - 2013-07-26 06:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-08-14 14:33 - 2013-07-26 06:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-08-14 14:33 - 2013-07-26 06:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-08-14 14:33 - 2013-07-26 06:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-08-14 14:33 - 2013-07-26 06:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-08-14 14:33 - 2013-07-26 06:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-08-14 14:33 - 2013-07-26 06:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-08-14 14:33 - 2013-07-26 06:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-08-14 14:33 - 2013-07-26 06:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-08-14 14:33 - 2013-07-26 06:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-08-14 14:33 - 2013-07-26 06:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-08-14 14:33 - 2013-07-26 06:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-08-14 14:33 - 2013-07-26 06:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-08-14 14:33 - 2013-07-26 04:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-08-14 14:33 - 2013-07-26 04:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 14:33 - 2013-07-26 04:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 14:33 - 2013-07-26 04:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 14:33 - 2013-07-26 04:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 14:33 - 2013-07-26 04:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 14:33 - 2013-07-26 04:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 14:33 - 2013-07-26 04:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 14:33 - 2013-07-26 04:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 14:33 - 2013-07-26 04:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 14:33 - 2013-07-26 04:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 14:33 - 2013-07-26 04:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 14:33 - 2013-07-26 04:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 14:33 - 2013-07-26 04:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 14:33 - 2013-07-26 03:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 14:33 - 2013-07-26 03:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-08-14 14:33 - 2013-07-26 02:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 14:17 - 2013-08-18 11:58 - 00000000 ____D C:\ProgramData\savenshaarrea
2013-08-14 14:12 - 2013-08-14 14:19 - 00000000 ____D C:\Program Files (x86)\WebSearch
2013-08-14 14:11 - 2013-08-18 11:58 - 00000000 ____D C:\ProgramData\saveNshaRRe
2013-08-14 14:11 - 2013-08-14 14:11 - 00000000 ____D C:\Users\Pc\AppData\Local\Google
2013-08-14 14:11 - 2013-08-14 14:11 - 00000000 ____D C:\ProgramData\BetterSoft
2013-08-14 12:44 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-08-14 12:44 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 12:44 - 2013-07-19 02:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-08-14 12:44 - 2013-07-19 02:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 12:44 - 2013-07-09 15:51 - 01216000 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2013-08-14 12:44 - 2013-07-09 15:51 - 00189440 _____ (Microsoft Corporation) C:\Windows\System32\rpchttp.dll
2013-08-14 12:44 - 2013-07-09 15:47 - 01472000 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-08-14 12:44 - 2013-07-09 15:47 - 00186880 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-08-14 12:44 - 2013-07-09 15:47 - 00141824 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-08-14 12:44 - 2013-07-09 15:02 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 12:44 - 2013-07-09 15:01 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2013-08-14 12:44 - 2013-07-09 14:57 - 01167360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 12:44 - 2013-07-09 14:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 12:44 - 2013-07-09 14:57 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 12:44 - 2013-07-09 06:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-08-14 12:44 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 12:44 - 2013-07-08 06:22 - 05554624 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-08-14 12:44 - 2013-07-08 06:20 - 01737688 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-08-14 12:44 - 2013-07-08 06:18 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2013-08-14 12:44 - 2013-07-08 06:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2013-08-14 12:44 - 2013-07-08 06:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-08-14 12:44 - 2013-07-08 06:18 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2013-08-14 12:44 - 2013-07-08 06:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2013-08-14 12:44 - 2013-07-08 06:14 - 01162240 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-08-14 12:44 - 2013-07-08 06:14 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-08-14 12:44 - 2013-07-08 06:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00058368 _____ (Microsoft Corporation) C:\Windows\System32\appidapi.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\appidsvc.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:08 - 03973056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 12:44 - 2013-07-08 06:08 - 03918272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 12:44 - 2013-07-08 06:06 - 01296312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 12:44 - 2013-07-08 06:06 - 00117760 _____ C:\Users\Pc\AppData\Roaming\cache.dat
2013-08-14 12:44 - 2013-07-08 06:05 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-08-14 12:44 - 2013-07-08 06:05 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-08-14 12:44 - 2013-07-08 06:05 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 04:31 - 00148480 _____ (Microsoft Corporation) C:\Windows\System32\appidpolicyconverter.exe
2013-08-14 12:44 - 2013-07-08 04:31 - 00061440 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2013-08-14 12:44 - 2013-07-08 04:31 - 00017920 _____ (Microsoft Corporation) C:\Windows\System32\appidcertstorecheck.exe
2013-08-14 12:44 - 2013-07-08 04:12 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-08-14 12:44 - 2013-07-08 04:07 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 12:44 - 2013-07-08 04:07 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 12:44 - 2013-07-08 04:07 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 12:44 - 2013-07-08 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 12:44 - 2013-07-08 04:02 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 04:02 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 04:02 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 04:02 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 03:50 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-08-14 12:44 - 2013-07-06 06:20 - 01900992 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-08-14 12:44 - 2013-07-06 06:20 - 00376768 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2013-08-14 12:44 - 2013-07-06 06:20 - 00288192 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-08-14 12:44 - 2013-06-15 05:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2013-08-10 22:28 - 2013-08-26 11:34 - 00014728 _____ C:\Windows\PFRO.log
2013-08-10 16:17 - 2013-08-10 16:17 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-08-10 16:16 - 2013-08-10 16:16 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Babylon
2013-08-10 16:16 - 2013-08-10 16:16 - 00000000 ____D C:\ProgramData\Babylon
2013-08-10 14:29 - 2013-08-10 14:29 - 00000000 ____D C:\ProgramData\StarApp
2013-08-10 14:28 - 2013-08-29 16:24 - 00000410 ____H C:\Windows\Tasks\schedule!3036567561.job
2013-08-10 14:28 - 2013-08-14 14:11 - 00002704 _____ C:\Windows\System32\Tasks\schedule!3036567561
2013-08-10 14:27 - 2013-08-14 14:20 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-08-10 14:27 - 2013-08-14 14:19 - 00000000 ____D C:\Program Files (x86)\SaveShare
2013-08-10 14:25 - 2013-08-14 14:19 - 00000000 ____D C:\ProgramData\InstallMate
2013-08-10 09:05 - 2013-08-10 09:05 - 00000641 _____ C:\Users\Pc\Documents\Uninstall STAR WARS The Old Republic.log
2013-08-10 09:04 - 2013-08-10 09:05 - 00000000 ____D C:\Program Files (x86)\plaync
2013-08-09 16:25 - 2013-08-09 16:25 - 00000000 ____D C:\Users\Pc\AppData\Local\Chromium
2013-08-09 15:18 - 2013-08-29 16:24 - 00004652 _____ C:\Windows\setupact.log
2013-08-09 15:18 - 2013-08-09 15:18 - 00000000 _____ C:\Windows\setuperr.log
2013-08-07 18:23 - 2013-08-07 18:23 - 00000025 _____ C:\Users\Pc\Desktop\options.ini
2013-08-07 18:23 - 2013-07-09 01:47 - 00575029 _____ C:\Users\Pc\Desktop\left4uncut.exe
2013-08-06 21:06 - 2013-08-10 09:06 - 00000000 ____D C:\ProgramData\BitRaider
2013-08-06 21:06 - 2013-08-06 21:06 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2013-08-06 21:05 - 2013-08-06 21:05 - 00000000 ____D C:\Users\Pc\AppData\Local\SWTORPerf
2013-08-06 20:56 - 2013-08-06 20:57 - 00016608 _____ C:\Users\Pc\Documents\Install STAR WARS The Old Republic.log
2013-08-06 20:56 - 2013-08-06 20:56 - 00000000 ____D C:\users\hedev
2013-08-06 18:42 - 2013-08-06 21:20 - 00000000 ____D C:\Users\Pc\AppData\Roaming\TS3Client
2013-08-06 18:42 - 2013-08-06 18:42 - 00001175 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-08-06 18:42 - 2013-08-06 18:42 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-08-06 18:39 - 2013-08-16 07:59 - 00000169 _____ C:\Users\Pc\Desktop\Microcomandos.txt
2013-08-04 19:26 - 2013-08-04 19:26 - 00000000 ____H C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-07-31 05:59 - 2010-06-02 03:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_7.dll
2013-07-31 05:59 - 2010-06-02 03:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_7.dll
2013-07-31 05:59 - 2010-06-02 03:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_5.dll
2013-07-31 05:59 - 2010-05-26 10:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_43.dll
2013-07-31 05:59 - 2010-05-26 10:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_43.dll
2013-07-31 05:59 - 2010-05-26 10:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\System32\d3dcsx_43.dll
2013-07-31 05:59 - 2010-05-26 10:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_43.dll
2013-07-31 05:59 - 2010-05-26 10:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\System32\d3dx11_43.dll
2013-07-31 05:59 - 2010-02-04 09:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_6.dll
2013-07-31 05:59 - 2010-02-04 09:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2013-07-31 05:59 - 2010-02-04 09:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2013-07-31 05:59 - 2010-02-04 09:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_6.dll
2013-07-31 05:59 - 2010-02-04 09:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_4.dll
2013-07-31 05:59 - 2010-02-04 09:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2013-07-31 05:59 - 2010-02-04 09:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_7.dll
2013-07-31 05:59 - 2010-02-04 09:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2013-07-31 05:59 - 2009-09-04 16:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_5.dll
2013-07-31 05:59 - 2009-09-04 16:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2013-07-31 05:59 - 2009-09-04 16:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2013-07-31 05:59 - 2009-09-04 16:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_5.dll
2013-07-31 05:59 - 2009-09-04 16:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_3.dll
2013-07-31 05:59 - 2009-09-04 16:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2013-07-31 05:59 - 2009-09-04 16:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\System32\d3dcsx_42.dll
2013-07-31 05:59 - 2009-09-04 16:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2013-07-31 05:59 - 2009-09-04 16:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_42.dll
2013-07-31 05:59 - 2009-09-04 16:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_42.dll
2013-07-31 05:59 - 2009-09-04 16:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-07-31 05:59 - 2009-09-04 16:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_42.dll
2013-07-31 05:59 - 2009-09-04 16:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\System32\d3dx11_42.dll
2013-07-31 05:59 - 2009-09-04 16:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2013-07-31 05:59 - 2008-10-27 09:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_3.dll
2013-07-31 05:59 - 2008-10-27 09:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2013-07-31 05:59 - 2008-10-27 09:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2013-07-31 05:59 - 2008-10-27 09:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_3.dll
2013-07-31 05:59 - 2008-10-27 09:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_2.dll
2013-07-31 05:59 - 2008-10-27 09:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2013-07-31 05:59 - 2008-10-27 09:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_5.dll
2013-07-31 05:59 - 2008-10-27 09:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2013-07-31 05:59 - 2008-07-31 09:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2013-07-31 05:59 - 2008-07-31 09:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_2.dll
2013-07-31 05:59 - 2008-07-31 09:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_1.dll
2013-07-31 05:59 - 2008-07-31 09:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-07-31 05:59 - 2008-07-31 09:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_2.dll
2013-07-31 05:59 - 2008-07-31 09:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2013-07-31 05:44 - 2013-07-31 05:44 - 00000000 ____D C:\Users\Pc\AppData\Roaming\SOAGames
2013-07-30 18:17 - 2013-07-30 18:17 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Day 1 Studios
2013-07-30 17:16 - 2010-06-02 03:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2013-07-30 17:16 - 2010-06-02 03:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2013-07-30 17:16 - 2010-06-02 03:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2013-07-30 17:16 - 2010-05-26 10:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-07-30 17:16 - 2010-05-26 10:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2013-07-30 17:16 - 2010-05-26 10:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2013-07-30 17:16 - 2010-05-26 10:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2013-07-30 17:16 - 2010-05-26 10:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2013-07-30 17:16 - 2009-09-04 16:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2013-07-30 14:23 - 2013-08-25 15:36 - 00000000 ____D C:\Users\Pc\Documents\Euro Truck Simulator 2
2013-07-30 09:20 - 2013-07-30 09:20 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-07-30 08:56 - 2013-07-30 08:56 - 00000000 ____H C:\Windows\System32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2013-07-30 06:43 - 2013-08-29 16:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-30 06:43 - 2013-07-30 07:13 - 00002055 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-07-30 06:43 - 2013-07-30 07:13 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2013-07-30 06:43 - 2013-07-30 06:45 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-30 06:43 - 2013-07-30 06:43 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Macromedia
2013-07-30 06:43 - 2013-07-30 06:43 - 00000000 ____D C:\Users\Pc\AppData\Local\Macromedia
2013-07-30 06:43 - 2013-07-30 06:43 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-07-30 06:43 - 2013-07-30 06:43 - 00000000 ____D C:\ProgramData\McAfee

==================== One Month Modified Files and Folders =======

2013-08-29 18:13 - 2013-08-29 18:13 - 00000000 ____D C:\FRST
2013-08-29 16:28 - 2013-08-26 11:31 - 00000004 _____ C:\Users\Pc\AppData\Roaming\cache.ini
2013-08-29 16:28 - 2013-07-17 00:27 - 01599885 _____ C:\Windows\WindowsUpdate.log
2013-08-29 16:28 - 2009-07-14 05:45 - 00021088 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-29 16:28 - 2009-07-14 05:45 - 00021088 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-29 16:26 - 2013-07-29 19:50 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Skype
2013-08-29 16:24 - 2013-08-10 14:28 - 00000410 ____H C:\Windows\Tasks\schedule!3036567561.job
2013-08-29 16:24 - 2013-08-09 15:18 - 00004652 _____ C:\Windows\setupact.log
2013-08-29 16:24 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-29 16:23 - 2013-07-30 06:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-29 16:18 - 2013-08-29 16:18 - 00001931 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-29 16:18 - 2013-07-17 15:24 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-08-29 16:18 - 2013-07-17 15:24 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-08-29 15:46 - 2013-08-22 20:33 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-08-29 15:46 - 2013-08-22 14:45 - 00000000 ____D C:\ProgramData\eSafe
2013-08-26 17:15 - 2013-08-26 17:15 - 00003240 ____N C:\bootsqm.dat
2013-08-26 11:34 - 2013-08-10 22:28 - 00014728 _____ C:\Windows\PFRO.log
2013-08-26 11:26 - 2013-08-26 11:25 - 00057182 _____ C:\Users\Pc\Downloads\video.hd.zip
2013-08-26 11:13 - 2013-08-25 16:07 - 00000000 ____D C:\Users\Pc\AppData\Local\Unity
2013-08-25 18:45 - 2013-08-22 14:45 - 00000278 _____ C:\Windows\Tasks\Dealply.job
2013-08-25 16:09 - 2013-08-25 16:09 - 03249480 _____ (Unity Technologies ApS) C:\Users\Pc\Downloads\UnityWebPlayer(1).exe
2013-08-25 16:07 - 2013-08-25 16:07 - 03249480 _____ (Unity Technologies ApS) C:\Users\Pc\Downloads\UnityWebPlayer.exe
2013-08-25 15:36 - 2013-07-30 14:23 - 00000000 ____D C:\Users\Pc\Documents\Euro Truck Simulator 2
2013-08-25 14:39 - 2013-08-25 10:29 - 00000000 ____D C:\Users\Pc\AppData\Roaming\GetRightToGo
2013-08-25 10:28 - 2013-08-25 10:28 - 00438096 _____ ( gamigo AG) C:\Users\Pc\Downloads\KingofKings3Downloader.exe
2013-08-25 08:11 - 2013-08-23 18:34 - 00000386 _____ C:\Users\Pc\Documents\eurotrucks2.CT
2013-08-25 08:04 - 2013-08-25 07:34 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2013-08-25 08:03 - 2013-08-25 07:35 - 00000000 ____D C:\Users\Pc\AppData\Roaming\DMCache
2013-08-25 07:43 - 2013-08-25 07:35 - 00000000 ____D C:\Users\Pc\AppData\Roaming\IDM
2013-08-25 07:35 - 2013-08-25 07:35 - 00000000 ____D C:\ProgramData\IDM
2013-08-24 12:40 - 2011-04-12 08:43 - 00696832 _____ C:\Windows\System32\perfh007.dat
2013-08-24 12:40 - 2011-04-12 08:43 - 00148128 _____ C:\Windows\System32\perfc007.dat
2013-08-24 12:40 - 2009-07-14 06:13 - 01613340 _____ C:\Windows\System32\PerfStringBackup.INI
2013-08-24 12:37 - 2013-08-24 12:37 - 00000561 _____ C:\Users\Pc\Desktop\Pictures - Verknüpfung.lnk
2013-08-24 12:36 - 2013-08-24 12:36 - 00000000 ____D C:\Users\Pc\Desktop\Video
2013-08-24 06:50 - 2013-08-22 14:45 - 00000000 ____D C:\Program Files (x86)\DealPlyLive
2013-08-24 05:57 - 2013-08-22 14:45 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-08-24 05:56 - 2013-08-24 05:56 - 00000000 ____D C:\Windows\System32\appmgmt
2013-08-23 18:27 - 2013-08-23 18:27 - 00001098 _____ C:\Users\Pc\Desktop\Cheat Engine.lnk
2013-08-23 18:27 - 2013-08-23 18:27 - 00000000 ____D C:\Users\Pc\Documents\My Cheat Tables
2013-08-23 18:27 - 2013-08-23 18:27 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-08-23 18:27 - 2013-08-18 20:23 - 00000000 ____D C:\Users\Pc\AppData\Roaming\OpenCandy
2013-08-23 15:36 - 2013-08-22 20:33 - 00000000 ____D C:\Users\Pc\AppData\Roaming\WinZipper
2013-08-23 14:45 - 2013-08-23 14:45 - 00000000 _____ C:\end
2013-08-22 20:33 - 2011-02-19 22:03 - 00421032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-08-22 20:33 - 2011-02-18 23:40 - 00773800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-08-22 15:45 - 2013-08-22 15:45 - 00000054 _____ C:\Users\Pc\AppData\Roaming\WB.CFG
2013-08-22 15:45 - 2013-08-22 15:45 - 00000005 _____ C:\Users\Pc\AppData\Roaming\WBPU-TTL.DAT
2013-08-22 14:51 - 2013-08-22 14:51 - 00000000 ____D C:\Users\Pc\Desktop\Alte Firefox-Daten
2013-08-22 14:45 - 2013-08-22 14:45 - 00003206 _____ C:\Windows\System32\Tasks\Dealply
2013-08-22 14:45 - 2013-08-22 14:45 - 00000000 ____D C:\Users\Pc\AppData\Roaming\DSite
2013-08-22 14:45 - 2013-08-22 14:45 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Dealply
2013-08-22 14:45 - 2013-08-22 14:45 - 00000000 ____D C:\Users\Pc\AppData\Local\DealPlyLive
2013-08-22 14:45 - 2013-08-22 14:45 - 00000000 ____D C:\User Data
2013-08-22 14:45 - 2013-08-22 14:45 - 00000000 ____D C:\ProgramData\DealPlyLive
2013-08-18 21:15 - 2013-08-17 15:22 - 01589618 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-18 20:33 - 2013-08-18 20:33 - 00000000 ____D C:\Users\Pc\AppData\Local\avgchrome
2013-08-18 20:33 - 2013-08-18 20:24 - 00000000 ____D C:\ProgramData\Freemake
2013-08-18 20:33 - 2013-08-18 20:23 - 00000000 ____D C:\Program Files (x86)\Freemake
2013-08-18 20:24 - 2013-08-18 20:24 - 00000000 ____D C:\Users\Pc\Documents\Freemake
2013-08-18 19:57 - 2013-08-18 19:45 - 02724828 _____ C:\Users\Pc\Documents\08 16 Dollars.wma
2013-08-18 19:41 - 2013-08-18 19:31 - 04583358 _____ C:\Users\Pc\Documents\06 7 Shots.wma
2013-08-18 11:58 - 2013-08-14 14:17 - 00000000 ____D C:\ProgramData\savenshaarrea
2013-08-18 11:58 - 2013-08-14 14:11 - 00000000 ____D C:\ProgramData\saveNshaRRe
2013-08-18 08:13 - 2013-07-22 06:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-17 21:42 - 2013-08-17 15:30 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Kalypso Media
2013-08-17 15:37 - 2013-07-18 21:42 - 00000000 ____D C:\Users\Pc\Documents\My Games
2013-08-17 15:25 - 2013-08-17 15:25 - 00000000 ____D C:\Program Files (x86)\Kalypso Media
2013-08-17 15:06 - 2013-08-17 15:06 - 00000760 _____ C:\Users\Pc\Desktop\Landwirtschafts Simulator 2011 .lnk
2013-08-17 12:52 - 2013-08-17 07:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 07:59 - 2013-08-06 18:39 - 00000169 _____ C:\Users\Pc\Desktop\Microcomandos.txt
2013-08-16 07:59 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-08-15 10:11 - 2013-08-15 10:11 - 00000000 ____D C:\Users\Pc\AppData\Local\Risen2
2013-08-15 10:06 - 2013-08-15 10:06 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-15 10:05 - 2013-08-15 10:04 - 00017361 _____ C:\Windows\DirectX.log
2013-08-14 14:55 - 2013-07-17 01:23 - 00000000 ____D C:\Windows\Panther
2013-08-14 14:27 - 2013-07-18 22:16 - 00000000 ____D C:\Windows\System32\MRT
2013-08-14 14:25 - 2013-07-17 01:53 - 78161360 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-08-14 14:20 - 2013-08-10 14:27 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-08-14 14:19 - 2013-08-14 14:12 - 00000000 ____D C:\Program Files (x86)\WebSearch
2013-08-14 14:19 - 2013-08-10 14:27 - 00000000 ____D C:\Program Files (x86)\SaveShare
2013-08-14 14:19 - 2013-08-10 14:25 - 00000000 ____D C:\ProgramData\InstallMate
2013-08-14 14:11 - 2013-08-14 14:11 - 00000000 ____D C:\Users\Pc\AppData\Local\Google
2013-08-14 14:11 - 2013-08-14 14:11 - 00000000 ____D C:\ProgramData\BetterSoft
2013-08-14 14:11 - 2013-08-10 14:28 - 00002704 _____ C:\Windows\System32\Tasks\schedule!3036567561
2013-08-10 16:17 - 2013-08-10 16:17 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-08-10 16:17 - 2013-07-17 00:33 - 00000000 ____D C:\users\Pc
2013-08-10 16:16 - 2013-08-10 16:16 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Babylon
2013-08-10 16:16 - 2013-08-10 16:16 - 00000000 ____D C:\ProgramData\Babylon
2013-08-10 14:29 - 2013-08-10 14:29 - 00000000 ____D C:\ProgramData\StarApp
2013-08-10 09:06 - 2013-08-06 21:06 - 00000000 ____D C:\ProgramData\BitRaider
2013-08-10 09:05 - 2013-08-10 09:05 - 00000641 _____ C:\Users\Pc\Documents\Uninstall STAR WARS The Old Republic.log
2013-08-10 09:05 - 2013-08-10 09:04 - 00000000 ____D C:\Program Files (x86)\plaync
2013-08-09 16:25 - 2013-08-09 16:25 - 00000000 ____D C:\Users\Pc\AppData\Local\Chromium
2013-08-09 15:18 - 2013-08-09 15:18 - 00000000 _____ C:\Windows\setuperr.log
2013-08-07 18:23 - 2013-08-07 18:23 - 00000025 _____ C:\Users\Pc\Desktop\options.ini
2013-08-06 21:44 - 2013-07-17 15:26 - 00000000 ____D C:\Program Files\CCleaner
2013-08-06 21:20 - 2013-08-06 18:42 - 00000000 ____D C:\Users\Pc\AppData\Roaming\TS3Client
2013-08-06 21:06 - 2013-08-06 21:06 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2013-08-06 21:05 - 2013-08-06 21:05 - 00000000 ____D C:\Users\Pc\AppData\Local\SWTORPerf
2013-08-06 20:57 - 2013-08-06 20:56 - 00016608 _____ C:\Users\Pc\Documents\Install STAR WARS The Old Republic.log
2013-08-06 20:56 - 2013-08-06 20:56 - 00000000 ____D C:\users\hedev
2013-08-06 18:42 - 2013-08-06 18:42 - 00001175 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-08-06 18:42 - 2013-08-06 18:42 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-08-04 19:26 - 2013-08-04 19:26 - 00000000 ____H C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-07-31 05:44 - 2013-07-31 05:44 - 00000000 ____D C:\Users\Pc\AppData\Roaming\SOAGames
2013-07-30 18:17 - 2013-07-30 18:17 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Day 1 Studios
2013-07-30 14:22 - 2013-07-18 21:40 - 00000000 ____D C:\Users\Pc\AppData\Roaming\WinRAR
2013-07-30 09:20 - 2013-07-30 09:20 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-07-30 08:56 - 2013-07-30 08:56 - 00000000 ____H C:\Windows\System32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2013-07-30 07:13 - 2013-07-30 06:43 - 00002055 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-07-30 07:13 - 2013-07-30 06:43 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2013-07-30 06:45 - 2013-07-30 06:43 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-30 06:45 - 2013-07-18 21:41 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-30 06:45 - 2013-07-17 15:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-30 06:45 - 2013-07-17 15:22 - 00000000 ____D C:\Users\Pc\AppData\Local\Adobe
2013-07-30 06:43 - 2013-07-30 06:43 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Macromedia
2013-07-30 06:43 - 2013-07-30 06:43 - 00000000 ____D C:\Users\Pc\AppData\Local\Macromedia
2013-07-30 06:43 - 2013-07-30 06:43 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-07-30 06:43 - 2013-07-30 06:43 - 00000000 ____D C:\ProgramData\McAfee
2013-07-30 06:35 - 2013-07-17 23:44 - 00003126 _____ C:\Windows\System32\Tasks\FRAPS
2013-07-30 06:33 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

Files to move or delete:
====================
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\Setup.exe
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\VisualCRT\vc2008redist_x86.exe
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\DirectX\DSETUP.dll
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\DirectX\dsetup32.dll
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\DirectX\DXSETUP.exe
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\data\Star Wars - The Old Republic Uninstaller.exe
C:\Users\Pc\AppData\Roaming\cache.dat
C:\Users\Pc\AppData\Roaming\cache.ini
C:\Users\Pc\AppData\Local\Temp\FreemakeVideoDownloader_3.5.3.3.exe
C:\Users\Pc\AppData\Local\Temp\Tsu5B14192F.dll
C:\Users\Pc\AppData\Local\Temp\TsuDB9AE859.dll
C:\Users\Pc\AppData\Local\Temp\{F432FB64-5DA6-4811-AAFA-15842FD1D992}\Custom.dll
C:\Users\Pc\AppData\Local\Temp\{F432FB64-5DA6-4811-AAFA-15842FD1D992}\Setup.exe
C:\Users\Pc\AppData\Local\Temp\{F432FB64-5DA6-4811-AAFA-15842FD1D992}\_Setup.dll
C:\Users\Pc\AppData\Local\Temp\{0382C834-C502-46DF-A434-8D20D861EAC2}\Custom.dll
C:\Users\Pc\AppData\Local\Temp\{0382C834-C502-46DF-A434-8D20D861EAC2}\Setup.exe
C:\Users\Pc\AppData\Local\Temp\{0382C834-C502-46DF-A434-8D20D861EAC2}\_Setup.dll
C:\Users\Pc\AppData\Local\Temp\WzEF5B5.tmp\video.hd.exe
C:\Users\Pc\AppData\Local\Temp\WzED2DB.tmp\video.hd.exe
C:\Users\Pc\AppData\Local\Temp\WzEB1A7.tmp\Trainer Euro Truck Simulator 2 v 1.1.1 plus 3 by Grom-Skynet.exe
C:\Users\Pc\AppData\Local\Temp\WzE9E5D.tmp\Trainer Euro Truck Simulator 2 v 1.1.1 plus 3 by Grom-Skynet.exe
C:\Users\Pc\AppData\Local\Temp\WzE13AC.tmp\Trainer Euro Truck Simulator 2 v 1.1.1 plus 3 by Grom-Skynet.exe
C:\Users\Pc\AppData\Local\Temp\VSD5F81.tmp\setup-de.exe
C:\Users\Pc\AppData\Local\Temp\VSD5F81.tmp\vcredist_2008_x86\vcredist_x86.exe
C:\Users\Pc\AppData\Local\Temp\VSD5F81.tmp\DotNetFX40\dotNetFx40LP_Full_x86_x64de.exe
C:\Users\Pc\AppData\Local\Temp\VSD5F81.tmp\DotNetFX40\dotNetFx40_Full_x86_x64.exe
C:\Users\Pc\AppData\Local\Temp\UnityWebPlayer\UnityWebPlayerUpdate.exe
C:\Users\Pc\AppData\Local\Temp\OCS\ICSharpCode.SharpZipLib.dll
C:\Users\Pc\AppData\Local\Temp\OCS\ocs_v7f.exe
C:\Users\Pc\AppData\Local\Temp\OCS\Downloads\fc14996dfa99adfc7baae624196888c5\f8d689b190207dc8cc11c65a624c9879\CheatEngine62.exe
C:\Users\Pc\AppData\Local\Temp\nss4E8D.tmp\nsJSON.dll
C:\Users\Pc\AppData\Local\Temp\eIntaller\CE1523132DDD427f88A13FD5E159B0E8\eGdpSvc.exe
C:\Users\Pc\AppData\Local\Temp\eIntaller\CE1523132DDD427f88A13FD5E159B0E8\eXQ.exe
C:\Users\Pc\AppData\Local\Temp\eIntaller\00F838D6042347d59899FCCAB1ADEB64\eXQ.exe
C:\Users\Pc\AppData\Local\Temp\A191D543-BAB0-7891-A8F6-1BB149FB19D8\Latest\BExternal.dll
C:\Users\Pc\AppData\Local\Temp\A191D543-BAB0-7891-A8F6-1BB149FB19D8\Latest\IEHelper.dll
C:\Users\Pc\AppData\Local\Temp\A191D543-BAB0-7891-A8F6-1BB149FB19D8\Latest\sqlite3.dll
C:\Users\Pc\AppData\Local\Temp\687312.Uninstall\uninstaller.exe
C:\Users\Pc\AppData\Local\Temp\2123078.Uninstall\uninstaller.exe
C:\Users\Pc\AppData\Local\Temp\2117562.Uninstall\uninstaller.exe

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2012-05-09 16:14] - [2012-05-09 16:14] - 0391168 ____A (Microsoft Corporation) EC5BD25A41E9B633CB39120DBB0939DC

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2012-05-09 16:53] - [2012-05-09 16:53] - 2872320 ____A (Microsoft Corporation) A27FB0CA2971BEC02595902A9FD35D6D

C:\Windows\SysWOW64\explorer.exe
[2012-05-09 16:53] - [2012-05-09 16:53] - 2616320 ____A (Microsoft Corporation) 82B49E32080BF5C469BF877C473B15EB

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2012-05-09 16:23] - [2012-05-09 16:23] - 1008128 ____A (Microsoft Corporation) 7FB4D54B502C6CF2E35B8188FA4CC08C

C:\Windows\SysWOW64\User32.dll
[2012-05-09 16:23] - [2012-05-09 16:23] - 0833024 ____A (Microsoft Corporation) 9B836EE76E3A99052EF6DEA52B41D1BE

C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2012-05-09 16:24] - [2012-05-09 16:24] - 0296816 ____A (Microsoft Corporation) ABFECA99D72CE81E5C3612861F03B0CA


==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================


==================== BCD ================================

Windows-Start-Manager
---------------------
Bezeichner              {bootmgr}
device                  partition=Y:
description             Windows Boot Manager
locale                  de-DE
inherit                 {globalsettings}
default                 {default}
resumeobject            {122eff48-ee77-11e2-a95d-a79839294330}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30

Windows-Startladeprogramm
-------------------------
Bezeichner              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {122eff48-ee77-11e2-a95d-a79839294330}
nx                      OptIn

Windows-Startladeprogramm
-------------------------
Bezeichner              {current}
device                  ramdisk=[C:]\Recovery\122eff4a-ee77-11e2-a95d-a79839294330\Winre.wim,{122eff4b-ee77-11e2-a95d-a79839294330}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\122eff4a-ee77-11e2-a95d-a79839294330\Winre.wim,{122eff4b-ee77-11e2-a95d-a79839294330}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {122eff48-ee77-11e2-a95d-a79839294330}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows-Speichertestprogramm
----------------------------
Bezeichner              {memdiag}
device                  partition=Y:
path                    \boot\memtest.exe
description             Windows-Speicherdiagnose
locale                  de-DE
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS-Einstellungen
-----------------
Bezeichner              {emssettings}
bootems                 Yes

Debuggereinstellungen
---------------------
Bezeichner              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM-Defekte
-----------
Bezeichner              {badmemory}

Globale Einstellungen
---------------------
Bezeichner              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisoreinstellungen
-------------------
Bezeichner              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner              {resumeloadersettings}
inherit                 {globalsettings}

Ger„teoptionen
--------------
Bezeichner              {122eff4b-ee77-11e2-a95d-a79839294330}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\122eff4a-ee77-11e2-a95d-a79839294330\boot.sdi


==================== Memory info =========================== 

Percentage of memory in use: 13%
Total physical RAM: 4095.24 MB
Available physical RAM: 3545.4 MB
Total Pagefile: 4093.44 MB
Available Pagefile: 3530.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: (Windows 7) (Fixed) (Total:44.58 GB) (Free:1.8 GB) NTFS
Drive e: (Speicher) (Fixed) (Total:298.34 GB) (Free:288.11 GB) NTFS
Drive f: (Spiele) (Fixed) (Total:122.74 GB) (Free:53.75 GB) NTFS
Drive h: (INTENSO) (Removable) (Total:3.61 GB) (Free:2.72 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E7C775AB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=45 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=123 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=4 GB) - (Type=06)


LastRegBack: 2013-08-24 06:16

==================== End Of Log ============================
         
--- --- ---

--- --- ---


hi schrauber,

wie geht es dann weiter?

gruß aneliera
__________________

Alt 30.08.2013, 07:15   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Weißer Bildschirm  - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten - Standard

Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten



Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKU\Pc\...\Winlogon: [Shell] explorer.exe,C:\Users\Pc\AppData\Roaming\cache.dat [117760 2013-07-08] () <==== ATTENTION 
C:\Users\Pc\AppData\Roaming\cache.dat
C:\Users\Pc\AppData\Roaming\cache.ini
         
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.


Rechner normal starten
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.08.2013, 19:29   #5
Aneliera
 
Weißer Bildschirm  - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten - Standard

Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-08-2013
Ran by SYSTEM at 2013-08-30 20:22:18 Run:1
Running from H:\
Boot Mode: Recovery
==============================================

Content of fixlist:
*****************
HKU\Pc\...\Winlogon: [Shell] explorer.exe,C:\Users\Pc\AppData\Roaming\cache.dat [117760 2013-07-08] () <==== ATTENTION 
C:\Users\Pc\AppData\Roaming\cache.dat
C:\Users\Pc\AppData\Roaming\cache.ini
*****************

HKU\Pc\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
C:\Users\Pc\AppData\Roaming\cache.dat => Moved successfully.
C:\Users\Pc\AppData\Roaming\cache.ini => Moved successfully.

==== End of Fixlog ====
         
vielel, vielen, lieben dank


Alt 31.08.2013, 10:43   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Weißer Bildschirm  - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten - Standard

Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten



Dann ab jetzt Kontrollscans im normalen Modus:

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
--> Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten

Alt 31.08.2013, 12:48   #7
Aneliera
 
Weißer Bildschirm  - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten - Standard

Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten



Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.08.31.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Pc :: PC-PC [Administrator]

Schutz: Aktiviert

31.08.2013 12:10:59
mbam-log-2013-08-31 (12-10-59).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 428654
Laufzeit: 42 Minute(n), 15 Sekunde(n)

Infizierte Speicherprozesse: 2
C:\ProgramData\eSafe\eGdpSvc.exe (PUP.Optional.Esafe.A) -> 1144 -> Löschen bei Neustart.
C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe (PUP.Optional.OptimizerPro.A) -> 1968 -> Löschen bei Neustart.

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 28
HKCR\CLSID\{E8572D1D-25D8-6561-3E3F-D998E9A0F0AE} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8572D1D-25D8-6561-3E3F-D998E9A0F0AE} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E8572D1D-25D8-6561-3E3F-D998E9A0F0AE} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8572D1D-25D8-6561-3E3F-D998E9A0F0AE} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{0499A913-506A-9F01-A9BE-C3ECEDFA9584} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0499A913-506A-9F01-A9BE-C3ECEDFA9584} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0499A913-506A-9F01-A9BE-C3ECEDFA9584} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0499A913-506A-9F01-A9BE-C3ECEDFA9584} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{E87F3511-9587-7141-8D86-4FC403DA83A3} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87F3511-9587-7141-8D86-4FC403DA83A3} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87F3511-9587-7141-8D86-4FC403DA83A3} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87F3511-9587-7141-8D86-4FC403DA83A3} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5893F518-9984-CABD-81CF-5F739F1D7DD7} (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D78F37F3-39F0-AB88-B70D-8205908ED9F6} (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{712BD0D1-CF77-FE5B-C0D8-AE709D01B7A5} (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{62D82EC1-0D3A-DF54-8E3E-07E1337A5311} (PUP.Optional.SilentInstall.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\WsysSvc (PUP.Optional.Esafe.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\DealPlyLive (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\DataMngr (PUP.Optional.DataMngr) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\delta LTD (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\BabSolution\Redir (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\babylontoolbar (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\DealPlyLive (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 2
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0Z1N1J -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\WsysSvc|ImagePath (PUP.Optional.Esafe.A) -> Daten: C:\ProgramData\eSafe\eGdpSvc.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.SProtect.A) -> Bösartig: (c:\progra~2\savesh~1\sprote~1.dll) Gut: () -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.SProtect.A) -> Bösartig: (c:\progra~2\websea~1\sprote~1.dll) Gut: () -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 17
C:\Users\Pc\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\DealPlyLive (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\DealPlyLive\Update (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\DealPlyLive\Update\Log (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\Dealply (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\Dealply\UpdateProc (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\DealPlyLive (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\DealPlyLive\CrashReports (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\BetterSoft\OptimizerPro (PUP.Optional.OptimizerPro.A) -> Löschen bei Neustart.
C:\ProgramData\BetterSoft\OptimizerPro\3036567561 (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\OpenCandy\10B8B2A652974DEB8CBB517F778E800C (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\OpenCandy\B08D66AD1AAD4A8A8917EAB388BAB620 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\OpenCandy\EF4833E6F0FB442DB212FE532220C845 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Local\DealPlyLive (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Local\DealPlyLive\CrashReports (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 37
C:\Program Files (x86)\SaveShare\sprotector.dll (PUP.Optional.SProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\WebSearch\sprotector.dll (PUP.Optional.SProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\savenshaarrea\520b83c1263a1.dll (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\savenshaarrea\520b83479088f.dll (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\saveNshaRRe\520b81d74144a.dll (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\FRST\Quarantine\cache.dat (Trojan.FakeAlert.RRE) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\{35F6E892-3301-4F90-AD7B-7B23EE15CA64}\Setup.exe (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\{35F6E892-3301-4F90-AD7B-7B23EE15CA64}\TsuDll.dll (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\{79FAFF69-6456-4564-A78F-2C74A219DD9F}\Setup.exe (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\{79FAFF69-6456-4564-A78F-2C74A219DD9F}\TsuDll.dll (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\{A4FD514D-7D93-4B7B-A990-35B17F1E73BB}\Setup.exe (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\{A4FD514D-7D93-4B7B-A990-35B17F1E73BB}\TsuDll.dll (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\savenshaarrea\uninstall.exe (PUP.Optional.SilentInstall.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\saveNshaRRe\uninstall.exe (PUP.Optional.SilentInstall.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\Dealply\UpdateProc\UpdateTask.exe (PUP.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\OpenCandy\EF4833E6F0FB442DB212FE532220C845\DeltaTB.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\Downloads\video.hd.zip (Trojan.FakeAlert.RRE) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files (x86)\SaveShare\sprotector.dll (PUP.Optional.SProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files (x86)\WebSearch\sprotector.dll (PUP.Optional.SProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\eSafe\eGdpSvc.exe (PUP.Optional.Esafe.A) -> Löschen bei Neustart.
C:\Windows\Tasks\schedule!3036567561.job (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\DealPlyLive\Update\Log\DealPlyLive.log (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\Dealply\UpdateProc\config.dat (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\Dealply\UpdateProc\STTL.DAT (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\Dealply\UpdateProc\TTL.DAT (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\BetterSoft\OptimizerPro\3036567561.ini (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe (PUP.Optional.OptimizerPro.A) -> Löschen bei Neustart.
C:\Users\Pc\AppData\Roaming\OpenCandy\10B8B2A652974DEB8CBB517F778E800C\Installer.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pc\AppData\Roaming\OpenCandy\B08D66AD1AAD4A8A8917EAB388BAB620\speedupmypcDE.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro\Custom.dll (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro\Readme.txt (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro\Setup.dat (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro\Setup.exe (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro\Setup.ico (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro\TsuDll.dll (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro\_Setup.dll (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
Malware-Logfile

Code:
ATTFilter
# AdwCleaner v3.001 - Report created 31/08/2013 at 13:03:45
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Pc - PC-PC
# Running from : G:\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : winzipersvc

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BetterSoft
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\savenshaarrea
Folder Deleted : C:\ProgramData\saveNshaRRe
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\savenshaarrea
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\saveNshaRRe
Folder Deleted : C:\Program Files (x86)\DealPly
Folder Deleted : C:\Program Files (x86)\optimizer pro
Folder Deleted : C:\Program Files (x86)\WebSearch
Folder Deleted : C:\Program Files (x86)\WinZipper
Folder Deleted : C:\Users\Pc\AppData\Roaming\DSite
Folder Deleted : C:\Users\Pc\AppData\Roaming\WinZipper
Folder Deleted : C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\paigdpbplbcipjjimkahdflpecckmhip
Folder Deleted : C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnbeicpllklbeeehbdebfkdndlgace
File Deleted : C:\END
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml
File Deleted : C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\jsvdjfs6.default-1377179460559\searchplugins\Web Search.xml
File Deleted : C:\Windows\Tasks\Dealply.job
File Deleted : C:\Windows\System32\Tasks\Dealply

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_4e24eecb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_703c874a
Key Deleted : HKLM\SOFTWARE\e28b8fb638ea15
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\delta-homesSoftware
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\Software\qvo6Software
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\Uniblue\DriverScanner
Key Deleted : HKLM\Software\V9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v23.0.1 (de)

[ File : C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\jsvdjfs6.default-1377179460559\prefs.js ]

Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Line Deleted : user_pref("aol_toolbar.default.search.check", false);
Line Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Line Deleted : user_pref("browser.search.order.1", "delta-homes");
Line Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=aeca5b68-2695-618a-1dec-95579543dcb2&searchtype=hp&fr=linkury-tb&installDate=23/08/2013&ty[...]
Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Line Deleted : user_pref("extensions.helperbar.Visibility", true);
Line Deleted : user_pref("extensions.helperbar.countryiso", "de");
Line Deleted : user_pref("extensions.helperbar.downloadprovider", "yahoooc");
Line Deleted : user_pref("extensions.helperbar.installationid", "aeca5b68-2695-618a-1dec-95579543dcb2");
Line Deleted : user_pref("extensions.helperbar.installdate", "23/08/2013");
Line Deleted : user_pref("extensions.helperbar.publisher", "yahoooc");
Line Deleted : user_pref("extensions.helperbar.type", "hp1000");
Line Deleted : user_pref("keyword.URL", "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=aeca5b68-2695-618a-1dec-95579543dcb2&searchtype=ds&fr=linkury-tb&installDate=23/08/2013&type=hp1000&p="[...]
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Google Chrome v

[ File : C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [12654 octets] - [31/08/2013 13:03:09]
AdwCleaner[S0].txt - [9195 octets] - [31/08/2013 13:03:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9255 octets] ##########
         
Adw Logfile

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.6 (08.30.2013:1)
OS: Windows 7 Professional x64
Ran by Pc on 31.08.2013 at 13:13:43,92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\lyricspal
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\uniblue



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\saveshare"



~~~ FireFox

Emptied folder: C:\Users\Pc\AppData\Roaming\mozilla\firefox\profiles\jsvdjfs6.default-1377179460559\minidumps [4 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.08.2013 at 13:21:43,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2013 01
Ran by Pc (administrator) on PC-PC on 31-08-2013 13:31:22
Running from G:\
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

==================== Registry (Whitelisted) ==================

HKCU\...\Run: [Steam] - E:\Steam\Steam.exe [1811880 2013-08-28] (Valve Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [CCleaner] - C:\Program Files\CCleaner\CCleaner64.exe [6185240 2013-06-19] (Piriform Ltd)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] - E:\Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=WDCXWD5000AACS-00ZUB0_WD-WCASU602520225202&ts=1377179147
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=WDCXWD5000AACS-00ZUB0_WD-WCASU602520225202&ts=1377179147
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Office\Office12\GR469A~1.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Office\Office12\GRA32A~1.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\Office\Office12\GR469A~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\jsvdjfs6.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Pc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome: 
=======
CHR Extension: (savenshaarrea ) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpiecnejkncpcoccmhdhkkggpdkefpme\1
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - \User Data\Default\Extensions\newtab.crx

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [476936 2013-08-06] (BitRaider, LLC)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S3 Microsoft Office Groove Audit Service; E:\Office\Office12\GrooveAuditService.exe [65824 2006-10-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-17] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-17] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-17] ()
R1 BSMEM; C:\Windows\system32\drivers\BSMEM.sys [29344 2012-07-26] (BIOSTAR Group)
R1 BSMEM; C:\Windows\system32\drivers\BSMEM.sys [29344 2012-07-26] (BIOSTAR Group)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [x]
S3 BSMI; \??\C:\Program Files (x86)\Tseries BIOS Update\BSMIx64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-31 13:13 - 2013-08-31 13:13 - 00000000 ____D C:\Windows\ERUNT
2013-08-31 13:07 - 2013-08-31 13:31 - 00013308 _____ C:\Windows\WindowsUpdate.log
2013-08-31 13:03 - 2013-08-31 13:03 - 00000000 ____D C:\AdwCleaner
2013-08-31 12:02 - 2013-08-31 12:02 - 00001122 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-31 12:02 - 2013-08-31 12:02 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Malwarebytes
2013-08-31 12:02 - 2013-08-31 12:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-31 12:02 - 2013-08-31 12:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-31 12:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-30 22:12 - 2013-08-30 22:12 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2013-08-30 22:09 - 2013-08-30 22:09 - 00002222 _____ C:\Users\Public\Desktop\AION Free-To-Play.lnk
2013-08-30 22:09 - 2013-08-30 22:09 - 00000000 ____D C:\Program Files (x86)\Gameforge
2013-08-30 22:00 - 2013-08-30 22:06 - 145138568 _____ (Gameforge) C:\Users\Pc\Downloads\setup_20120224.exe
2013-08-30 21:53 - 2013-08-30 21:53 - 02432824 _____ (NCSOFT Corporation) C:\Users\Pc\Downloads\nclauncher_3_20130812.exe
2013-08-30 21:50 - 2013-08-30 21:51 - 19328880 _____ (Gameforge                                                   ) C:\Users\Pc\Downloads\AION_GameforgeLiveSetup.exe
2013-08-29 19:13 - 2013-08-29 19:13 - 00000000 ____D C:\FRST
2013-08-29 17:18 - 2013-08-29 17:18 - 00001931 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-25 17:07 - 2013-08-26 12:13 - 00000000 ____D C:\Users\Pc\AppData\Local\Unity
2013-08-25 11:29 - 2013-08-25 15:39 - 00000000 ____D C:\Users\Pc\AppData\Roaming\GetRightToGo
2013-08-25 08:35 - 2013-08-30 22:08 - 00000000 ____D C:\Users\Pc\AppData\Roaming\IDM
2013-08-25 08:35 - 2013-08-25 09:03 - 00000000 ____D C:\Users\Pc\AppData\Roaming\DMCache
2013-08-25 08:35 - 2013-08-25 08:35 - 00000000 ____D C:\ProgramData\IDM
2013-08-25 08:34 - 2013-08-25 09:04 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2013-08-24 13:37 - 2013-08-24 13:37 - 00000561 _____ C:\Users\Pc\Desktop\Pictures - Verknüpfung.lnk
2013-08-24 13:36 - 2013-08-24 13:36 - 00000000 ____D C:\Users\Pc\Desktop\Video
2013-08-24 06:56 - 2013-08-24 06:56 - 00000000 ____D C:\Windows\system32\appmgmt
2013-08-23 19:34 - 2013-08-25 09:11 - 00000386 _____ C:\Users\Pc\Documents\eurotrucks2.CT
2013-08-23 19:27 - 2013-08-23 19:27 - 00001098 _____ C:\Users\Pc\Desktop\Cheat Engine.lnk
2013-08-23 19:27 - 2013-08-23 19:27 - 00000000 ____D C:\Users\Pc\Documents\My Cheat Tables
2013-08-23 19:27 - 2013-08-23 19:27 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-08-22 16:45 - 2013-08-22 16:45 - 00000054 _____ C:\Users\Pc\AppData\Roaming\WB.CFG
2013-08-22 16:45 - 2013-08-22 16:45 - 00000005 _____ C:\Users\Pc\AppData\Roaming\WBPU-TTL.DAT
2013-08-22 15:51 - 2013-08-22 15:51 - 00000000 ____D C:\Users\Pc\Desktop\Alte Firefox-Daten
2013-08-22 15:45 - 2013-08-22 15:45 - 00000000 ____D C:\User Data
2013-08-18 21:33 - 2013-08-18 21:33 - 00000000 ____D C:\Users\Pc\AppData\Local\avgchrome
2013-08-18 21:24 - 2013-08-18 21:33 - 00000000 ____D C:\ProgramData\Freemake
2013-08-18 21:24 - 2013-08-18 21:24 - 00000000 ____D C:\Users\Pc\Documents\Freemake
2013-08-18 21:23 - 2013-08-18 21:33 - 00000000 ____D C:\Program Files (x86)\Freemake
2013-08-18 20:45 - 2013-08-18 20:57 - 02724828 _____ C:\Users\Pc\Documents\08 16 Dollars.wma
2013-08-18 20:31 - 2013-08-18 20:41 - 04583358 _____ C:\Users\Pc\Documents\06 7 Shots.wma
2013-08-17 16:30 - 2013-08-17 22:42 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Kalypso Media
2013-08-17 16:25 - 2013-08-17 16:25 - 00000000 ____D C:\Program Files (x86)\Kalypso Media
2013-08-17 16:22 - 2013-08-18 22:15 - 01589618 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-17 16:06 - 2013-08-17 16:06 - 00000760 _____ C:\Users\Pc\Desktop\Landwirtschafts Simulator 2011 .lnk
2013-08-17 08:55 - 2013-08-17 13:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-15 11:11 - 2013-08-15 11:11 - 00000000 ____D C:\Users\Pc\AppData\Local\Risen2
2013-08-15 11:06 - 2013-08-15 11:06 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-14 15:33 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 15:33 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 15:33 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 15:33 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 15:33 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 15:33 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 15:33 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 15:33 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 15:33 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 15:33 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 15:33 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 15:33 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 15:11 - 2013-08-14 15:11 - 00000000 ____D C:\Users\Pc\AppData\Local\Google
2013-08-14 13:44 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 13:44 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 13:44 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 13:44 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 13:44 - 2013-07-09 16:51 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 13:44 - 2013-07-09 16:51 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2013-08-14 13:44 - 2013-07-09 16:47 - 01472000 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 13:44 - 2013-07-09 16:47 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 13:44 - 2013-07-09 16:47 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 13:44 - 2013-07-09 16:02 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 13:44 - 2013-07-09 16:01 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2013-08-14 13:44 - 2013-07-09 15:57 - 01167360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 13:44 - 2013-07-09 15:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 13:44 - 2013-07-09 15:57 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 13:44 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 13:44 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 13:44 - 2013-07-08 07:22 - 05554624 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 13:44 - 2013-07-08 07:20 - 01737688 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 13:44 - 2013-07-08 07:18 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-08-14 13:44 - 2013-07-08 07:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 13:44 - 2013-07-08 07:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-08-14 13:44 - 2013-07-08 07:18 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-08-14 13:44 - 2013-07-08 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-08-14 13:44 - 2013-07-08 07:14 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-08-14 13:44 - 2013-07-08 07:14 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-08-14 13:44 - 2013-07-08 07:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:08 - 03973056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 13:44 - 2013-07-08 07:08 - 03918272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 13:44 - 2013-07-08 07:06 - 01296312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 13:44 - 2013-07-08 07:05 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-08-14 13:44 - 2013-07-08 07:05 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-08-14 13:44 - 2013-07-08 07:05 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 05:31 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2013-08-14 13:44 - 2013-07-08 05:31 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2013-08-14 13:44 - 2013-07-08 05:31 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2013-08-14 13:44 - 2013-07-08 05:12 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-08-14 13:44 - 2013-07-08 05:07 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 13:44 - 2013-07-08 05:07 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 13:44 - 2013-07-08 05:07 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 13:44 - 2013-07-08 05:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 13:44 - 2013-07-08 05:02 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 05:02 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 05:02 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 05:02 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 04:50 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-08-14 13:44 - 2013-07-06 07:20 - 01900992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 13:44 - 2013-07-06 07:20 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2013-08-14 13:44 - 2013-07-06 07:20 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-08-14 13:44 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-10 17:17 - 2013-08-10 17:17 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-08-10 10:05 - 2013-08-10 10:05 - 00000641 _____ C:\Users\Pc\Documents\Uninstall STAR WARS The Old Republic.log
2013-08-10 10:04 - 2013-08-30 21:43 - 00000000 ____D C:\Program Files (x86)\plaync
2013-08-09 17:25 - 2013-08-09 17:25 - 00000000 ____D C:\Users\Pc\AppData\Local\Chromium
2013-08-07 19:23 - 2013-08-07 19:23 - 00000025 _____ C:\Users\Pc\Desktop\options.ini
2013-08-07 19:23 - 2013-07-09 02:47 - 00575029 _____ C:\Users\Pc\Desktop\left4uncut.exe
2013-08-06 22:06 - 2013-08-10 10:06 - 00000000 ____D C:\ProgramData\BitRaider
2013-08-06 22:06 - 2013-08-06 22:06 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2013-08-06 22:05 - 2013-08-06 22:05 - 00000000 ____D C:\Users\Pc\AppData\Local\SWTORPerf
2013-08-06 21:56 - 2013-08-06 21:57 - 00016608 _____ C:\Users\Pc\Documents\Install STAR WARS The Old Republic.log
2013-08-06 21:56 - 2013-08-06 21:56 - 00000000 ____D C:\Users\hedev
2013-08-06 19:42 - 2013-08-06 22:20 - 00000000 ____D C:\Users\Pc\AppData\Roaming\TS3Client
2013-08-06 19:42 - 2013-08-06 19:42 - 00001175 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-08-06 19:42 - 2013-08-06 19:42 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-08-06 19:39 - 2013-08-16 08:59 - 00000169 _____ C:\Users\Pc\Desktop\Microcomandos.txt
2013-08-04 20:26 - 2013-08-04 20:26 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-08-02 12:21 - 2013-08-02 12:21 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\gamigo

==================== One Month Modified Files and Folders =======

2013-08-31 13:22 - 2013-07-30 07:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-31 13:21 - 2013-08-31 13:21 - 00001250 _____ C:\Users\Pc\Desktop\JRT.txt
2013-08-31 13:13 - 2013-08-31 13:13 - 00000000 ____D C:\Windows\ERUNT
2013-08-31 13:12 - 2009-07-14 06:45 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-31 13:12 - 2009-07-14 06:45 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-31 13:06 - 2013-07-17 16:24 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-08-31 13:05 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-31 13:03 - 2013-08-31 13:03 - 00000000 ____D C:\AdwCleaner
2013-08-31 13:03 - 2013-07-17 01:34 - 00000998 _____ C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-31 13:00 - 2013-07-29 20:50 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Skype
2013-08-31 12:05 - 2011-04-12 09:43 - 00696832 _____ C:\Windows\system32\perfh007.dat
2013-08-31 12:05 - 2011-04-12 09:43 - 00148128 _____ C:\Windows\system32\perfc007.dat
2013-08-31 12:05 - 2009-07-14 07:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-31 12:02 - 2013-08-31 12:02 - 00001122 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-31 12:02 - 2013-08-31 12:02 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Malwarebytes
2013-08-31 12:02 - 2013-08-31 12:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-31 12:02 - 2013-08-31 12:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-31 08:09 - 2013-07-30 15:23 - 00000000 ____D C:\Users\Pc\Documents\Euro Truck Simulator 2
2013-08-30 22:12 - 2013-08-30 22:12 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2013-08-30 22:09 - 2013-08-30 22:09 - 00002222 _____ C:\Users\Public\Desktop\AION Free-To-Play.lnk
2013-08-30 22:09 - 2013-08-30 22:09 - 00000000 ____D C:\Program Files (x86)\Gameforge
2013-08-30 22:08 - 2013-08-25 08:35 - 00000000 ____D C:\Users\Pc\AppData\Roaming\IDM
2013-08-30 22:08 - 2013-07-17 02:23 - 00000000 ____D C:\Windows\Panther
2013-08-30 22:06 - 2013-08-30 22:00 - 145138568 _____ (Gameforge) C:\Users\Pc\Downloads\setup_20120224.exe
2013-08-30 21:53 - 2013-08-30 21:53 - 02432824 _____ (NCSOFT Corporation) C:\Users\Pc\Downloads\nclauncher_3_20130812.exe
2013-08-30 21:51 - 2013-08-30 21:50 - 19328880 _____ (Gameforge                                                   ) C:\Users\Pc\Downloads\AION_GameforgeLiveSetup.exe
2013-08-30 21:43 - 2013-08-10 10:04 - 00000000 ____D C:\Program Files (x86)\plaync
2013-08-29 19:13 - 2013-08-29 19:13 - 00000000 ____D C:\FRST
2013-08-29 17:18 - 2013-08-29 17:18 - 00001931 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-29 17:18 - 2013-07-17 16:24 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-08-26 12:13 - 2013-08-25 17:07 - 00000000 ____D C:\Users\Pc\AppData\Local\Unity
2013-08-25 15:39 - 2013-08-25 11:29 - 00000000 ____D C:\Users\Pc\AppData\Roaming\GetRightToGo
2013-08-25 09:11 - 2013-08-23 19:34 - 00000386 _____ C:\Users\Pc\Documents\eurotrucks2.CT
2013-08-25 09:04 - 2013-08-25 08:34 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2013-08-25 09:03 - 2013-08-25 08:35 - 00000000 ____D C:\Users\Pc\AppData\Roaming\DMCache
2013-08-25 08:35 - 2013-08-25 08:35 - 00000000 ____D C:\ProgramData\IDM
2013-08-24 13:37 - 2013-08-24 13:37 - 00000561 _____ C:\Users\Pc\Desktop\Pictures - Verknüpfung.lnk
2013-08-24 13:36 - 2013-08-24 13:36 - 00000000 ____D C:\Users\Pc\Desktop\Video
2013-08-24 06:56 - 2013-08-24 06:56 - 00000000 ____D C:\Windows\system32\appmgmt
2013-08-23 19:27 - 2013-08-23 19:27 - 00001098 _____ C:\Users\Pc\Desktop\Cheat Engine.lnk
2013-08-23 19:27 - 2013-08-23 19:27 - 00000000 ____D C:\Users\Pc\Documents\My Cheat Tables
2013-08-23 19:27 - 2013-08-23 19:27 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-08-22 21:33 - 2011-02-19 23:03 - 00421032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-08-22 21:33 - 2011-02-19 00:40 - 00773800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-08-22 16:45 - 2013-08-22 16:45 - 00000054 _____ C:\Users\Pc\AppData\Roaming\WB.CFG
2013-08-22 16:45 - 2013-08-22 16:45 - 00000005 _____ C:\Users\Pc\AppData\Roaming\WBPU-TTL.DAT
2013-08-22 15:51 - 2013-08-22 15:51 - 00000000 ____D C:\Users\Pc\Desktop\Alte Firefox-Daten
2013-08-22 15:45 - 2013-08-22 15:45 - 00000000 ____D C:\User Data
2013-08-18 22:15 - 2013-08-17 16:22 - 01589618 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-18 21:33 - 2013-08-18 21:33 - 00000000 ____D C:\Users\Pc\AppData\Local\avgchrome
2013-08-18 21:33 - 2013-08-18 21:24 - 00000000 ____D C:\ProgramData\Freemake
2013-08-18 21:33 - 2013-08-18 21:23 - 00000000 ____D C:\Program Files (x86)\Freemake
2013-08-18 21:24 - 2013-08-18 21:24 - 00000000 ____D C:\Users\Pc\Documents\Freemake
2013-08-18 20:57 - 2013-08-18 20:45 - 02724828 _____ C:\Users\Pc\Documents\08 16 Dollars.wma
2013-08-18 20:41 - 2013-08-18 20:31 - 04583358 _____ C:\Users\Pc\Documents\06 7 Shots.wma
2013-08-18 09:13 - 2013-07-22 07:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-17 22:42 - 2013-08-17 16:30 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Kalypso Media
2013-08-17 16:37 - 2013-07-18 22:42 - 00000000 ____D C:\Users\Pc\Documents\My Games
2013-08-17 16:25 - 2013-08-17 16:25 - 00000000 ____D C:\Program Files (x86)\Kalypso Media
2013-08-17 16:06 - 2013-08-17 16:06 - 00000760 _____ C:\Users\Pc\Desktop\Landwirtschafts Simulator 2011 .lnk
2013-08-17 13:52 - 2013-08-17 08:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 08:59 - 2013-08-06 19:39 - 00000169 _____ C:\Users\Pc\Desktop\Microcomandos.txt
2013-08-16 08:59 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-08-15 11:11 - 2013-08-15 11:11 - 00000000 ____D C:\Users\Pc\AppData\Local\Risen2
2013-08-15 11:06 - 2013-08-15 11:06 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-14 15:27 - 2013-07-18 23:16 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 15:25 - 2013-07-17 02:53 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-14 15:11 - 2013-08-14 15:11 - 00000000 ____D C:\Users\Pc\AppData\Local\Google
2013-08-10 17:17 - 2013-08-10 17:17 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-08-10 17:17 - 2013-07-17 01:33 - 00000000 ____D C:\Users\Pc
2013-08-10 10:06 - 2013-08-06 22:06 - 00000000 ____D C:\ProgramData\BitRaider
2013-08-10 10:05 - 2013-08-10 10:05 - 00000641 _____ C:\Users\Pc\Documents\Uninstall STAR WARS The Old Republic.log
2013-08-09 17:25 - 2013-08-09 17:25 - 00000000 ____D C:\Users\Pc\AppData\Local\Chromium
2013-08-07 19:23 - 2013-08-07 19:23 - 00000025 _____ C:\Users\Pc\Desktop\options.ini
2013-08-06 22:44 - 2013-07-17 16:26 - 00000000 ____D C:\Program Files\CCleaner
2013-08-06 22:20 - 2013-08-06 19:42 - 00000000 ____D C:\Users\Pc\AppData\Roaming\TS3Client
2013-08-06 22:06 - 2013-08-06 22:06 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2013-08-06 22:05 - 2013-08-06 22:05 - 00000000 ____D C:\Users\Pc\AppData\Local\SWTORPerf
2013-08-06 21:57 - 2013-08-06 21:56 - 00016608 _____ C:\Users\Pc\Documents\Install STAR WARS The Old Republic.log
2013-08-06 21:56 - 2013-08-06 21:56 - 00000000 ____D C:\Users\hedev
2013-08-06 19:42 - 2013-08-06 19:42 - 00001175 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-08-06 19:42 - 2013-08-06 19:42 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-08-04 20:26 - 2013-08-04 20:26 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-08-02 12:21 - 2013-08-02 12:21 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\gamigo

Files to move or delete:
====================
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\Setup.exe
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\VisualCRT\vc2008redist_x86.exe
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\DirectX\DSETUP.dll
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\DirectX\dsetup32.dll
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\DirectX\DXSETUP.exe
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\data\Star Wars - The Old Republic Uninstaller.exe
C:\Users\Pc\AppData\Local\Temp\Quarantine.exe
C:\Users\Pc\AppData\Local\Temp\{2BD717D7-ED1B-47A7-833B-676E0025335C}\InstallshieldWebClient.dll
C:\Users\Pc\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2012-05-09 17:14] - [2012-05-09 17:14] - 0391168 ____A (Microsoft Corporation) EC5BD25A41E9B633CB39120DBB0939DC

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2012-05-09 17:53] - [2012-05-09 17:53] - 2872320 ____A (Microsoft Corporation) A27FB0CA2971BEC02595902A9FD35D6D

C:\Windows\SysWOW64\explorer.exe
[2012-05-09 17:53] - [2012-05-09 17:53] - 2616320 ____A (Microsoft Corporation) 82B49E32080BF5C469BF877C473B15EB

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2012-05-09 17:23] - [2012-05-09 17:23] - 1008128 ____A (Microsoft Corporation) 7FB4D54B502C6CF2E35B8188FA4CC08C

C:\Windows\SysWOW64\User32.dll
[2012-05-09 17:23] - [2012-05-09 17:23] - 0833024 ____A (Microsoft Corporation) 9B836EE76E3A99052EF6DEA52B41D1BE

C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2012-05-09 17:24] - [2012-05-09 17:24] - 0296816 ____A (Microsoft Corporation) ABFECA99D72CE81E5C3612861F03B0CA



LastRegBack: 2013-08-24 07:16

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2013 01
Ran by Pc at 2013-08-31 13:31:46
Running from G:\
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)
AION Free-To-Play (x32 Version: 2.70.0000)
Aliens: Colonial Marines (x32)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.80328.2204)
avast! Free Antivirus (x32 Version: 8.0.1489.0)
BitRaider Web Client (x32 Version: 1.1.8.1)
Bulletstorm (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225)
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225)
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225)
CCC Help Czech (x32 Version: 2013.0328.2217.38225)
CCC Help Danish (x32 Version: 2013.0328.2217.38225)
CCC Help Dutch (x32 Version: 2013.0328.2217.38225)
CCC Help English (x32 Version: 2013.0328.2217.38225)
CCC Help Finnish (x32 Version: 2013.0328.2217.38225)
CCC Help French (x32 Version: 2013.0328.2217.38225)
CCC Help German (x32 Version: 2013.0328.2217.38225)
CCC Help Greek (x32 Version: 2013.0328.2217.38225)
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225)
CCC Help Italian (x32 Version: 2013.0328.2217.38225)
CCC Help Japanese (x32 Version: 2013.0328.2217.38225)
CCC Help Korean (x32 Version: 2013.0328.2217.38225)
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225)
CCC Help Polish (x32 Version: 2013.0328.2217.38225)
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225)
CCC Help Russian (x32 Version: 2013.0328.2217.38225)
CCC Help Spanish (x32 Version: 2013.0328.2217.38225)
CCC Help Swedish (x32 Version: 2013.0328.2217.38225)
CCC Help Thai (x32 Version: 2013.0328.2217.38225)
CCC Help Turkish (x32 Version: 2013.0328.2217.38225)
ccc-utility64 (Version: 2013.0328.2218.38225)
Cheat Engine 6.3 (x32)
Duke Nukem Forever (x32)
DUNGEONS Game of the Year edition (x32 Version: 1.3.3.0)
eaner (Version: 4.03)
Euro Truck Simulator 2 (x32 Version: 1.1.1)
F.E.A.R. 3 (x32)
Google Update Helper (x32 Version: 1.3.23.0)
Landwirtschafts Simulator 2011 (x32 Version: 1.0)
Left 4 Dead 2 (x32)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Security Scan Plus (x32 Version: 3.0.318.3)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
NC Launcher (GameForge) (x32)
NCLauncher (plaync) (x32)
NVIDIA PhysX (x32 Version: 9.10.0513)
Painkiller Hell & Damnation (x32)
Risen 2 - Dark Waters (x32)
Skype™ 6.6 (x32 Version: 6.6.106)
Star Wars: The Old Republic (x32 Version: 1.00)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (x32 Version: 3.0.11)
Unity Web Player (HKCU Version: 2.6.1f3_31223)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
VLC media player 2.0.7 (Version: 2.0.7)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
WinZipper (x32 Version: 1.4.8)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00E021FB-3621-4DC9-952F-F75CFD0ADF7B} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe No File
Task: {0E968A56-B1D4-4EC0-86E4-5E7B6EC8D0BC} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {222077B0-2C6A-44D8-A859-BF10F6190996} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {600201FA-5B7E-43AF-810F-F681AB7951BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-30] (Adobe Systems Incorporated)
Task: {8AE29DC0-5EA0-4449-98E8-C8C62C4E34B1} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2336365200-1394181775-1535421028-1000
Task: {8F1CC0C5-6A28-4FE1-B0D7-1493CE17AE9C} - \Dealply No Task File
Task: {D020CE08-47E0-4609-ADE3-02672C0504F2} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {F5A5640D-8592-44A4-BE14-94F7C243E186} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-03-29 04:37 - 2013-03-29 04:37 - 00139696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2013-03-29 04:37 - 2013-03-29 04:37 - 01155264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2013-03-29 04:36 - 2013-03-29 04:36 - 08272136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2013-07-17 16:23 - 2013-05-09 10:58 - 00302224 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\snxhk64.dll
2013-04-26 06:36 - 2013-04-26 06:36 - 09797768 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
2010-03-18 14:27 - 2010-03-18 14:27 - 00827744 _____ (Microsoft Corporation) C:\Windows\system32\MSVCR100_CLR0400.dll
2013-08-17 23:37 - 2013-08-17 23:37 - 19358208 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\cb653b6b8da0966098d70da98cba1ef3\mscorlib.ni.dll
2013-04-26 06:36 - 2013-04-26 06:36 - 00068760 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
2012-10-09 10:26 - 2012-10-09 10:26 - 01511000 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
2013-08-17 23:37 - 2013-08-17 23:37 - 11892224 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System\38cbf4b6872aa8f5e31d3421acdfd80d\System.ni.dll
2013-08-22 20:29 - 2013-08-22 20:29 - 02306560 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\f9a3db5c12a423c8452e4bc33f3bf2d8\System.Drawing.ni.dll
2013-08-22 20:30 - 2013-08-22 20:30 - 17355776 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\771380e1dd1d349f7b1de86f5a0ed713\System.Windows.Forms.ni.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00097792 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll
2013-03-28 22:13 - 2013-03-28 22:13 - 00031744 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00025088 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00048640 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00005632 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
2013-08-22 20:29 - 2013-08-22 20:29 - 00995328 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\f93d5d3b7b96ded7d494fb2e4cd231db\System.Runtime.Remoting.ni.dll
2013-08-22 20:27 - 2013-08-22 20:27 - 10440192 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\48c9534b3cc8f11403f0542d7933e15f\System.Core.ni.dll
2013-08-22 20:29 - 2013-08-22 20:29 - 15782912 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web\a689e5d1260a0772dbffda9cbf1b3545\System.Web.ni.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00022528 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll
2013-03-28 22:13 - 2013-03-28 22:13 - 00015872 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00061440 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00018432 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll
2013-08-22 20:27 - 2013-08-22 20:27 - 07062016 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\d71664672edd04f493a8cf12c3303019\System.Xml.ni.dll
2013-08-22 20:26 - 2013-08-22 20:26 - 01291264 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\cd54961311941c9b78206daf90177ea9\System.Configuration.ni.dll
2013-07-17 03:20 - 2013-07-17 03:20 - 00322400 _____ (Microsoft Corporation) C:\Windows\Microsoft.Net\assembly\GAC_MSIL\mscorlib.resources\v4.0_4.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00061440 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00038912 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00029696 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00005632 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00032768 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll
2012-11-07 07:08 - 2012-11-07 07:08 - 00188928 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00035328 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00006144 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00048128 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.CoreAudioAPI.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00007168 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll
2013-03-28 22:13 - 2013-03-28 22:13 - 00007168 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00006656 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00045056 _____ (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00016384 _____ (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00007168 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll
2013-03-29 03:35 - 2013-03-29 03:35 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGY.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00007168 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00005632 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00015360 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.A4.Runtime.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00010752 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.A4.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00009216 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00217088 _____ (Advanced Mirco Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00011776 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\A4.Foundation.dll
2013-08-22 20:30 - 2013-08-22 20:30 - 00281088 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\3db4bc1be7f86051097ec8bdd700a67f\System.ServiceProcess.ni.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00335872 _____ (Advanced Mirco Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00006144 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00005632 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00008704 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00006656 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
2013-08-22 20:28 - 2013-08-22 20:28 - 05237760 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\3b2b52955e90267a01173047fc345b4e\WindowsBase.ni.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00026112 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00009216 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00028672 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00045056 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00061440 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00057344 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.shared.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00005120 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00005120 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0706.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00057856 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00159744 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Runtime.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00032768 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00069632 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00053248 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00028672 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00005120 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00004608 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.shared.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00006656 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0703.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00110592 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00081920 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00004608 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1011.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00094208 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Runtime.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00065536 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll
2012-05-14 09:35 - 2012-05-14 09:35 - 00005120 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00013312 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00045056 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.shared.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00014336 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Runtime.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00008192 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00010752 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00013824 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Fuel.Foundation.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00011776 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Runtime.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00009216 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Shared.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00015872 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Runtime.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00013312 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Shared.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00019456 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Shared.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00012288 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00009216 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00067072 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00024576 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll
2013-07-17 03:20 - 2013-07-17 03:20 - 00438648 _____ (Microsoft Corporation) C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Windows.Forms.resources\v4.0_4.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00007680 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00005632 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00385024 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00037376 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00008192 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00036864 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll
2013-08-22 20:28 - 2013-08-22 20:28 - 15909376 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\f667ef84c6cbf994068667e5ad0e0115\PresentationCore.ni.dll
2013-08-22 20:29 - 2013-08-22 20:29 - 24411648 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\d7c8d42f4a18a45fe53870db95360cc4\PresentationFramework.ni.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 01443328 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll
2013-08-22 20:27 - 2013-08-22 20:27 - 02475520 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\97b58d8732145eb6a771324da836f0f0\System.Xaml.ni.dll
2013-07-23 13:35 - 2013-07-23 13:35 - 02154656 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll
2010-03-18 14:27 - 2010-03-18 14:27 - 01098096 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationNative_v0400.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00413696 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00175616 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll
2012-05-04 16:42 - 2012-05-04 16:42 - 00098304 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00035840 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WirelessDisplay.Graphics.Shared.dll
2013-03-28 22:13 - 2013-03-28 22:13 - 00545792 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Private.dll
2013-03-28 22:13 - 2013-03-28 22:13 - 00342528 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.default_Localization.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00008704 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.A4.Dashboard.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00176128 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 01097728 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00028672 _____ (Advanced Mirco Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00057344 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 01416192 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Dashboard.dll
2013-03-28 22:16 - 2013-03-28 22:16 - 00627712 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00369664 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00032768 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2013-03-28 22:16 - 2013-03-28 22:16 - 00393216 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 02498560 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00028672 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MultiVPU2.Graphics.Shared.dll
2013-03-28 22:16 - 2013-03-28 22:16 - 00217088 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
2013-03-28 22:16 - 2013-03-28 22:16 - 00021504 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll
2013-03-28 22:16 - 2013-03-28 22:16 - 00101888 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00045056 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Audio.Graphics.Dashboard.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00008704 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00008192 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Dashboard.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00040960 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Dashboard.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00008704 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll
2013-03-28 22:13 - 2013-03-28 22:13 - 00384512 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.de_Localization.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00311296 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Client.dll
2013-03-29 04:37 - 2013-03-29 04:37 - 00112440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2013-03-29 04:36 - 2013-03-29 04:36 - 06985624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2013-03-29 04:36 - 2013-03-29 04:36 - 05000320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2013-08-22 20:29 - 2013-08-22 20:29 - 00622592 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\5516952f66f039d116ca43e31ad8e423\PresentationFramework.Aero.ni.dll
2013-07-17 03:20 - 2013-07-17 03:20 - 00267648 _____ (Microsoft Corporation) C:\Windows\Microsoft.Net\assembly\GAC_MSIL\PresentationFramework.resources\v4.0_4.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
2013-07-17 03:20 - 2013-07-17 03:20 - 00230240 _____ (Microsoft Corporation) C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.resources\v4.0_4.0.0.0_de_b77a5c561934e089\System.resources.dll
2013-03-28 22:16 - 2013-03-28 22:16 - 00061952 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll
2013-03-28 22:16 - 2013-03-28 22:16 - 01351680 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.dll
2013-03-28 22:12 - 2013-03-28 22:12 - 00490496 _____ (Microsoft) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Microsoft.WindowsAPICodePack.Shell.dll
2013-03-28 22:12 - 2013-03-28 22:12 - 00083456 _____ (Microsoft) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Microsoft.WindowsAPICodePack.dll
2013-07-17 03:20 - 2013-07-17 03:20 - 00110960 _____ (Microsoft Corporation) C:\Windows\Microsoft.Net\assembly\GAC_MSIL\PresentationCore.resources\v4.0_4.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll
2013-08-22 20:34 - 2013-08-22 20:34 - 00337408 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\2e49157228533dff5a0e96fdd8f29317\WindowsFormsIntegration.ni.dll
2013-08-22 20:30 - 2013-08-22 20:30 - 00122368 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\UIAutomationProvider\5e25c6e63fe9de2f9f8056c9275a363e\UIAutomationProvider.ni.dll
2013-03-28 22:15 - 2013-03-28 22:15 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.dll
2013-07-17 16:23 - 2013-05-09 10:58 - 00133840 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\ashShA64.dll
2009-07-14 01:36 - 2009-07-14 03:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\sdautoplay.dll
2012-05-09 16:17 - 2012-05-09 16:17 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\SPP.dll
2010-11-21 05:24 - 2010-11-21 05:24 - 01753088 _____ (Microsoft Corporation) C:\Windows\system32\VSSAPI.DLL
2009-07-14 01:36 - 2009-07-14 03:41 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\VssTrace.DLL
2010-11-21 05:25 - 2010-11-21 05:25 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2010-11-21 05:24 - 2010-11-21 05:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2012-05-09 16:50 - 2012-05-09 16:50 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll

==================== Alternate Data Streams (whitelisted) ==========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720


==================== Faulty Device Manager Devices =============

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 30%
Total physical RAM: 4095.24 MB
Available physical RAM: 2831.63 MB
Total Pagefile: 8188.67 MB
Available Pagefile: 6620.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Windows 7) (Fixed) (Total:44.58 GB) (Free:2 GB) NTFS
Drive d: (Speicher) (Fixed) (Total:298.34 GB) (Free:280.66 GB) NTFS
Drive e: (Spiele) (Fixed) (Total:122.74 GB) (Free:53.75 GB) NTFS
Drive g: (INTENSO) (Removable) (Total:3.61 GB) (Free:2.71 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E7C775AB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=45 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=123 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=4 GB) - (Type=06)

==================== End Of Log ============================
         

Alt 31.08.2013, 14:25   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Weißer Bildschirm  - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten - Standard

Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 31.08.2013, 17:25   #9
Aneliera
 
Weißer Bildschirm  - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten - Standard

Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=40f96fe03c98a74b865f1f79014cdf80
# engine=14965
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-31 03:35:26
# local_time=2013-08-31 05:35:26 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 91 3892274 154673198 0 0
# compatibility_mode=5893 16776573 100 94 15446 129593176 0 0
# scanned=214818
# found=3
# cleaned=0
# scan_time=3015
sh=9474B17763E295CABFA6EE26867FCB38DCCD898A ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnbeicpllklbeeehbdebfkdndlgace\1\520b81d7412629.54805833.js.vir"
sh=634974BE2F6C8BEC5330DEFE405949C7D11E340D ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\paigdpbplbcipjjimkahdflpecckmhip\1\520b83c1261943.23681405.js.vir"
sh=3355BBEAB8839248B30E8E835156157F35BCF918 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpiecnejkncpcoccmhdhkkggpdkefpme\1\520b8347906484.29885416.js"
         
Code:
ATTFilter
 unsupported operating system! Aborted!
         

Alt 31.08.2013, 20:44   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Weißer Bildschirm  - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten - Standard

Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten



Chrome deinstallieren, keine Daten behalten, neu installieren.

Frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.09.2013, 15:16   #11
Aneliera
 
Weißer Bildschirm  - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten - Standard

Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2013 01
Ran by SYSTEM on MININT-93T6N9S on 01-09-2013 16:12:10
Running from H:\
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] - "E:\Office\Office12\GrooveMonitor.exe" [x]
HKU\Pc\...\Run: [Steam] - "E:\Steam\Steam.exe" -silent [x]
HKU\Pc\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKU\Pc\...\Run: [CCleaner] - C:\Program Files\CCleaner\CCleaner64.exe [6185240 2013-06-19] (Piriform Ltd)

==================== Services (Whitelisted) =================

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [476936 2013-08-06] (BitRaider, LLC)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S3 Microsoft Office Groove Audit Service; E:\Office\Office12\GrooveAuditService.exe [x]

==================== Drivers (Whitelisted) ====================

S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-17] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-17] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-17] ()
S1 BSMEM; C:\Windows\system32\drivers\BSMEM.sys [29344 2012-07-26] (BIOSTAR Group)
S1 BSMEM; C:\Windows\system32\drivers\BSMEM.sys [29344 2012-07-26] (BIOSTAR Group)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [x]
S3 BSMI; \??\C:\Program Files (x86)\Tseries BIOS Update\BSMIx64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-01 12:21 - 2013-09-01 12:21 - 00000000 _____ C:\Windows\setuperr.log
2013-09-01 11:34 - 2013-09-01 14:53 - 00019067 _____ C:\Windows\WindowsUpdate.log
2013-08-31 12:21 - 2013-08-31 12:21 - 00001250 _____ C:\Users\Pc\Desktop\JRT.txt
2013-08-31 12:13 - 2013-08-31 12:13 - 00000000 ____D C:\Windows\ERUNT
2013-08-31 12:03 - 2013-08-31 12:03 - 00000000 ____D C:\AdwCleaner
2013-08-31 11:02 - 2013-08-31 11:02 - 00001122 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-31 11:02 - 2013-08-31 11:02 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Malwarebytes
2013-08-31 11:02 - 2013-08-31 11:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-31 11:02 - 2013-08-31 11:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-31 11:02 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-08-30 21:12 - 2013-08-30 21:12 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2013-08-30 21:09 - 2013-08-30 21:09 - 00002222 _____ C:\Users\Public\Desktop\AION Free-To-Play.lnk
2013-08-30 21:09 - 2013-08-30 21:09 - 00000000 ____D C:\Program Files (x86)\Gameforge
2013-08-30 21:00 - 2013-08-30 21:06 - 145138568 _____ (Gameforge) C:\Users\Pc\Downloads\setup_20120224.exe
2013-08-30 20:53 - 2013-08-30 20:53 - 02432824 _____ (NCSOFT Corporation) C:\Users\Pc\Downloads\nclauncher_3_20130812.exe
2013-08-30 20:50 - 2013-08-30 20:51 - 19328880 _____ (Gameforge                                                   ) C:\Users\Pc\Downloads\AION_GameforgeLiveSetup.exe
2013-08-29 18:13 - 2013-08-29 18:13 - 00000000 ____D C:\FRST
2013-08-29 16:18 - 2013-08-29 16:18 - 00001931 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-25 16:07 - 2013-08-26 11:13 - 00000000 ____D C:\Users\Pc\AppData\Local\Unity
2013-08-25 10:29 - 2013-08-25 14:39 - 00000000 ____D C:\Users\Pc\AppData\Roaming\GetRightToGo
2013-08-25 07:35 - 2013-08-30 21:08 - 00000000 ____D C:\Users\Pc\AppData\Roaming\IDM
2013-08-25 07:35 - 2013-08-25 08:03 - 00000000 ____D C:\Users\Pc\AppData\Roaming\DMCache
2013-08-25 07:35 - 2013-08-25 07:35 - 00000000 ____D C:\ProgramData\IDM
2013-08-25 07:34 - 2013-08-25 08:04 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2013-08-24 12:37 - 2013-08-24 12:37 - 00000561 _____ C:\Users\Pc\Desktop\Pictures - Verknüpfung.lnk
2013-08-24 05:56 - 2013-08-24 05:56 - 00000000 ____D C:\Windows\System32\appmgmt
2013-08-23 18:34 - 2013-08-25 08:11 - 00000386 _____ C:\Users\Pc\Documents\eurotrucks2.CT
2013-08-23 18:27 - 2013-08-23 18:27 - 00001098 _____ C:\Users\Pc\Desktop\Cheat Engine.lnk
2013-08-23 18:27 - 2013-08-23 18:27 - 00000000 ____D C:\Users\Pc\Documents\My Cheat Tables
2013-08-23 18:27 - 2013-08-23 18:27 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-08-22 15:45 - 2013-08-22 15:45 - 00000054 _____ C:\Users\Pc\AppData\Roaming\WB.CFG
2013-08-22 15:45 - 2013-08-22 15:45 - 00000005 _____ C:\Users\Pc\AppData\Roaming\WBPU-TTL.DAT
2013-08-22 14:45 - 2013-08-22 14:45 - 00000000 ____D C:\User Data
2013-08-18 20:33 - 2013-08-18 20:33 - 00000000 ____D C:\Users\Pc\AppData\Local\avgchrome
2013-08-18 20:24 - 2013-08-18 20:33 - 00000000 ____D C:\ProgramData\Freemake
2013-08-18 20:24 - 2013-08-18 20:24 - 00000000 ____D C:\Users\Pc\Documents\Freemake
2013-08-18 20:23 - 2013-08-18 20:33 - 00000000 ____D C:\Program Files (x86)\Freemake
2013-08-18 19:45 - 2013-08-18 19:57 - 02724828 _____ C:\Users\Pc\Documents\08 16 Dollars.wma
2013-08-18 19:31 - 2013-08-18 19:41 - 04583358 _____ C:\Users\Pc\Documents\06 7 Shots.wma
2013-08-17 15:30 - 2013-08-17 21:42 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Kalypso Media
2013-08-17 15:25 - 2013-08-17 15:25 - 00000000 ____D C:\Program Files (x86)\Kalypso Media
2013-08-17 15:22 - 2013-08-18 21:15 - 01589618 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-17 15:06 - 2013-08-17 15:06 - 00000760 _____ C:\Users\Pc\Desktop\Landwirtschafts Simulator 2011 .lnk
2013-08-17 07:55 - 2013-08-17 12:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-15 10:11 - 2013-08-15 10:11 - 00000000 ____D C:\Users\Pc\AppData\Local\Risen2
2013-08-15 10:06 - 2013-08-15 10:06 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-14 14:33 - 2013-07-26 06:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-08-14 14:33 - 2013-07-26 06:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-08-14 14:33 - 2013-07-26 06:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-08-14 14:33 - 2013-07-26 06:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-08-14 14:33 - 2013-07-26 06:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-08-14 14:33 - 2013-07-26 06:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-08-14 14:33 - 2013-07-26 06:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-08-14 14:33 - 2013-07-26 06:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-08-14 14:33 - 2013-07-26 06:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-08-14 14:33 - 2013-07-26 06:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-08-14 14:33 - 2013-07-26 06:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-08-14 14:33 - 2013-07-26 06:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-08-14 14:33 - 2013-07-26 06:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-08-14 14:33 - 2013-07-26 06:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-08-14 14:33 - 2013-07-26 04:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-08-14 14:33 - 2013-07-26 04:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 14:33 - 2013-07-26 04:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 14:33 - 2013-07-26 04:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 14:33 - 2013-07-26 04:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 14:33 - 2013-07-26 04:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 14:33 - 2013-07-26 04:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 14:33 - 2013-07-26 04:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 14:33 - 2013-07-26 04:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 14:33 - 2013-07-26 04:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 14:33 - 2013-07-26 04:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 14:33 - 2013-07-26 04:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 14:33 - 2013-07-26 04:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 14:33 - 2013-07-26 04:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 14:33 - 2013-07-26 03:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 14:33 - 2013-07-26 03:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-08-14 14:33 - 2013-07-26 02:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 14:11 - 2013-08-14 14:11 - 00000000 ____D C:\Users\Pc\AppData\Local\Google
2013-08-14 12:44 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-08-14 12:44 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 12:44 - 2013-07-19 02:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-08-14 12:44 - 2013-07-19 02:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 12:44 - 2013-07-09 15:51 - 01216000 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2013-08-14 12:44 - 2013-07-09 15:51 - 00189440 _____ (Microsoft Corporation) C:\Windows\System32\rpchttp.dll
2013-08-14 12:44 - 2013-07-09 15:47 - 01472000 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-08-14 12:44 - 2013-07-09 15:47 - 00186880 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-08-14 12:44 - 2013-07-09 15:47 - 00141824 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-08-14 12:44 - 2013-07-09 15:02 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 12:44 - 2013-07-09 15:01 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2013-08-14 12:44 - 2013-07-09 14:57 - 01167360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 12:44 - 2013-07-09 14:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 12:44 - 2013-07-09 14:57 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 12:44 - 2013-07-09 06:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-08-14 12:44 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 12:44 - 2013-07-08 06:22 - 05554624 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-08-14 12:44 - 2013-07-08 06:20 - 01737688 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-08-14 12:44 - 2013-07-08 06:18 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2013-08-14 12:44 - 2013-07-08 06:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2013-08-14 12:44 - 2013-07-08 06:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-08-14 12:44 - 2013-07-08 06:18 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2013-08-14 12:44 - 2013-07-08 06:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2013-08-14 12:44 - 2013-07-08 06:14 - 01162240 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-08-14 12:44 - 2013-07-08 06:14 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-08-14 12:44 - 2013-07-08 06:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00058368 _____ (Microsoft Corporation) C:\Windows\System32\appidapi.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\appidsvc.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 06:08 - 03973056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 12:44 - 2013-07-08 06:08 - 03918272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 12:44 - 2013-07-08 06:06 - 01296312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 12:44 - 2013-07-08 06:05 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-08-14 12:44 - 2013-07-08 06:05 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-08-14 12:44 - 2013-07-08 06:05 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 05:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 04:31 - 00148480 _____ (Microsoft Corporation) C:\Windows\System32\appidpolicyconverter.exe
2013-08-14 12:44 - 2013-07-08 04:31 - 00061440 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2013-08-14 12:44 - 2013-07-08 04:31 - 00017920 _____ (Microsoft Corporation) C:\Windows\System32\appidcertstorecheck.exe
2013-08-14 12:44 - 2013-07-08 04:12 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-08-14 12:44 - 2013-07-08 04:07 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 12:44 - 2013-07-08 04:07 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 12:44 - 2013-07-08 04:07 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 12:44 - 2013-07-08 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 12:44 - 2013-07-08 04:02 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 04:02 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 04:02 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 04:02 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-08-14 12:44 - 2013-07-08 03:50 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-08-14 12:44 - 2013-07-06 06:20 - 01900992 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-08-14 12:44 - 2013-07-06 06:20 - 00376768 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2013-08-14 12:44 - 2013-07-06 06:20 - 00288192 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-08-14 12:44 - 2013-06-15 05:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2013-08-10 16:17 - 2013-08-10 16:17 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-08-10 09:05 - 2013-08-10 09:05 - 00000641 _____ C:\Users\Pc\Documents\Uninstall STAR WARS The Old Republic.log
2013-08-10 09:04 - 2013-08-30 20:43 - 00000000 ____D C:\Program Files (x86)\plaync
2013-08-09 16:25 - 2013-08-09 16:25 - 00000000 ____D C:\Users\Pc\AppData\Local\Chromium
2013-08-07 18:23 - 2013-08-07 18:23 - 00000025 _____ C:\Users\Pc\Desktop\options.ini
2013-08-07 18:23 - 2013-07-09 01:47 - 00575029 _____ C:\Users\Pc\Desktop\left4uncut.exe
2013-08-06 21:06 - 2013-08-10 09:06 - 00000000 ____D C:\ProgramData\BitRaider
2013-08-06 21:06 - 2013-08-06 21:06 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2013-08-06 21:05 - 2013-08-06 21:05 - 00000000 ____D C:\Users\Pc\AppData\Local\SWTORPerf
2013-08-06 20:56 - 2013-08-06 20:57 - 00016608 _____ C:\Users\Pc\Documents\Install STAR WARS The Old Republic.log
2013-08-06 20:56 - 2013-08-06 20:56 - 00000000 ____D C:\users\hedev
2013-08-06 18:42 - 2013-08-06 21:20 - 00000000 ____D C:\Users\Pc\AppData\Roaming\TS3Client
2013-08-06 18:42 - 2013-08-06 18:42 - 00001175 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-08-06 18:42 - 2013-08-06 18:42 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-08-06 18:39 - 2013-08-16 07:59 - 00000169 _____ C:\Users\Pc\Desktop\Microcomandos.txt
2013-08-04 19:26 - 2013-08-04 19:26 - 00000000 ____H C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

==================== One Month Modified Files and Folders =======

2013-09-01 14:53 - 2013-09-01 11:34 - 00019067 _____ C:\Windows\WindowsUpdate.log
2013-09-01 14:50 - 2013-09-01 12:21 - 00000112 _____ C:\Windows\setupact.log
2013-09-01 14:49 - 2013-07-29 19:50 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Skype
2013-09-01 14:22 - 2013-07-30 06:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-01 12:21 - 2013-09-01 12:21 - 00000000 _____ C:\Windows\setuperr.log
2013-09-01 11:39 - 2009-07-14 05:45 - 00021088 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-01 11:39 - 2009-07-14 05:45 - 00021088 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-01 11:32 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-31 18:45 - 2013-07-30 14:23 - 00000000 ____D C:\Users\Pc\Documents\Euro Truck Simulator 2
2013-08-31 18:17 - 2013-07-30 06:43 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-08-31 18:17 - 2013-07-30 06:43 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2013-08-31 18:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-08-31 17:19 - 2013-07-17 00:33 - 00000000 ____D C:\users\Pc
2013-08-31 12:21 - 2013-08-31 12:21 - 00001250 _____ C:\Users\Pc\Desktop\JRT.txt
2013-08-31 12:13 - 2013-08-31 12:13 - 00000000 ____D C:\Windows\ERUNT
2013-08-31 12:06 - 2013-07-17 15:24 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-08-31 12:03 - 2013-08-31 12:03 - 00000000 ____D C:\AdwCleaner
2013-08-31 11:05 - 2011-04-12 08:43 - 00696832 _____ C:\Windows\System32\perfh007.dat
2013-08-31 11:05 - 2011-04-12 08:43 - 00148128 _____ C:\Windows\System32\perfc007.dat
2013-08-31 11:05 - 2009-07-14 06:13 - 01613340 _____ C:\Windows\System32\PerfStringBackup.INI
2013-08-31 11:02 - 2013-08-31 11:02 - 00001122 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-31 11:02 - 2013-08-31 11:02 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Malwarebytes
2013-08-31 11:02 - 2013-08-31 11:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-31 11:02 - 2013-08-31 11:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-30 21:12 - 2013-08-30 21:12 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2013-08-30 21:09 - 2013-08-30 21:09 - 00002222 _____ C:\Users\Public\Desktop\AION Free-To-Play.lnk
2013-08-30 21:09 - 2013-08-30 21:09 - 00000000 ____D C:\Program Files (x86)\Gameforge
2013-08-30 21:08 - 2013-08-25 07:35 - 00000000 ____D C:\Users\Pc\AppData\Roaming\IDM
2013-08-30 21:08 - 2013-07-17 01:23 - 00000000 ____D C:\Windows\Panther
2013-08-30 21:06 - 2013-08-30 21:00 - 145138568 _____ (Gameforge) C:\Users\Pc\Downloads\setup_20120224.exe
2013-08-30 20:53 - 2013-08-30 20:53 - 02432824 _____ (NCSOFT Corporation) C:\Users\Pc\Downloads\nclauncher_3_20130812.exe
2013-08-30 20:51 - 2013-08-30 20:50 - 19328880 _____ (Gameforge                                                   ) C:\Users\Pc\Downloads\AION_GameforgeLiveSetup.exe
2013-08-30 20:43 - 2013-08-10 09:04 - 00000000 ____D C:\Program Files (x86)\plaync
2013-08-29 18:13 - 2013-08-29 18:13 - 00000000 ____D C:\FRST
2013-08-29 16:18 - 2013-08-29 16:18 - 00001931 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-29 16:18 - 2013-07-17 15:24 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-08-26 11:13 - 2013-08-25 16:07 - 00000000 ____D C:\Users\Pc\AppData\Local\Unity
2013-08-25 14:39 - 2013-08-25 10:29 - 00000000 ____D C:\Users\Pc\AppData\Roaming\GetRightToGo
2013-08-25 08:11 - 2013-08-23 18:34 - 00000386 _____ C:\Users\Pc\Documents\eurotrucks2.CT
2013-08-25 08:04 - 2013-08-25 07:34 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2013-08-25 08:03 - 2013-08-25 07:35 - 00000000 ____D C:\Users\Pc\AppData\Roaming\DMCache
2013-08-25 07:35 - 2013-08-25 07:35 - 00000000 ____D C:\ProgramData\IDM
2013-08-24 12:37 - 2013-08-24 12:37 - 00000561 _____ C:\Users\Pc\Desktop\Pictures - Verknüpfung.lnk
2013-08-24 05:56 - 2013-08-24 05:56 - 00000000 ____D C:\Windows\System32\appmgmt
2013-08-23 18:27 - 2013-08-23 18:27 - 00001098 _____ C:\Users\Pc\Desktop\Cheat Engine.lnk
2013-08-23 18:27 - 2013-08-23 18:27 - 00000000 ____D C:\Users\Pc\Documents\My Cheat Tables
2013-08-23 18:27 - 2013-08-23 18:27 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-08-22 20:33 - 2011-02-19 22:03 - 00421032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-08-22 20:33 - 2011-02-18 23:40 - 00773800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-08-22 15:45 - 2013-08-22 15:45 - 00000054 _____ C:\Users\Pc\AppData\Roaming\WB.CFG
2013-08-22 15:45 - 2013-08-22 15:45 - 00000005 _____ C:\Users\Pc\AppData\Roaming\WBPU-TTL.DAT
2013-08-22 14:45 - 2013-08-22 14:45 - 00000000 ____D C:\User Data
2013-08-18 21:15 - 2013-08-17 15:22 - 01589618 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-18 20:33 - 2013-08-18 20:33 - 00000000 ____D C:\Users\Pc\AppData\Local\avgchrome
2013-08-18 20:33 - 2013-08-18 20:24 - 00000000 ____D C:\ProgramData\Freemake
2013-08-18 20:33 - 2013-08-18 20:23 - 00000000 ____D C:\Program Files (x86)\Freemake
2013-08-18 20:24 - 2013-08-18 20:24 - 00000000 ____D C:\Users\Pc\Documents\Freemake
2013-08-18 19:57 - 2013-08-18 19:45 - 02724828 _____ C:\Users\Pc\Documents\08 16 Dollars.wma
2013-08-18 19:41 - 2013-08-18 19:31 - 04583358 _____ C:\Users\Pc\Documents\06 7 Shots.wma
2013-08-18 08:13 - 2013-07-22 06:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-17 21:42 - 2013-08-17 15:30 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Kalypso Media
2013-08-17 15:37 - 2013-07-18 21:42 - 00000000 ____D C:\Users\Pc\Documents\My Games
2013-08-17 15:25 - 2013-08-17 15:25 - 00000000 ____D C:\Program Files (x86)\Kalypso Media
2013-08-17 15:06 - 2013-08-17 15:06 - 00000760 _____ C:\Users\Pc\Desktop\Landwirtschafts Simulator 2011 .lnk
2013-08-17 12:52 - 2013-08-17 07:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 07:59 - 2013-08-06 18:39 - 00000169 _____ C:\Users\Pc\Desktop\Microcomandos.txt
2013-08-16 07:59 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-08-15 10:11 - 2013-08-15 10:11 - 00000000 ____D C:\Users\Pc\AppData\Local\Risen2
2013-08-15 10:06 - 2013-08-15 10:06 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-14 14:27 - 2013-07-18 22:16 - 00000000 ____D C:\Windows\System32\MRT
2013-08-14 14:25 - 2013-07-17 01:53 - 78161360 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-08-14 14:11 - 2013-08-14 14:11 - 00000000 ____D C:\Users\Pc\AppData\Local\Google
2013-08-10 16:17 - 2013-08-10 16:17 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-08-10 09:06 - 2013-08-06 21:06 - 00000000 ____D C:\ProgramData\BitRaider
2013-08-10 09:05 - 2013-08-10 09:05 - 00000641 _____ C:\Users\Pc\Documents\Uninstall STAR WARS The Old Republic.log
2013-08-09 16:25 - 2013-08-09 16:25 - 00000000 ____D C:\Users\Pc\AppData\Local\Chromium
2013-08-07 18:23 - 2013-08-07 18:23 - 00000025 _____ C:\Users\Pc\Desktop\options.ini
2013-08-06 21:44 - 2013-07-17 15:26 - 00000000 ____D C:\Program Files\CCleaner
2013-08-06 21:20 - 2013-08-06 18:42 - 00000000 ____D C:\Users\Pc\AppData\Roaming\TS3Client
2013-08-06 21:06 - 2013-08-06 21:06 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2013-08-06 21:05 - 2013-08-06 21:05 - 00000000 ____D C:\Users\Pc\AppData\Local\SWTORPerf
2013-08-06 20:57 - 2013-08-06 20:56 - 00016608 _____ C:\Users\Pc\Documents\Install STAR WARS The Old Republic.log
2013-08-06 20:56 - 2013-08-06 20:56 - 00000000 ____D C:\users\hedev
2013-08-06 18:42 - 2013-08-06 18:42 - 00001175 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-08-06 18:42 - 2013-08-06 18:42 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-08-04 19:26 - 2013-08-04 19:26 - 00000000 ____H C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

Files to move or delete:
====================
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\Setup.exe
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\VisualCRT\vc2008redist_x86.exe
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\DirectX\DSETUP.dll
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\DirectX\dsetup32.dll
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\DirectX\DXSETUP.exe
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\data\Star Wars - The Old Republic Uninstaller.exe
C:\Users\Pc\AppData\Local\Temp\Quarantine.exe
C:\Users\Pc\AppData\Local\Temp\~nsu.tmp\Au_.exe
C:\Users\Pc\AppData\Local\Temp\UnityWebPlayer\UnityWebPlayerUpdate.exe
C:\Users\Pc\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2012-05-09 16:14] - [2012-05-09 16:14] - 0391168 ____A (Microsoft Corporation) EC5BD25A41E9B633CB39120DBB0939DC

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2012-05-09 16:53] - [2012-05-09 16:53] - 2872320 ____A (Microsoft Corporation) A27FB0CA2971BEC02595902A9FD35D6D

C:\Windows\SysWOW64\explorer.exe
[2012-05-09 16:53] - [2012-05-09 16:53] - 2616320 ____A (Microsoft Corporation) 82B49E32080BF5C469BF877C473B15EB

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2012-05-09 16:23] - [2012-05-09 16:23] - 1008128 ____A (Microsoft Corporation) 7FB4D54B502C6CF2E35B8188FA4CC08C

C:\Windows\SysWOW64\User32.dll
[2012-05-09 16:23] - [2012-05-09 16:23] - 0833024 ____A (Microsoft Corporation) 9B836EE76E3A99052EF6DEA52B41D1BE

C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2012-05-09 16:24] - [2012-05-09 16:24] - 0296816 ____A (Microsoft Corporation) ABFECA99D72CE81E5C3612861F03B0CA


==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-08-31 19:10:14

==================== Memory info =========================== 

Percentage of memory in use: 15%
Total physical RAM: 4095.24 MB
Available physical RAM: 3478.21 MB
Total Pagefile: 4093.44 MB
Available Pagefile: 3465.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: (Windows 7) (Fixed) (Total:44.58 GB) (Free:9.17 GB) NTFS
Drive e: (Speicher) (Fixed) (Total:298.34 GB) (Free:254.8 GB) NTFS
Drive f: (Spiele) (Fixed) (Total:122.74 GB) (Free:53.75 GB) NTFS
Drive h: (INTENSO) (Removable) (Total:3.61 GB) (Free:3.59 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E7C775AB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=45 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=123 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=4 GB) - (Type=06)


LastRegBack: 2013-08-31 23:59

==================== End Of Log ============================
         
--- --- ---

--- --- ---


im moment alles problemlos :-)

Alt 01.09.2013, 17:27   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Weißer Bildschirm  - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten - Standard

Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten



ich hätte gern ein FRST Log vom Desktop
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.09.2013, 17:45   #13
Aneliera
 
Weißer Bildschirm  - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten - Standard

Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten



wie geht der? und warum eigentlich? Ich frag mich die ganze zeit was du in diesen dateien erkennst?

Alt 01.09.2013, 19:45   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Weißer Bildschirm  - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten - Standard

Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten



Na wir bereinigen den Rechner, was sonst?

Der Rechner startet doch wieder normal, also warum scannst Du aus der Recovery?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.09.2013, 18:49   #15
Aneliera
 
Weißer Bildschirm  - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten - Standard

Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2013 01
Ran by Pc (administrator) on PC-PC on 02-09-2013 19:43:51
Running from C:\Users\Pc\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Valve Corporation) E:\Steam\Steam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

==================== Registry (Whitelisted) ==================

HKCU\...\Run: [Steam] - E:\Steam\Steam.exe [1811880 2013-08-28] (Valve Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [CCleaner] - C:\Program Files\CCleaner\CCleaner64.exe [6185240 2013-06-19] (Piriform Ltd)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] - E:\Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=WDCXWD5000AACS-00ZUB0_WD-WCASU602520225202&ts=1377179147
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=WDCXWD5000AACS-00ZUB0_WD-WCASU602520225202&ts=1377179147
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Office\Office12\GR469A~1.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Office\Office12\GRA32A~1.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\Office\Office12\GR469A~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\jsvdjfs6.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Pc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome: 
=======
CHR Extension: (savenshaarrea ) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpiecnejkncpcoccmhdhkkggpdkefpme\1
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - \User Data\Default\Extensions\newtab.crx

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [476936 2013-08-06] (BitRaider, LLC)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S3 Microsoft Office Groove Audit Service; E:\Office\Office12\GrooveAuditService.exe [65824 2006-10-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-17] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-17] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-17] ()
R1 BSMEM; C:\Windows\system32\drivers\BSMEM.sys [29344 2012-07-26] (BIOSTAR Group)
R1 BSMEM; C:\Windows\system32\drivers\BSMEM.sys [29344 2012-07-26] (BIOSTAR Group)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [x]
S3 BSMI; \??\C:\Program Files (x86)\Tseries BIOS Update\BSMIx64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-02 19:36 - 2013-09-02 19:36 - 00014585 _____ C:\Windows\WindowsUpdate.log
2013-08-31 13:21 - 2013-08-31 13:21 - 00001250 _____ C:\Users\Pc\Desktop\JRT.txt
2013-08-31 13:13 - 2013-08-31 13:13 - 00000000 ____D C:\Windows\ERUNT
2013-08-31 13:03 - 2013-08-31 13:03 - 00000000 ____D C:\AdwCleaner
2013-08-31 12:02 - 2013-08-31 12:02 - 00001122 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-31 12:02 - 2013-08-31 12:02 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Malwarebytes
2013-08-31 12:02 - 2013-08-31 12:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-31 12:02 - 2013-08-31 12:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-31 12:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-30 22:12 - 2013-08-30 22:12 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2013-08-30 22:09 - 2013-08-30 22:09 - 00002222 _____ C:\Users\Public\Desktop\AION Free-To-Play.lnk
2013-08-30 22:09 - 2013-08-30 22:09 - 00000000 ____D C:\Program Files (x86)\Gameforge
2013-08-30 22:00 - 2013-08-30 22:06 - 145138568 _____ (Gameforge) C:\Users\Pc\Downloads\setup_20120224.exe
2013-08-30 21:53 - 2013-08-30 21:53 - 02432824 _____ (NCSOFT Corporation) C:\Users\Pc\Downloads\nclauncher_3_20130812.exe
2013-08-30 21:50 - 2013-08-30 21:51 - 19328880 _____ (Gameforge                                                   ) C:\Users\Pc\Downloads\AION_GameforgeLiveSetup.exe
2013-08-29 19:13 - 2013-08-29 19:13 - 00000000 ____D C:\FRST
2013-08-29 17:18 - 2013-08-29 17:18 - 00001931 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-25 17:07 - 2013-08-26 12:13 - 00000000 ____D C:\Users\Pc\AppData\Local\Unity
2013-08-25 11:29 - 2013-08-25 15:39 - 00000000 ____D C:\Users\Pc\AppData\Roaming\GetRightToGo
2013-08-25 08:35 - 2013-08-30 22:08 - 00000000 ____D C:\Users\Pc\AppData\Roaming\IDM
2013-08-25 08:35 - 2013-08-25 09:03 - 00000000 ____D C:\Users\Pc\AppData\Roaming\DMCache
2013-08-25 08:35 - 2013-08-25 08:35 - 00000000 ____D C:\ProgramData\IDM
2013-08-25 08:34 - 2013-08-25 09:04 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2013-08-24 13:37 - 2013-08-24 13:37 - 00000561 _____ C:\Users\Pc\Desktop\Pictures - Verknüpfung.lnk
2013-08-24 06:56 - 2013-08-24 06:56 - 00000000 ____D C:\Windows\system32\appmgmt
2013-08-23 19:34 - 2013-08-25 09:11 - 00000386 _____ C:\Users\Pc\Documents\eurotrucks2.CT
2013-08-23 19:27 - 2013-08-23 19:27 - 00001098 _____ C:\Users\Pc\Desktop\Cheat Engine.lnk
2013-08-23 19:27 - 2013-08-23 19:27 - 00000000 ____D C:\Users\Pc\Documents\My Cheat Tables
2013-08-23 19:27 - 2013-08-23 19:27 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-08-22 16:45 - 2013-08-22 16:45 - 00000054 _____ C:\Users\Pc\AppData\Roaming\WB.CFG
2013-08-22 16:45 - 2013-08-22 16:45 - 00000005 _____ C:\Users\Pc\AppData\Roaming\WBPU-TTL.DAT
2013-08-22 15:45 - 2013-08-22 15:45 - 00000000 ____D C:\User Data
2013-08-18 21:33 - 2013-08-18 21:33 - 00000000 ____D C:\Users\Pc\AppData\Local\avgchrome
2013-08-18 21:24 - 2013-08-18 21:33 - 00000000 ____D C:\ProgramData\Freemake
2013-08-18 21:24 - 2013-08-18 21:24 - 00000000 ____D C:\Users\Pc\Documents\Freemake
2013-08-18 21:23 - 2013-08-18 21:33 - 00000000 ____D C:\Program Files (x86)\Freemake
2013-08-18 20:45 - 2013-08-18 20:57 - 02724828 _____ C:\Users\Pc\Documents\08 16 Dollars.wma
2013-08-18 20:31 - 2013-08-18 20:41 - 04583358 _____ C:\Users\Pc\Documents\06 7 Shots.wma
2013-08-17 16:30 - 2013-08-17 22:42 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Kalypso Media
2013-08-17 16:25 - 2013-08-17 16:25 - 00000000 ____D C:\Program Files (x86)\Kalypso Media
2013-08-17 16:22 - 2013-08-18 22:15 - 01589618 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-17 16:06 - 2013-08-17 16:06 - 00000760 _____ C:\Users\Pc\Desktop\Landwirtschafts Simulator 2011 .lnk
2013-08-17 08:55 - 2013-08-17 13:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-15 11:11 - 2013-08-15 11:11 - 00000000 ____D C:\Users\Pc\AppData\Local\Risen2
2013-08-15 11:06 - 2013-08-15 11:06 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-14 15:33 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 15:33 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 15:33 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 15:33 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 15:33 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 15:33 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 15:33 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 15:33 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 15:33 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 15:33 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 15:33 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 15:33 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 15:33 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 15:33 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 15:11 - 2013-08-14 15:11 - 00000000 ____D C:\Users\Pc\AppData\Local\Google
2013-08-14 13:44 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 13:44 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 13:44 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 13:44 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 13:44 - 2013-07-09 16:51 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 13:44 - 2013-07-09 16:51 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2013-08-14 13:44 - 2013-07-09 16:47 - 01472000 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 13:44 - 2013-07-09 16:47 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 13:44 - 2013-07-09 16:47 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 13:44 - 2013-07-09 16:02 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 13:44 - 2013-07-09 16:01 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2013-08-14 13:44 - 2013-07-09 15:57 - 01167360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 13:44 - 2013-07-09 15:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 13:44 - 2013-07-09 15:57 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 13:44 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 13:44 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 13:44 - 2013-07-08 07:22 - 05554624 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 13:44 - 2013-07-08 07:20 - 01737688 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 13:44 - 2013-07-08 07:18 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-08-14 13:44 - 2013-07-08 07:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 13:44 - 2013-07-08 07:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-08-14 13:44 - 2013-07-08 07:18 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-08-14 13:44 - 2013-07-08 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-08-14 13:44 - 2013-07-08 07:14 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-08-14 13:44 - 2013-07-08 07:14 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-08-14 13:44 - 2013-07-08 07:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 07:08 - 03973056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 13:44 - 2013-07-08 07:08 - 03918272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 13:44 - 2013-07-08 07:06 - 01296312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 13:44 - 2013-07-08 07:05 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-08-14 13:44 - 2013-07-08 07:05 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-08-14 13:44 - 2013-07-08 07:05 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 05:31 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2013-08-14 13:44 - 2013-07-08 05:31 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2013-08-14 13:44 - 2013-07-08 05:31 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2013-08-14 13:44 - 2013-07-08 05:12 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-08-14 13:44 - 2013-07-08 05:07 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 13:44 - 2013-07-08 05:07 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 13:44 - 2013-07-08 05:07 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 13:44 - 2013-07-08 05:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 13:44 - 2013-07-08 05:02 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 05:02 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 05:02 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 05:02 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-08-14 13:44 - 2013-07-08 04:50 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-08-14 13:44 - 2013-07-06 07:20 - 01900992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 13:44 - 2013-07-06 07:20 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2013-08-14 13:44 - 2013-07-06 07:20 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-08-14 13:44 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-10 17:17 - 2013-08-10 17:17 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-08-10 10:05 - 2013-08-10 10:05 - 00000641 _____ C:\Users\Pc\Documents\Uninstall STAR WARS The Old Republic.log
2013-08-10 10:04 - 2013-08-30 21:43 - 00000000 ____D C:\Program Files (x86)\plaync
2013-08-09 17:25 - 2013-08-09 17:25 - 00000000 ____D C:\Users\Pc\AppData\Local\Chromium
2013-08-07 19:23 - 2013-08-07 19:23 - 00000025 _____ C:\Users\Pc\Desktop\options.ini
2013-08-07 19:23 - 2013-07-09 02:47 - 00575029 _____ C:\Users\Pc\Desktop\left4uncut.exe
2013-08-06 22:06 - 2013-08-10 10:06 - 00000000 ____D C:\ProgramData\BitRaider
2013-08-06 22:06 - 2013-08-06 22:06 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2013-08-06 22:05 - 2013-08-06 22:05 - 00000000 ____D C:\Users\Pc\AppData\Local\SWTORPerf
2013-08-06 21:56 - 2013-08-06 21:57 - 00016608 _____ C:\Users\Pc\Documents\Install STAR WARS The Old Republic.log
2013-08-06 21:56 - 2013-08-06 21:56 - 00000000 ____D C:\Users\hedev
2013-08-06 19:42 - 2013-08-06 22:20 - 00000000 ____D C:\Users\Pc\AppData\Roaming\TS3Client
2013-08-06 19:42 - 2013-08-06 19:42 - 00001175 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-08-06 19:42 - 2013-08-06 19:42 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-08-06 19:39 - 2013-08-16 08:59 - 00000169 _____ C:\Users\Pc\Desktop\Microcomandos.txt
2013-08-04 20:26 - 2013-08-04 20:26 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

==================== One Month Modified Files and Folders =======

2013-09-02 19:41 - 2009-07-14 06:45 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-02 19:41 - 2009-07-14 06:45 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-02 19:37 - 2013-09-02 19:36 - 00014585 _____ C:\Windows\WindowsUpdate.log
2013-09-02 19:35 - 2013-07-29 20:50 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Skype
2013-09-02 19:34 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-01 21:22 - 2013-07-30 07:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-01 20:23 - 2013-07-17 16:24 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-08-31 19:45 - 2013-07-30 15:23 - 00000000 ____D C:\Users\Pc\Documents\Euro Truck Simulator 2
2013-08-31 19:17 - 2013-07-30 07:43 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-08-31 19:17 - 2013-07-30 07:43 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2013-08-31 19:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-08-31 18:19 - 2013-07-17 01:33 - 00000000 ____D C:\Users\Pc
2013-08-31 13:27 - 2013-09-02 19:43 - 01589542 _____ (Farbar) C:\Users\Pc\Desktop\FRST64.exe
2013-08-31 13:21 - 2013-08-31 13:21 - 00001250 _____ C:\Users\Pc\Desktop\JRT.txt
2013-08-31 13:13 - 2013-08-31 13:13 - 00000000 ____D C:\Windows\ERUNT
2013-08-31 13:03 - 2013-08-31 13:03 - 00000000 ____D C:\AdwCleaner
2013-08-31 13:03 - 2013-07-17 01:34 - 00000998 _____ C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-31 12:05 - 2011-04-12 09:43 - 00696832 _____ C:\Windows\system32\perfh007.dat
2013-08-31 12:05 - 2011-04-12 09:43 - 00148128 _____ C:\Windows\system32\perfc007.dat
2013-08-31 12:05 - 2009-07-14 07:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-31 12:02 - 2013-08-31 12:02 - 00001122 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-31 12:02 - 2013-08-31 12:02 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Malwarebytes
2013-08-31 12:02 - 2013-08-31 12:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-31 12:02 - 2013-08-31 12:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-30 22:12 - 2013-08-30 22:12 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2013-08-30 22:09 - 2013-08-30 22:09 - 00002222 _____ C:\Users\Public\Desktop\AION Free-To-Play.lnk
2013-08-30 22:09 - 2013-08-30 22:09 - 00000000 ____D C:\Program Files (x86)\Gameforge
2013-08-30 22:08 - 2013-08-25 08:35 - 00000000 ____D C:\Users\Pc\AppData\Roaming\IDM
2013-08-30 22:08 - 2013-07-17 02:23 - 00000000 ____D C:\Windows\Panther
2013-08-30 22:06 - 2013-08-30 22:00 - 145138568 _____ (Gameforge) C:\Users\Pc\Downloads\setup_20120224.exe
2013-08-30 21:53 - 2013-08-30 21:53 - 02432824 _____ (NCSOFT Corporation) C:\Users\Pc\Downloads\nclauncher_3_20130812.exe
2013-08-30 21:51 - 2013-08-30 21:50 - 19328880 _____ (Gameforge                                                   ) C:\Users\Pc\Downloads\AION_GameforgeLiveSetup.exe
2013-08-30 21:43 - 2013-08-10 10:04 - 00000000 ____D C:\Program Files (x86)\plaync
2013-08-29 19:13 - 2013-08-29 19:13 - 00000000 ____D C:\FRST
2013-08-29 17:18 - 2013-08-29 17:18 - 00001931 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-29 17:18 - 2013-07-17 16:24 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-08-26 12:13 - 2013-08-25 17:07 - 00000000 ____D C:\Users\Pc\AppData\Local\Unity
2013-08-25 15:39 - 2013-08-25 11:29 - 00000000 ____D C:\Users\Pc\AppData\Roaming\GetRightToGo
2013-08-25 09:11 - 2013-08-23 19:34 - 00000386 _____ C:\Users\Pc\Documents\eurotrucks2.CT
2013-08-25 09:04 - 2013-08-25 08:34 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2013-08-25 09:03 - 2013-08-25 08:35 - 00000000 ____D C:\Users\Pc\AppData\Roaming\DMCache
2013-08-25 08:35 - 2013-08-25 08:35 - 00000000 ____D C:\ProgramData\IDM
2013-08-24 13:37 - 2013-08-24 13:37 - 00000561 _____ C:\Users\Pc\Desktop\Pictures - Verknüpfung.lnk
2013-08-24 06:56 - 2013-08-24 06:56 - 00000000 ____D C:\Windows\system32\appmgmt
2013-08-23 19:27 - 2013-08-23 19:27 - 00001098 _____ C:\Users\Pc\Desktop\Cheat Engine.lnk
2013-08-23 19:27 - 2013-08-23 19:27 - 00000000 ____D C:\Users\Pc\Documents\My Cheat Tables
2013-08-23 19:27 - 2013-08-23 19:27 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-08-22 21:33 - 2011-02-19 23:03 - 00421032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-08-22 21:33 - 2011-02-19 00:40 - 00773800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-08-22 16:45 - 2013-08-22 16:45 - 00000054 _____ C:\Users\Pc\AppData\Roaming\WB.CFG
2013-08-22 16:45 - 2013-08-22 16:45 - 00000005 _____ C:\Users\Pc\AppData\Roaming\WBPU-TTL.DAT
2013-08-22 15:45 - 2013-08-22 15:45 - 00000000 ____D C:\User Data
2013-08-18 22:15 - 2013-08-17 16:22 - 01589618 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-18 21:33 - 2013-08-18 21:33 - 00000000 ____D C:\Users\Pc\AppData\Local\avgchrome
2013-08-18 21:33 - 2013-08-18 21:24 - 00000000 ____D C:\ProgramData\Freemake
2013-08-18 21:33 - 2013-08-18 21:23 - 00000000 ____D C:\Program Files (x86)\Freemake
2013-08-18 21:24 - 2013-08-18 21:24 - 00000000 ____D C:\Users\Pc\Documents\Freemake
2013-08-18 20:57 - 2013-08-18 20:45 - 02724828 _____ C:\Users\Pc\Documents\08 16 Dollars.wma
2013-08-18 20:41 - 2013-08-18 20:31 - 04583358 _____ C:\Users\Pc\Documents\06 7 Shots.wma
2013-08-18 09:13 - 2013-07-22 07:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-17 22:42 - 2013-08-17 16:30 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Kalypso Media
2013-08-17 16:37 - 2013-07-18 22:42 - 00000000 ____D C:\Users\Pc\Documents\My Games
2013-08-17 16:25 - 2013-08-17 16:25 - 00000000 ____D C:\Program Files (x86)\Kalypso Media
2013-08-17 16:06 - 2013-08-17 16:06 - 00000760 _____ C:\Users\Pc\Desktop\Landwirtschafts Simulator 2011 .lnk
2013-08-17 13:52 - 2013-08-17 08:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 08:59 - 2013-08-06 19:39 - 00000169 _____ C:\Users\Pc\Desktop\Microcomandos.txt
2013-08-16 08:59 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-08-15 11:11 - 2013-08-15 11:11 - 00000000 ____D C:\Users\Pc\AppData\Local\Risen2
2013-08-15 11:06 - 2013-08-15 11:06 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-14 15:27 - 2013-07-18 23:16 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 15:25 - 2013-07-17 02:53 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-14 15:11 - 2013-08-14 15:11 - 00000000 ____D C:\Users\Pc\AppData\Local\Google
2013-08-10 17:17 - 2013-08-10 17:17 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-08-10 10:06 - 2013-08-06 22:06 - 00000000 ____D C:\ProgramData\BitRaider
2013-08-10 10:05 - 2013-08-10 10:05 - 00000641 _____ C:\Users\Pc\Documents\Uninstall STAR WARS The Old Republic.log
2013-08-09 17:25 - 2013-08-09 17:25 - 00000000 ____D C:\Users\Pc\AppData\Local\Chromium
2013-08-07 19:23 - 2013-08-07 19:23 - 00000025 _____ C:\Users\Pc\Desktop\options.ini
2013-08-06 22:44 - 2013-07-17 16:26 - 00000000 ____D C:\Program Files\CCleaner
2013-08-06 22:20 - 2013-08-06 19:42 - 00000000 ____D C:\Users\Pc\AppData\Roaming\TS3Client
2013-08-06 22:06 - 2013-08-06 22:06 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2013-08-06 22:05 - 2013-08-06 22:05 - 00000000 ____D C:\Users\Pc\AppData\Local\SWTORPerf
2013-08-06 21:57 - 2013-08-06 21:56 - 00016608 _____ C:\Users\Pc\Documents\Install STAR WARS The Old Republic.log
2013-08-06 21:56 - 2013-08-06 21:56 - 00000000 ____D C:\Users\hedev
2013-08-06 19:42 - 2013-08-06 19:42 - 00001175 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-08-06 19:42 - 2013-08-06 19:42 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-08-04 20:26 - 2013-08-04 20:26 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

Files to move or delete:
====================
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\Setup.exe
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\VisualCRT\vc2008redist_x86.exe
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\DirectX\DSETUP.dll
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\DirectX\dsetup32.dll
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\software\DirectX\DXSETUP.exe
C:\Users\hedev\AppData\Local\Temp\InstallSWTOR\data\Star Wars - The Old Republic Uninstaller.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2012-05-09 17:14] - [2012-05-09 17:14] - 0391168 ____A (Microsoft Corporation) EC5BD25A41E9B633CB39120DBB0939DC

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2012-05-09 17:53] - [2012-05-09 17:53] - 2872320 ____A (Microsoft Corporation) A27FB0CA2971BEC02595902A9FD35D6D

C:\Windows\SysWOW64\explorer.exe
[2012-05-09 17:53] - [2012-05-09 17:53] - 2616320 ____A (Microsoft Corporation) 82B49E32080BF5C469BF877C473B15EB

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2012-05-09 17:23] - [2012-05-09 17:23] - 1008128 ____A (Microsoft Corporation) 7FB4D54B502C6CF2E35B8188FA4CC08C

C:\Windows\SysWOW64\User32.dll
[2012-05-09 17:23] - [2012-05-09 17:23] - 0833024 ____A (Microsoft Corporation) 9B836EE76E3A99052EF6DEA52B41D1BE

C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2012-05-09 17:24] - [2012-05-09 17:24] - 0296816 ____A (Microsoft Corporation) ABFECA99D72CE81E5C3612861F03B0CA



LastRegBack: 2013-09-01 00:59

==================== End Of Log ============================
         
--- --- ---

--- --- ---


k. A. ob das so richtig war, wenn nicht klär mich bitte auf meine Gehirnwindungen gehen halt in eine andere Richtung.

Antwort

Themen zu Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten
pup.dealply.a, pup.optional.babylon.a, pup.optional.datamngr, pup.optional.dealply.a, pup.optional.delta.a, pup.optional.esafe.a, pup.optional.installcore.a, pup.optional.multiplug.a, pup.optional.opencandy, pup.optional.optimizerpro.a, pup.optional.optimzerpro.a, pup.optional.silentinstall.a, pup.optional.sprotect.a, pup.optional.tarma.a, trojan.fakealert.rre, weißer bildschirm, weißes fenster, win32/adware.multiplug.h, windows



Ähnliche Themen: Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten


  1. FRST Logfile analysieren, nach BKA Trojaner, weißer Bildschirm etc
    Log-Analyse und Auswertung - 03.11.2013 (3)
  2. Problem mit Win7 nach der Anmeldung weißer Bildschirm - frst.exe bereits ausgeführt siehe logfile
    Log-Analyse und Auswertung - 30.10.2013 (5)
  3. Weißer Bildschirm nach Anmeldung, kein abgesicherter Modus, kein Taskmanager
    Log-Analyse und Auswertung - 09.07.2013 (13)
  4. Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 09.10.2012 (9)
  5. Exploit.Drop.UR.2 und Adware Softomate --> weißer Bildschirm nach Film im Internet keine Internetverbindung kein Taskmanager
    Plagegeister aller Art und deren Bekämpfung - 09.10.2012 (43)
  6. weißer Bildschirm nach Film im Internet keine Internetverbindung kein Taskmanager
    Plagegeister aller Art und deren Bekämpfung - 24.09.2012 (35)
  7. weißer bildschirm, keine taskleiste, kein taskmanager mehr - kein Klicken möglich
    Plagegeister aller Art und deren Bekämpfung - 29.08.2012 (1)
  8. Trojaner, weißer Bildschirm, auch abgesicherter Modus (OTL Logfile bereits vorhanden)
    Log-Analyse und Auswertung - 18.08.2012 (9)
  9. Logfile auswerten bzw. Logfile posten
    Mülltonne - 30.12.2008 (0)
  10. Bitte LogFile durchsehen,Problemmi Taskmanager...
    Mülltonne - 20.07.2008 (0)
  11. Taskmanager lässt sich nicht öffen+logfile
    Log-Analyse und Auswertung - 22.06.2008 (1)
  12. bitte kann mir jemand meine logfile posten. ständig öffnet sich mir ein browser
    Log-Analyse und Auswertung - 20.03.2008 (1)
  13. alles i O mit Logfile ?
    Log-Analyse und Auswertung - 10.09.2007 (1)
  14. möchte mal Infos zu meinem Logfile, Danke
    Mülltonne - 22.04.2007 (0)
  15. iexplore.exe im taskmanager, logfile bitte begutachten
    Log-Analyse und Auswertung - 02.01.2007 (3)
  16. Kann meinen logfile nicht posten!?
    Log-Analyse und Auswertung - 02.01.2005 (2)
  17. Logfile posten
    Log-Analyse und Auswertung - 17.12.2004 (4)

Zum Thema Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten - ich habe beim booten von windows ein weißes fenster und im Tasgmanager den Polizeihinweis- hintergrund. ich habe alle schritte bereits durchgearbeitet und würde nun gern meinen logfile posten - Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten...
Archiv
Du betrachtest: Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.