Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7 64bit: PC langsam und 50000 .tmp Datein

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 24.09.2013, 16:25   #1
AuroraXF
 
Windows 7 64bit: PC langsam und 50000 .tmp Datein - Standard

Windows 7 64bit: PC langsam und 50000 .tmp Datein



Hallo zusammen,

mein PC ist in letzter Zeit sehr langsam geworden und so habe ich heute beschlossen einfach mal ein wenig aufzuräumen.
Alles schön und gut, nun geht er gefühlt auch wieder flüssiger aber ich möchte einfach vorbeugend hier mal nachschauen lassen ob etwas ungewöhnlich ist, da ich beim aufräumen in meinem Eigene Bilder Ordner auf rund 50000 .tmp Datein gestoßen bin die 0 byte groß waren.
Habe einfach alle gelöscht und bisher ist auch nichts neues da.
Habe auch vorher schon Malewarebytes durchlaufen lassen und die funde gelöscht, Log ist mit dabei.

FRST Log

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2013
Ran by ***** (administrator) on *****-PC on 24-09-2013 16:38:48
Running from C:\Users\*****\Sicherheit
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
( ) C:\Windows\system32\lxcccoms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
() C:\Program Files (x86)\XSManager\WTGService.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [2342800 2009-05-21] (Microsoft Corporation)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
MountPoints2: {c48b0436-419b-11e0-a6b2-1c6f6582f198} - J:\autorun.exe
MountPoints2: {d525353d-140b-11e0-b1b7-1c6f6582f198} - G:\autorun.exe
MountPoints2: {e2e74cab-2069-11e2-a9db-1c6f6582f198} - I:\autorun.exe
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKU\Administrator\...\Run: [ISUSPM Startup] - C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\Administrator\...\Run: [Google Update] - C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-29] (Google Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.searchcompletion.com?si=10195&bs=true&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3B13C14D8C9ECD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://www.searchcompletion.com?si=10195&home=true
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.searchcompletion.com?si=10195&bs=true&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.searchcompletion.com?si=10195&bs=true&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://www.searchcompletion.com?si=10195&home=true
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.searchcompletion.com?si=10195&bs=true&q=
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119816&babsrc=SP_ss&mntrId=06d5fd690000000000001c6f6582f198
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q={searchTerms}
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default
FF user.js: detected! => C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\user.js
FF SelectedSearchEngine: Delta Search
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_35 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\*****\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\*****\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: No Name - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

Chrome: 
=======
CHR RestoreOnStartup: "hxxp://www.google.de/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\J\u00F6rg\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\J\u00F6rg\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\J\u00F6rg\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Google Update) - C:\Users\J\u00F6rg\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (Wetter von wetter.com) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgapkfcninhaogfjjoohaleiclbhjmnp\1.21_0
CHR Extension: (YouTube) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0
CHR Extension: (Google Search) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - C:\Program Files (x86)\Movie2KDownloader.com\Movie2KDownloader10.crx
CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
S2 KMService; C:\Windows\SysWow64\srvany.exe [8192 2003-04-18] ()
R2 lxcc_device; C:\Windows\system32\lxcccoms.exe [566704 2007-03-26] ( )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [329168 2010-04-12] ()
S2 XS Stick Service; C:\Windows\service4g.exe [x]
S2 Yontoo Desktop Updater; "C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe" "C:\Users\*****\AppData\Roaming\Yontoo\YontooDesktop.exe"

==================== Drivers (Whitelisted) ====================

S3 AODDriver; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
S3 AODDriver; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57512 2012-11-20] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-12-30] ()
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2011-02-26] (Mobile Connector)
S3 DVBUSB_0064_Sevice; C:\Windows\System32\DRIVERS\usb_0064.sys [170016 2008-04-08] ()
S3 gdrv; C:\Windows\gdrv.sys [25640 2011-01-16] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2011-01-16] (Windows (R) Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-01-16] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-01-16] ()
S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-12-30] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10693120 2007-10-16] (Sonix Co. Ltd.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2012-04-08] (Duplex Secure Ltd.)
S3 vhidmini; C:\Windows\System32\DRIVERS\vjoy.sys [15104 2012-10-15] (Headsoft)
S3 ALSysIO; \??\C:\Users\JRG~1\AppData\Local\Temp\ALSysIO64.sys [x]
S3 OSFMount; \??\C:\Program Files\OSFMount\OSFMount.sys [x]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013\WNt500x64\Sandra.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-24 16:38 - 2013-09-24 16:38 - 00000000 ____D C:\FRST
2013-09-24 16:35 - 2013-09-24 16:35 - 00000020 _____ C:\Users\*****\defogger_reenable
2013-09-24 16:13 - 2013-09-24 16:36 - 00000112 _____ C:\Windows\setupact.log
2013-09-24 16:13 - 2013-09-24 16:13 - 00003722 _____ C:\Windows\PFRO.log
2013-09-24 16:13 - 2013-09-24 16:13 - 00000000 _____ C:\Windows\setuperr.log
2013-09-24 15:48 - 2013-09-24 16:36 - 00026402 _____ C:\Windows\WindowsUpdate.log
2013-09-24 15:42 - 2013-09-24 15:43 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-09-24 15:41 - 2013-03-29 21:42 - 03379272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-09-24 15:41 - 2013-03-29 18:04 - 21170176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2013-09-24 15:41 - 2013-03-29 17:52 - 00914992 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-09-24 15:41 - 2013-03-29 17:10 - 00449481 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-09-24 15:41 - 2013-03-27 16:57 - 00135240 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-09-24 15:41 - 2013-03-26 17:06 - 02797128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-09-24 15:41 - 2013-03-26 15:40 - 03693128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-09-24 15:41 - 2013-03-26 14:38 - 01659464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-09-24 15:41 - 2013-03-25 17:32 - 03180264 _____ C:\Windows\system32\Drivers\rtvienna.dat
2013-09-24 15:41 - 2013-03-20 13:17 - 09123608 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2013-09-24 15:41 - 2013-03-20 13:16 - 02102040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2013-09-24 15:41 - 2013-03-20 13:16 - 01900312 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2013-09-24 15:41 - 2013-03-20 13:16 - 00910104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-09-24 15:41 - 2013-03-15 19:34 - 04957976 _____ (A-volute) C:\Windows\system32\RTKSMlfx.dll
2013-09-24 15:41 - 2013-03-15 19:33 - 00887640 _____ (A-Volute) C:\Windows\system32\RTKSMSettingsIPC.dll
2013-09-24 15:41 - 2013-03-12 18:16 - 00613448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2013-09-24 15:41 - 2013-03-08 12:51 - 00904752 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2013-09-24 15:41 - 2013-02-28 13:10 - 14021912 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2013-09-24 15:41 - 2013-02-28 13:10 - 02032408 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2013-09-24 15:41 - 2013-02-27 05:37 - 00823072 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2013-09-24 15:41 - 2013-02-27 05:37 - 00633632 _____ (SRS Labs, Inc.) C:\Windows\system32\sltech64.dll
2013-09-24 15:41 - 2013-02-27 05:37 - 00517408 _____ (SRS Labs, Inc.) C:\Windows\system32\sl3apo64.dll
2013-09-24 15:41 - 2013-02-27 05:37 - 00213792 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2013-09-24 15:41 - 2013-02-21 17:26 - 00858032 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2013-09-24 15:41 - 2013-02-21 17:26 - 00148912 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2013-09-24 15:41 - 2013-02-21 17:25 - 00569256 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2013-09-24 15:41 - 2013-02-20 18:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-09-24 15:41 - 2013-02-19 18:52 - 00991816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-09-24 15:41 - 2013-01-17 19:32 - 00719640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2013-09-24 15:41 - 2012-12-12 11:17 - 00395208 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-09-24 15:41 - 2012-09-10 20:06 - 00612728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2013-09-24 15:41 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2013-09-24 15:41 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2013-09-24 15:41 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2013-09-24 15:41 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2013-09-24 15:41 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2013-09-24 15:41 - 2012-07-15 21:13 - 00394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-09-24 15:41 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2013-09-24 15:41 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2013-09-24 15:41 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-09-24 15:41 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2013-09-24 15:41 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2013-09-24 15:41 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2013-09-24 15:41 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2013-09-24 15:41 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-09-24 15:41 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-09-24 15:41 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2013-09-24 15:41 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-09-24 15:41 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-09-24 15:41 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2013-09-24 15:41 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2013-09-24 15:41 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2013-09-24 15:41 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-09-24 15:41 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-09-24 15:41 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2013-09-24 15:41 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-09-24 15:41 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2013-09-24 15:41 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2013-09-24 15:41 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-09-24 15:40 - 2013-03-26 17:04 - 02734624 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2013-09-24 15:40 - 2013-03-23 03:43 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-09-24 15:40 - 2012-10-02 14:41 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2013-09-24 15:40 - 2012-10-02 14:41 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2013-09-24 15:40 - 2012-10-02 14:41 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2013-09-24 15:40 - 2012-06-20 17:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-09-24 15:40 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-09-24 15:40 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2013-09-24 15:34 - 2013-08-27 14:08 - 00883928 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt64win7.sys
2013-09-24 15:34 - 2013-08-27 14:08 - 00108760 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2013-09-24 15:34 - 2013-08-27 14:08 - 00074456 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2013-09-24 15:32 - 2013-09-24 15:32 - 00000000 ____D C:\ProgramData\ATI
2013-09-24 15:31 - 2013-09-24 15:31 - 00060777 _____ C:\Windows\SysWOW64\CCCInstall_201309241531329455.log
2013-09-24 15:31 - 2013-09-24 15:31 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-09-24 15:18 - 2013-09-24 15:24 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-24 15:11 - 2012-08-28 14:27 - 00058536 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys
2013-09-24 14:57 - 2013-09-24 14:57 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-24 14:57 - 2013-09-24 14:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-24 14:56 - 2013-09-24 14:56 - 00281896 _____ (Mozilla) C:\Users\*****\Downloads\Firefox Setup Stub 24.0.exe
2013-09-24 14:55 - 2013-09-24 14:55 - 00000000 ____D C:\Users\*****\AppData\Roaming\Win7codecs
2013-09-24 14:35 - 2013-09-24 14:35 - 00000000 ____D C:\Program Files (x86)\FinalWire
2013-09-24 14:34 - 2013-09-24 14:35 - 15273288 _____ (FinalWire Ltd.                                              ) C:\Users\*****\Downloads\aida64extreme320.exe
2013-09-20 17:36 - 2013-09-22 14:17 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-09-13 21:05 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-13 21:05 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-13 21:05 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-13 21:05 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-13 21:05 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-13 21:05 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-13 21:05 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-13 21:05 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-13 21:05 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-13 21:05 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-13 21:05 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-13 21:05 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-13 21:05 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-13 21:05 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-13 21:05 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-13 21:05 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-13 21:05 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-13 21:05 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-13 21:05 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-13 21:05 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-12 17:16 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-12 17:16 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-12 17:16 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-12 17:16 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-12 17:16 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-12 17:16 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-12 17:16 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-12 17:16 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-12 17:16 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-12 17:16 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-12 17:16 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-12 17:16 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-12 17:16 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-12 17:16 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-12 17:16 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-12 17:16 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-12 17:16 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-12 17:16 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-12 17:16 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-12 17:16 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-12 17:16 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-12 17:16 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-12 17:16 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-12 17:16 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-12 17:16 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-10 18:28 - 2013-09-20 14:28 - 03723656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-09-10 17:46 - 2013-09-13 21:05 - 00000000 ____D C:\Windows\system32\MRT
2013-08-31 02:14 - 2013-08-31 02:14 - 00125824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2013-08-31 02:14 - 2013-08-31 02:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2013-08-31 02:14 - 2013-08-31 02:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2013-08-31 02:14 - 2013-08-31 02:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2013-08-31 02:14 - 2013-08-31 02:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 08215992 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 07256496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 06767240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 06189416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 06176008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 01027544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 00114488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 00097984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2013-08-31 02:11 - 2013-08-31 02:11 - 12528640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2013-08-31 01:48 - 2013-08-31 01:48 - 00229376 _____ C:\Windows\system32\clinfo.exe
2013-08-31 01:48 - 2013-08-31 01:48 - 00127488 _____ (AMD) C:\Windows\system32\coinst_13.152.dll
2013-08-31 01:47 - 2013-08-31 01:47 - 28192256 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2013-08-31 01:47 - 2013-08-31 01:47 - 01187342 _____ C:\Windows\system32\amdocl_as64.exe
2013-08-31 01:47 - 2013-08-31 01:47 - 01061902 _____ C:\Windows\system32\amdocl_ld64.exe
2013-08-31 01:47 - 2013-08-31 01:47 - 00995342 _____ C:\Windows\SysWOW64\amdocl_as32.exe
2013-08-31 01:47 - 2013-08-31 01:47 - 00798734 _____ C:\Windows\SysWOW64\amdocl_ld32.exe
2013-08-31 01:47 - 2013-08-31 01:47 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2013-08-31 01:47 - 2013-08-31 01:47 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2013-08-31 01:47 - 2013-08-31 01:47 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2013-08-31 01:47 - 2013-08-31 01:47 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2013-08-31 01:45 - 2013-08-31 01:45 - 23760896 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2013-08-31 01:43 - 2013-08-31 01:43 - 00063488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-08-31 01:43 - 2013-08-31 01:43 - 00057344 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-08-31 01:35 - 2013-08-31 01:35 - 25387520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2013-08-31 01:18 - 2013-08-31 01:18 - 00530824 _____ C:\Windows\SysWOW64\atiapfxx.blb
2013-08-31 01:18 - 2013-08-31 01:18 - 00530824 _____ C:\Windows\system32\atiapfxx.blb
2013-08-31 01:18 - 2013-08-31 01:18 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2013-08-31 01:18 - 2013-08-31 01:18 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2013-08-31 01:18 - 2013-08-31 01:18 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2013-08-31 01:18 - 2013-08-31 01:18 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2013-08-31 01:18 - 2013-08-31 01:18 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2013-08-31 01:17 - 2013-08-31 01:17 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2013-08-31 01:14 - 2013-08-31 01:14 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2013-08-31 01:13 - 2013-08-31 01:13 - 21400064 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2013-08-31 01:04 - 2013-08-31 01:04 - 03388672 _____ C:\Windows\system32\atiumd6a.cap
2013-08-31 00:59 - 2013-08-31 00:59 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2013-08-31 00:58 - 2013-08-31 00:58 - 00571904 _____ (AMD) C:\Windows\system32\atieclxx.exe
2013-08-31 00:58 - 2013-08-31 00:58 - 00026112 _____ (AMD) C:\Windows\system32\atimuixx.dll
2013-08-31 00:57 - 2013-08-31 00:57 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2013-08-31 00:56 - 2013-08-31 00:56 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2013-08-31 00:50 - 2013-08-31 00:50 - 03422720 _____ C:\Windows\SysWOW64\atiumdva.cap
2013-08-31 00:33 - 2013-08-31 00:33 - 00784384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2013-08-31 00:33 - 2013-08-31 00:33 - 00594944 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2013-08-31 00:33 - 2013-08-31 00:33 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2013-08-31 00:32 - 2013-08-31 00:32 - 00618496 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2013-08-31 00:32 - 2013-08-31 00:32 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2013-08-31 00:32 - 2013-08-31 00:32 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2013-08-31 00:32 - 2013-08-31 00:32 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2013-08-31 00:32 - 2013-08-31 00:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2013-08-31 00:32 - 2013-08-31 00:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2013-08-30 19:58 - 2013-08-30 19:58 - 00051200 _____ C:\Windows\system32\kdbsdk64.dll
2013-08-30 19:53 - 2013-08-30 19:53 - 00038912 _____ C:\Windows\SysWOW64\kdbsdk32.dll
2013-08-27 21:06 - 2013-08-27 21:06 - 00233652 _____ C:\Windows\system32\ativvaxy_cik.dat
2013-08-27 19:27 - 2013-08-27 19:27 - 00082336 _____ C:\Windows\system32\ativce02.dat
2013-08-26 12:06 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-26 12:06 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-26 12:06 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-26 12:06 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-26 12:06 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-26 12:06 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-26 12:06 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-26 12:06 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-26 12:06 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-26 12:06 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-26 12:05 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-26 12:05 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-26 12:05 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-26 12:05 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-26 12:05 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-26 12:05 - 2013-06-15 06:35 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-08-26 12:05 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

2013-09-24 16:38 - 2013-09-24 16:38 - 00000000 ____D C:\FRST
2013-09-24 16:36 - 2013-09-24 16:13 - 00000112 _____ C:\Windows\setupact.log
2013-09-24 16:36 - 2013-09-24 15:48 - 00026402 _____ C:\Windows\WindowsUpdate.log
2013-09-24 16:36 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-24 16:35 - 2013-09-24 16:35 - 00000020 _____ C:\Users\*****\defogger_reenable
2013-09-24 16:35 - 2012-01-22 19:07 - 00000000 ___RD C:\Users\*****\Sicherheit
2013-09-24 16:35 - 2010-12-29 16:22 - 00000000 ____D C:\Users\*****
2013-09-24 16:28 - 2012-09-29 22:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-24 16:20 - 2009-07-14 06:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-24 16:20 - 2009-07-14 06:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-24 16:13 - 2013-09-24 16:13 - 00003722 _____ C:\Windows\PFRO.log
2013-09-24 16:13 - 2013-09-24 16:13 - 00000000 _____ C:\Windows\setuperr.log
2013-09-24 16:11 - 2012-09-29 16:41 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071852959-998558986-2337029572-1000UA.job
2013-09-24 16:04 - 2011-02-27 18:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-24 16:02 - 2013-02-10 11:39 - 00096256 ___SH C:\Users\*****\Thumbs.db
2013-09-24 15:48 - 2011-03-01 12:46 - 00000000 ____D C:\Windows\Minidump
2013-09-24 15:43 - 2013-09-24 15:42 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-09-24 15:39 - 2010-12-29 16:44 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-24 15:36 - 2010-12-29 16:44 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-09-24 15:32 - 2013-09-24 15:32 - 00000000 ____D C:\ProgramData\ATI
2013-09-24 15:31 - 2013-09-24 15:31 - 00060777 _____ C:\Windows\SysWOW64\CCCInstall_201309241531329455.log
2013-09-24 15:31 - 2013-09-24 15:31 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-09-24 15:31 - 2012-11-11 11:32 - 00000000 ____D C:\ProgramData\AMD
2013-09-24 15:30 - 2010-12-29 16:33 - 00000000 ____D C:\Program Files\ATI Technologies
2013-09-24 15:24 - 2013-09-24 15:18 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-24 15:22 - 2011-02-27 17:47 - 01584728 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-09-24 15:22 - 2009-07-14 19:58 - 00698986 _____ C:\Windows\system32\perfh007.dat
2013-09-24 15:22 - 2009-07-14 19:58 - 00149126 _____ C:\Windows\system32\perfc007.dat
2013-09-24 15:22 - 2009-07-14 07:13 - 01639746 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-24 14:57 - 2013-09-24 14:57 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-24 14:57 - 2013-09-24 14:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-24 14:57 - 2012-12-09 14:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-24 14:56 - 2013-09-24 14:56 - 00281896 _____ (Mozilla) C:\Users\*****\Downloads\Firefox Setup Stub 24.0.exe
2013-09-24 14:55 - 2013-09-24 14:55 - 00000000 ____D C:\Users\*****\AppData\Roaming\Win7codecs
2013-09-24 14:55 - 2010-12-30 13:53 - 00000000 ____D C:\ProgramData\Win7codecs
2013-09-24 14:35 - 2013-09-24 14:35 - 00000000 ____D C:\Program Files (x86)\FinalWire
2013-09-24 14:35 - 2013-09-24 14:34 - 15273288 _____ (FinalWire Ltd.                                              ) C:\Users\*****\Downloads\aida64extreme320.exe
2013-09-24 14:11 - 2012-09-29 16:41 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071852959-998558986-2337029572-1000Core.job
2013-09-24 13:59 - 2012-03-04 19:04 - 00000000 ____D C:\Users\*****\AppData\Roaming\GHISLER
2013-09-24 13:58 - 2012-02-10 11:52 - 00000000 ____D C:\Users\*****\AppData\Local\Samsung
2013-09-24 13:58 - 2012-02-09 13:50 - 00000000 ____D C:\ProgramData\Samsung
2013-09-24 13:55 - 2012-01-22 17:14 - 00000000 ____D C:\Program Files (x86)\Polar
2013-09-24 13:54 - 2013-01-01 17:17 - 00000000 ____D C:\ProgramData\BlueStacks
2013-09-24 13:54 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-09-24 13:51 - 2012-04-06 09:48 - 00000000 ____D C:\Users\*****\AppData\Local\Thunderbird
2013-09-24 13:44 - 2011-11-27 16:31 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-09-24 13:42 - 2012-05-16 11:39 - 00000000 ____D C:\Users\*****\AppData\Roaming\uTorrent
2013-09-22 14:17 - 2013-09-20 17:36 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-09-20 16:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-20 14:28 - 2013-09-10 18:28 - 03723656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-09-20 14:28 - 2012-09-29 22:58 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-20 14:28 - 2012-09-29 22:58 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-20 14:28 - 2011-11-18 12:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-13 21:28 - 2010-12-29 16:23 - 00000000 ___RD C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-13 21:28 - 2010-12-29 16:23 - 00000000 ___RD C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 21:28 - 2009-07-14 06:45 - 00340120 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 21:05 - 2013-09-10 17:46 - 00000000 ____D C:\Windows\system32\MRT
2013-09-13 21:02 - 2011-03-06 11:34 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-13 21:02 - 2011-01-09 16:49 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-11 16:59 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-31 02:14 - 2013-08-31 02:14 - 00125824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2013-08-31 02:14 - 2013-08-31 02:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2013-08-31 02:14 - 2013-08-31 02:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2013-08-31 02:14 - 2013-08-31 02:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2013-08-31 02:14 - 2013-08-31 02:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2013-08-31 02:14 - 2010-11-26 04:16 - 00142792 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 08215992 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 07256496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 06767240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 06189416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 06176008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 01027544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 00114488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 00097984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2013-08-31 02:13 - 2010-11-26 04:57 - 01233080 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2013-08-31 02:13 - 2010-11-26 04:40 - 09464840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2013-08-31 02:11 - 2013-08-31 02:11 - 12528640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2013-08-31 01:48 - 2013-08-31 01:48 - 00229376 _____ C:\Windows\system32\clinfo.exe
2013-08-31 01:48 - 2013-08-31 01:48 - 00127488 _____ (AMD) C:\Windows\system32\coinst_13.152.dll
2013-08-31 01:47 - 2013-08-31 01:47 - 28192256 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2013-08-31 01:47 - 2013-08-31 01:47 - 01187342 _____ C:\Windows\system32\amdocl_as64.exe
2013-08-31 01:47 - 2013-08-31 01:47 - 01061902 _____ C:\Windows\system32\amdocl_ld64.exe
2013-08-31 01:47 - 2013-08-31 01:47 - 00995342 _____ C:\Windows\SysWOW64\amdocl_as32.exe
2013-08-31 01:47 - 2013-08-31 01:47 - 00798734 _____ C:\Windows\SysWOW64\amdocl_ld32.exe
2013-08-31 01:47 - 2013-08-31 01:47 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2013-08-31 01:47 - 2013-08-31 01:47 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2013-08-31 01:47 - 2013-08-31 01:47 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2013-08-31 01:47 - 2013-08-31 01:47 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2013-08-31 01:45 - 2013-08-31 01:45 - 23760896 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2013-08-31 01:43 - 2013-08-31 01:43 - 00063488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-08-31 01:43 - 2013-08-31 01:43 - 00057344 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-08-31 01:35 - 2013-08-31 01:35 - 25387520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2013-08-31 01:18 - 2013-08-31 01:18 - 00530824 _____ C:\Windows\SysWOW64\atiapfxx.blb
2013-08-31 01:18 - 2013-08-31 01:18 - 00530824 _____ C:\Windows\system32\atiapfxx.blb
2013-08-31 01:18 - 2013-08-31 01:18 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2013-08-31 01:18 - 2013-08-31 01:18 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2013-08-31 01:18 - 2013-08-31 01:18 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2013-08-31 01:18 - 2013-08-31 01:18 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2013-08-31 01:18 - 2013-08-31 01:18 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2013-08-31 01:17 - 2013-08-31 01:17 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2013-08-31 01:14 - 2013-08-31 01:14 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2013-08-31 01:13 - 2013-08-31 01:13 - 21400064 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2013-08-31 01:04 - 2013-08-31 01:04 - 03388672 _____ C:\Windows\system32\atiumd6a.cap
2013-08-31 00:59 - 2013-08-31 00:59 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2013-08-31 00:58 - 2013-08-31 00:58 - 00571904 _____ (AMD) C:\Windows\system32\atieclxx.exe
2013-08-31 00:58 - 2013-08-31 00:58 - 00026112 _____ (AMD) C:\Windows\system32\atimuixx.dll
2013-08-31 00:57 - 2013-08-31 00:57 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2013-08-31 00:56 - 2013-08-31 00:56 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2013-08-31 00:50 - 2013-08-31 00:50 - 03422720 _____ C:\Windows\SysWOW64\atiumdva.cap
2013-08-31 00:33 - 2013-08-31 00:33 - 00784384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2013-08-31 00:33 - 2013-08-31 00:33 - 00594944 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2013-08-31 00:33 - 2013-08-31 00:33 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2013-08-31 00:32 - 2013-08-31 00:32 - 00618496 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2013-08-31 00:32 - 2013-08-31 00:32 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2013-08-31 00:32 - 2013-08-31 00:32 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2013-08-31 00:32 - 2013-08-31 00:32 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2013-08-31 00:32 - 2013-08-31 00:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2013-08-31 00:32 - 2013-08-31 00:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2013-08-30 19:58 - 2013-08-30 19:58 - 00051200 _____ C:\Windows\system32\kdbsdk64.dll
2013-08-30 19:53 - 2013-08-30 19:53 - 00038912 _____ C:\Windows\SysWOW64\kdbsdk32.dll
2013-08-27 21:06 - 2013-08-27 21:06 - 00233652 _____ C:\Windows\system32\ativvaxy_cik.dat
2013-08-27 19:27 - 2013-08-27 19:27 - 00082336 _____ C:\Windows\system32\ativce02.dat
2013-08-27 14:08 - 2013-09-24 15:34 - 00883928 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt64win7.sys
2013-08-27 14:08 - 2013-09-24 15:34 - 00108760 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2013-08-27 14:08 - 2013-09-24 15:34 - 00074456 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2013-08-26 11:58 - 2011-01-14 19:06 - 00000000 ____D C:\Program Files\Lx_cats

Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\SpotifyUninstall.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-21 12:56

==================== End Of Log ============================
         

Addition Log

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-09-2013
Ran by ***** at 2013-09-24 16:40:28
Running from C:\Users\*****\Sicherheit
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04)
AGEIA PhysX v7.07.24 (x32 Version: 7.07.24)
AIDA64 Extreme Edition v3.20 (x32 Version: 3.20)
Alt.Binz 0.39.4 (x32 Version: 0.39.4)
AMD Accelerated Video Transcoding (Version: 13.15.100.30830)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589)
AMD Catalyst Install Manager (Version: 8.0.915.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2013.0830.1944.33589)
AMD Media Foundation Decoders (Version: 1.0.80830.1925)
Amnesia - The Dark Descent  (x32 Version: 1.0.0)
Assassin's Creed (x32 Version: 1.00)
ATI AVIVO64 Codecs (Version: 11.6.0.51125)
ATI Problem Report Wizard (Version: 3.0.804.0)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.7)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32)
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7)
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589)
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589)
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589)
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589)
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589)
CCC Help Czech (x32 Version: 2013.0830.1943.33589)
CCC Help Danish (x32 Version: 2013.0830.1943.33589)
CCC Help Dutch (x32 Version: 2013.0830.1943.33589)
CCC Help English (x32 Version: 2013.0830.1943.33589)
CCC Help Finnish (x32 Version: 2013.0830.1943.33589)
CCC Help French (x32 Version: 2013.0830.1943.33589)
CCC Help German (x32 Version: 2013.0830.1943.33589)
CCC Help Greek (x32 Version: 2013.0830.1943.33589)
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589)
CCC Help Italian (x32 Version: 2013.0830.1943.33589)
CCC Help Japanese (x32 Version: 2013.0830.1943.33589)
CCC Help Korean (x32 Version: 2013.0830.1943.33589)
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589)
CCC Help Polish (x32 Version: 2013.0830.1943.33589)
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589)
CCC Help Russian (x32 Version: 2013.0830.1943.33589)
CCC Help Spanish (x32 Version: 2013.0830.1943.33589)
CCC Help Swedish (x32 Version: 2013.0830.1943.33589)
CCC Help Thai (x32 Version: 2013.0830.1943.33589)
CCC Help Turkish (x32 Version: 2013.0830.1943.33589)
ccc-utility64 (Version: 2013.0830.1944.33589)
CCleaner (Version: 3.03)
CDBurnerXP (x32 Version: 4.4.1.3099)
Cinergy S USB V1.04.02.04 (x32 Version: 1.04.02.04)
Cold War Crisis Release 1.5 (x32 Version: Release 1.5)
Command & Conquer Generals (x32 Version: 0.50.0000)
Command and ConquerTM Generals Zero Hour (x32 Version: 1.00.0000)
Counter-Strike 1.6 DiGiTALZONE (x32)
Crazy Machines II (x32 Version: 1.00)
Crysis WARHEAD(R) (x32 Version: 1.0)
Crysis WARHEAD(R) (x32)
Crysis(R) (x32 Version: 1.20.0000)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Defraggler (Version: 2.02)
DIE SIEDLER - Das Erbe der Könige - Gold Edition (x32 Version: 1.00.0000)
Easy Tune 6 B10.0516.1 (x32 Version: 1.00.0000)
Epson Easy Photo Print 2 (x32 Version: 2.2.4.0)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (x32 Version: 1.00.0000)
EPSON Scan (x32)
EPSON SX130 Series Printer Uninstall
FIFA 13 (x32 Version: 1.5.0.0)
Gigabyte Raid Configurer (x32 Version: 1.00.0001)
Google Chrome (HKCU Version: 29.0.1547.76)
Hama Webcam AC-150 (x32 Version: Hama Webcam AC-150)
HijackThis 2.0.2 (x32 Version: 2.0.2)
ImgBurn (x32 Version: 2.5.6.0)
IrfanView (remove only) (x32 Version: 4.32)
Java Auto Updater (x32 Version: 2.0.7.1)
Java(TM) 6 Update 35 (x32 Version: 6.0.350)
Lexmark 3300 Series
Lexmark Fax-Lösungen
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliType Pro 7.0 (Version: 7.0.260.0)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.3.0215.0)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 4.3.215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0)
mIRC (x32 Version: 7.22)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0)
ON_OFF Charge B10.0427.1 (x32 Version: 1.00.0001)
PlanetSide 2 (2) (HKCU Version: 1.0.3.183)
PlanetSide 2 PSG (HKCU Version: 1.0.3.183)
Pro Evolution Soccer 2013 (x32 Version: 1.00.0000)
Realtek Ethernet Controller Driver (x32 Version: 7.75.827.2013)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6034)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6873)
S.T.A.L.K.E.R. - Clear Sky (x32 Version: 1.0001)
SAMSUNG USB Driver for Mobile Phones (Version: 1.4.103.0)
Skispringen 2007 (x32)
Sniper - Art of Victory (x32)
SopCast 3.5.0 (x32 Version: 3.5.0)
StarCraft II (x32 Version: 1.0.0.16117)
TeamSpeak 3 Client (x32 Version: 3.0.6)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2494150) (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
VLC media player 2.0.0 (x32 Version: 2.0.0)
Win7codecs (x32 Version: 2.7.1)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0)
WinRAR 4.01 (64-Bit) (Version: 4.01.0)
XSManager (x32 Version: 3.0)

==================== Restore Points  =========================

10-09-2013 18:21:33 Windows Update
12-09-2013 18:42:09 Windows Update
13-09-2013 18:47:00 Windows Update
18-09-2013 15:52:21 Windows Update
22-09-2013 11:40:28 Windows Update
24-09-2013 11:52:12 Removed Notification Center
24-09-2013 11:55:02 Removed Polar Daemon.
24-09-2013 11:55:24 Removed Polar WebSync.
24-09-2013 11:57:06 Removed Samsung Kies
24-09-2013 11:59:56 WER WIRD MILLIONÄR VIERTE EDITION wird entfernt
24-09-2013 12:55:41 SiSoftware Sandra Lite
24-09-2013 13:18:06 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
24-09-2013 13:24:38 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
24-09-2013 13:33:52 Entfernt Realtek Ethernet Controller Driver
24-09-2013 13:34:31 Installiert Realtek Ethernet Controller Driver

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {159AA9AD-6F40-4717-B1B5-527D1F778A9B} - System32\Tasks\{A752A1DF-7355-4BA8-8620-9550E8FFB555} => C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe [2007-11-11] (Crytek GmbH)
Task: {5CD63A29-D66F-4D11-A6A1-F9F437C9714B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {5E62CEDF-C2DA-4731-9BDC-DC18BAA7BBCF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20] (Adobe Systems Incorporated)
Task: {6431D238-BA4B-49B9-AE0A-93EF8D598317} - System32\Tasks\{24C69FE3-49D3-4297-B8F7-2CE8DEEBE81F} => C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe [2007-11-11] (Crytek GmbH)
Task: {644E1B77-43A7-4173-B993-490427384072} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-05-21] (Microsoft Corporation)
Task: {761A72C1-5FC9-4FCA-A439-2F6D389C37FA} - System32\Tasks\{6DE7DD77-671E-407C-8567-B9F93AD89618} => C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\LaunchPad.exe [2013-03-05] (Sony Online Entertainment)
Task: {A619AC91-90A1-4DBC-BFBF-C02945915525} - \DealPlyUpdate No Task File
Task: {A95F15A7-58CA-4036-B222-F38024FFD8A8} - System32\Tasks\{5FCB2E70-3758-4377-9DDD-414BB2757FD4} => C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe [2007-11-11] (Crytek GmbH)
Task: {C4F7C3DB-C4D1-4442-928D-0159EA612900} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4071852959-998558986-2337029572-1000UA => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-29] (Google Inc.)
Task: {F911B24B-02FD-4C18-AB78-90BEAF0BBE3B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4071852959-998558986-2337029572-1000Core => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-29] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071852959-998558986-2337029572-1000Core.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071852959-998558986-2337029572-1000UA.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-09-17 17:43 - 2009-08-24 10:10 - 00430592 _____ (SEIKO EPSON CORPORATION / CyCom Technology Corp.) C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
2009-07-14 02:22 - 2009-07-14 03:38 - 00081408 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm
2011-11-27 16:12 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2011-01-03 12:29 - 2011-01-03 12:29 - 00178800 _____ (Sony DADC Austria AG.) c:\windows\SysWOW64\cmdlineext_x64.dll
2013-08-30 19:46 - 2013-08-30 19:46 - 00037888 _____ (AMD) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\FUEL.ImplementationNet4.dll
2013-08-30 19:47 - 2013-08-30 19:47 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-09-12 17:16 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-12 17:16 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\syswow64\kernel32.dll
2013-09-12 17:16 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\syswow64\KERNELBASE.dll
2012-02-18 17:52 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\syswow64\msvcrt.dll
2011-07-23 10:15 - 2010-11-20 14:08 - 00311296 _____ (Microsoft Corporation) C:\Windows\syswow64\GDI32.dll
2011-07-23 10:15 - 2010-11-20 14:08 - 00833024 _____ (Microsoft Corporation) C:\Windows\syswow64\USER32.dll
2011-07-23 10:15 - 2010-11-20 14:18 - 00640512 _____ (Microsoft Corporation) C:\Windows\syswow64\ADVAPI32.dll
2009-07-14 01:11 - 2009-07-14 03:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2013-08-26 12:05 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\syswow64\RPCRT4.dll
2012-09-15 09:42 - 2012-06-02 06:34 - 00096768 _____ (Microsoft Corporation) C:\Windows\syswow64\SspiCli.dll
2009-07-14 01:12 - 2009-07-14 03:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\syswow64\CRYPTBASE.dll
2009-07-14 01:25 - 2009-07-14 03:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\syswow64\LPK.dll
2011-07-23 10:15 - 2010-11-20 14:21 - 00626176 _____ (Microsoft Corporation) C:\Windows\syswow64\USP10.dll
2011-07-23 10:15 - 2010-11-20 14:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\syswow64\SHLWAPI.dll
2011-07-23 10:15 - 2010-11-20 14:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\syswow64\SETUPAPI.dll
2011-07-22 12:52 - 2011-05-24 12:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\syswow64\CFGMGR32.dll
2011-10-14 19:51 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\syswow64\OLEAUT32.dll
2011-07-23 10:15 - 2010-11-20 14:20 - 01414144 _____ (Microsoft Corporation) C:\Windows\syswow64\ole32.dll
2011-07-22 12:52 - 2011-05-24 12:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\syswow64\DEVOBJ.dll
2013-09-12 17:16 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\syswow64\SHELL32.dll
2009-07-14 01:28 - 2009-07-14 03:15 - 00828928 _____ (Microsoft Corporation) C:\Windows\syswow64\MSCTF.dll
2011-07-23 10:15 - 2010-11-20 14:21 - 00269824 _____ (Microsoft Corporation) C:\Windows\syswow64\WLDAP32.dll
2013-08-26 12:06 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\syswow64\WINTRUST.dll
2013-08-26 12:06 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\syswow64\CRYPT32.dll
2011-07-23 10:15 - 2010-11-20 14:19 - 00034304 _____ (Microsoft Corporation) C:\Windows\syswow64\MSASN1.dll
2011-07-23 10:15 - 2010-11-20 14:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\syswow64\WS2_32.dll
2009-07-14 01:12 - 2009-07-14 03:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\syswow64\NSI.dll
2013-09-24 14:57 - 2013-09-11 04:26 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2009-07-14 01:15 - 2009-07-14 03:16 - 00006144 _____ (Microsoft Corporation) C:\Windows\syswow64\PSAPI.DLL
2009-07-14 01:44 - 2009-07-14 03:15 - 00522240 _____ (Microsoft Corporation) C:\Windows\syswow64\CLBCatQ.DLL
2013-09-13 21:05 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\syswow64\WININET.dll
2009-07-14 01:15 - 2009-07-14 03:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\syswow64\normaliz.DLL
2013-09-13 21:05 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\syswow64\iertutil.dll
2011-07-23 10:15 - 2010-11-20 14:18 - 00485888 _____ (Microsoft Corporation) C:\Windows\syswow64\COMDLG32.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/24/2013 04:02:38 PM) (Source: Application Hang) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 694

Startzeit: 01ceb92c4e849e9b

Endzeit: 31

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: efde515a-2521-11e3-8c78-1c6f6582f198

Error: (09/23/2013 09:11:15 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PlanetSide2.exe, Version: 0.0.0.0, Zeitstempel: 0x5233a3bb
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x1310
Startzeit der fehlerhaften Anwendung: 0xPlanetSide2.exe0
Pfad der fehlerhaften Anwendung: PlanetSide2.exe1
Pfad des fehlerhaften Moduls: PlanetSide2.exe2
Berichtskennung: PlanetSide2.exe3

Error: (09/22/2013 08:32:01 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PlanetSide2.exe, Version: 0.0.0.0, Zeitstempel: 0x5233a3bb
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x988
Startzeit der fehlerhaften Anwendung: 0xPlanetSide2.exe0
Pfad der fehlerhaften Anwendung: PlanetSide2.exe1
Pfad des fehlerhaften Moduls: PlanetSide2.exe2
Berichtskennung: PlanetSide2.exe3

Error: (09/22/2013 05:45:10 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (09/22/2013 03:35:10 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PlanetSide2.exe, Version: 0.0.0.0, Zeitstempel: 0x5233a3bb
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0xc80
Startzeit der fehlerhaften Anwendung: 0xPlanetSide2.exe0
Pfad der fehlerhaften Anwendung: PlanetSide2.exe1
Pfad des fehlerhaften Moduls: PlanetSide2.exe2
Berichtskennung: PlanetSide2.exe3

Error: (09/22/2013 10:55:07 AM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (09/21/2013 02:59:25 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (09/21/2013 02:55:45 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PlanetSide2.exe, Version: 0.0.0.0, Zeitstempel: 0x5233a3bb
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0xdbc
Startzeit der fehlerhaften Anwendung: 0xPlanetSide2.exe0
Pfad der fehlerhaften Anwendung: PlanetSide2.exe1
Pfad des fehlerhaften Moduls: PlanetSide2.exe2
Berichtskennung: PlanetSide2.exe3

Error: (09/21/2013 00:11:36 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (09/20/2013 08:59:43 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PlanetSide2.exe, Version: 0.0.0.0, Zeitstempel: 0x5233a3bb
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x1064
Startzeit der fehlerhaften Anwendung: 0xPlanetSide2.exe0
Pfad der fehlerhaften Anwendung: PlanetSide2.exe1
Pfad des fehlerhaften Moduls: PlanetSide2.exe2
Berichtskennung: PlanetSide2.exe3


System errors:
=============
Error: (09/24/2013 04:15:01 PM) (Source: Service Control Manager) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/24/2013 03:57:05 PM) (Source: Service Control Manager) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/24/2013 03:07:32 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎24.‎09.‎2013 um 15:05:39 unerwartet heruntergefahren.

Error: (09/24/2013 02:03:23 PM) (Source: Service Control Manager) (User: )
Description: Dienst "JMB36X" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/24/2013 02:03:16 PM) (Source: Service Control Manager) (User: )
Description: Dienst "XS Stick Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/24/2013 01:42:12 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Polar Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/24/2013 01:41:54 PM) (Source: Service Control Manager) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/22/2013 05:45:10 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (09/22/2013 05:44:44 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎22.‎09.‎2013 um 17:42:31 unerwartet heruntergefahren.

Error: (09/22/2013 01:28:30 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.159.415.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.3.0215.00

	Quellpfad: 4.3.0215.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608


Microsoft Office Sessions:
=========================
Error: (09/24/2013 04:02:38 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.1.7601.1751469401ceb92c4e849e9b31C:\Windows\Explorer.EXEefde515a-2521-11e3-8c78-1c6f6582f198

Error: (09/23/2013 09:11:15 PM) (Source: Application Error)(User: )
Description: PlanetSide2.exe0.0.0.05233a3bbKERNELBASE.dll6.1.7601.1822951fb1116c00000050000c41f131001ceb8750a854127C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\PlanetSide2.exeC:\Windows\syswow64\KERNELBASE.dllea33e047-2483-11e3-9de2-1c6f6582f198

Error: (09/22/2013 08:32:01 PM) (Source: Application Error)(User: )
Description: PlanetSide2.exe0.0.0.05233a3bbKERNELBASE.dll6.1.7601.1822951fb1116c00000050000c41f98801ceb7ab3e439f7aC:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\PlanetSide2.exeC:\Windows\syswow64\KERNELBASE.dll44fb1a2c-23b5-11e3-a097-1c6f6582f198

Error: (09/22/2013 05:45:10 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (09/22/2013 03:35:10 PM) (Source: Application Error)(User: )
Description: PlanetSide2.exe0.0.0.05233a3bbKERNELBASE.dll6.1.7601.1822951fb1116c00000050000c41fc8001ceb78c558f4044C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\PlanetSide2.exeC:\Windows\syswow64\KERNELBASE.dllccc120e2-238b-11e3-aec1-1c6f6582f198

Error: (09/22/2013 10:55:07 AM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (09/21/2013 02:59:25 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (09/21/2013 02:55:45 PM) (Source: Application Error)(User: )
Description: PlanetSide2.exe0.0.0.05233a3bbKERNELBASE.dll6.1.7601.1822951fb1116c00000050000c41fdbc01ceb6ba8beedc33C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\PlanetSide2.exeC:\Windows\syswow64\KERNELBASE.dll207be4bb-22bd-11e3-8acb-1c6f6582f198

Error: (09/21/2013 00:11:36 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (09/20/2013 08:59:43 PM) (Source: Application Error)(User: )
Description: PlanetSide2.exe0.0.0.05233a3bbKERNELBASE.dll6.1.7601.1822951fb1116c00000050000c41f106401ceb630711e67b7C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\PlanetSide2.exeC:\Windows\syswow64\KERNELBASE.dllcea7602c-2226-11e3-8aa2-1c6f6582f198


==================== Memory info =========================== 

Percentage of memory in use: 36%
Total physical RAM: 4093.55 MB
Available physical RAM: 2618.32 MB
Total Pagefile: 8185.29 MB
Available Pagefile: 6532.53 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:365.66 GB) (Free:134.94 GB) NTFS
Drive d: () (Fixed) (Total:100 GB) (Free:99.58 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 55DA9CB0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=366 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=100 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

GMER Log

Code:
ATTFilter
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-09-24 16:55:53
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000AAKX-001CA0 rev.15.01H15 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\JRG~1\AppData\Local\Temp\kxldypod.sys


---- Threads - GMER 2.1 ----

Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3200:1560]                                              0000000077823e85
Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3200:2144]                                              0000000075507587
Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3200:3212]                                              000000007277758a
Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3200:3980]                                              0000000077822e65
Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3200:964]                                               0000000077823e85
Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3200:4780]                                              0000000077823e85

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04                                    
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                 1
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                              0xFF 0x7E 0x47 0xCE ...
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                    
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                 C:\Program Files (x86)\DAEMON Tools Lite\
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                 0x00 0x00 0x00 0x00 ...
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                 0
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0x5A 0xE7 0xB5 0xD5 ...
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                           
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0x20 0x01 0x00 0x00 ...
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                     0x05 0xFA 0x8D 0xC1 ...
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                      
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0x36 0x80 0xC3 0x2D ...
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1                      
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12                0x36 0x80 0xC3 0x2D ...
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)                
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                     1
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                  0xFF 0x7E 0x47 0xCE ...
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                     C:\Program Files (x86)\DAEMON Tools Lite\
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                     0x00 0x00 0x00 0x00 ...
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                     0
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x5A 0xE7 0xB5 0xD5 ...
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)       
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                         0x05 0xFA 0x8D 0xC1 ...
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)  
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0x36 0x80 0xC3 0x2D ...
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)  
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12                    0x36 0x80 0xC3 0x2D ...

---- EOF - GMER 2.1 ----
         
Malwarebytes Log

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.24.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
***** :: *****-PC [Administrator]

24.09.2013 16:06:04
mbam-log-2013-09-24 (16-06-04).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 223236
Laufzeit: 5 Minute(n), 4 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 14
HKCR\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB} (PUP.Optional.BabylonToolBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\delta LTD (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\DEALPLY (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Google\Chrome\Extensions\bgnnidmnbdkmhfkjgdnngciimpdgohok (PUP.Optional.ATDheNetTVAp.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 3
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: 11111111 -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\DealPly|ChromeCrxPath (PUP.Optional.DealPly.A) -> Daten: C:\Program Files (x86)\DealPly\DealPly.crx -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: 11111111 -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Bösartig: (hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=06d5fd690000000000001c6f6582f198) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 4
C:\Users\*****\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 9
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\*****\Downloads\DTLite4461-0328.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Public\Downloads\DTLite4461-0328.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\*****\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage (PUP.Optional.BrowserDefender.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
Mit freundlichen Grüßen

Alt 24.09.2013, 17:28   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 64bit: PC langsam und 50000 .tmp Datein - Standard

Windows 7 64bit: PC langsam und 50000 .tmp Datein



hi,

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________

__________________

Alt 25.09.2013, 12:24   #3
AuroraXF
 
Windows 7 64bit: PC langsam und 50000 .tmp Datein - Standard

Windows 7 64bit: PC langsam und 50000 .tmp Datein



ADWCleaner Log

Code:
ATTFilter
# AdwCleaner v3.005 - Bericht erstellt am 25/09/2013 um 12:56:59
# Updated 22/09/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : ***** - *****-PC
# Gestartet von : C:\Users\*****\Sicherheit\adwcleaner\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : Yontoo Desktop Updater

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Program Files (x86)\Gophoto.it
Ordner Gelöscht : C:\Users\*****\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\*****\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\*****\AppData\Local\PutLockerDownloader
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movie2KDownloader.com
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\jetpack
Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\bProtector_extensions.rdf
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Movie2KDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKCU\Software\5b08adce268ea48
Schlüssel Gelöscht : HKLM\SOFTWARE\5b08adce268ea48
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\SimplyGen
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16686

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]

-\\ Mozilla Firefox v24.0 (de)

[ Datei : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultengine", "Web Search");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Delta Search");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", true);
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.delta-search.com/?affID=119816&babsrc=NT_ss&mntrId=06d5fd690000000000001c6f6582f198");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.bbDpng", "25");
Zeile gelöscht : user_pref("extensions.delta.cntry", "DE");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.hdrMd5", "F87317787A2762A8601D437A95E4FCC2");
Zeile gelöscht : user_pref("extensions.delta.id", "06d5fd690000000000001c6f6582f198");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15762");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.lastVrsnTs", "1.8.10.021:41:36");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.sg", "azb");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.10.0");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.10.010:48:15");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.10.0");
Zeile gelöscht : user_pref("extensions.ffxtlbr@delta.com.install-event-fired", true);

-\\ Google Chrome v

[ Datei : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [9776 octets] - [25/09/2013 12:54:46]
AdwCleaner[S0].txt - [8482 octets] - [25/09/2013 12:56:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8542 octets] ##########
         

JRT Log

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.2 (09.22.2013:1)
OS: Windows 7 Ultimate x64
Ran by ***** on 25.09.2013 at 13:04:03,49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4071852959-998558986-2337029572-1000\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\firstrowsportapp.com"



~~~ FireFox

Emptied folder: C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\vz4gw313.default\minidumps [19 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.09.2013 at 13:08:16,83
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Log


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2013
Ran by ***** (administrator) on *****-PC on 25-09-2013 13:11:31
Running from C:\Users\*****\Sicherheit\FRST64
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
( ) C:\Windows\system32\lxcccoms.exe
() C:\Program Files (x86)\XSManager\WTGService.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [2342800 2009-05-21] (Microsoft Corporation)
HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
MountPoints2: {c48b0436-419b-11e0-a6b2-1c6f6582f198} - J:\autorun.exe
MountPoints2: {d525353d-140b-11e0-b1b7-1c6f6582f198} - G:\autorun.exe
MountPoints2: {e2e74cab-2069-11e2-a9db-1c6f6582f198} - I:\autorun.exe
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKU\Administrator\...\Run: [ISUSPM Startup] - C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\Administrator\...\Run: [Google Update] - C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-29] (Google Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3B13C14D8C9ECD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_35 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\*****\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\*****\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: No Name - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vz4gw313.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

Chrome: 
=======
CHR RestoreOnStartup: "hxxp://www.google.de/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\J\u00F6rg\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\J\u00F6rg\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\J\u00F6rg\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Google Update) - C:\Users\J\u00F6rg\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (Wetter von wetter.com) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgapkfcninhaogfjjoohaleiclbhjmnp\1.21_0
CHR Extension: (YouTube) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0
CHR Extension: (Google Search) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\JRG~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
S2 KMService; C:\Windows\SysWow64\srvany.exe [8192 2003-04-18] ()
R2 lxcc_device; C:\Windows\system32\lxcccoms.exe [566704 2007-03-26] ( )
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [329168 2010-04-12] ()
S2 XS Stick Service; C:\Windows\service4g.exe [x]

==================== Drivers (Whitelisted) ====================

S3 AODDriver; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
S3 AODDriver; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57512 2012-11-20] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-12-30] ()
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2011-02-26] (Mobile Connector)
S3 DVBUSB_0064_Sevice; C:\Windows\System32\DRIVERS\usb_0064.sys [170016 2008-04-08] ()
S3 gdrv; C:\Windows\gdrv.sys [25640 2011-01-16] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2011-01-16] (Windows (R) Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-01-16] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-01-16] ()
S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-12-30] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10693120 2007-10-16] (Sonix Co. Ltd.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2012-04-08] (Duplex Secure Ltd.)
S3 vhidmini; C:\Windows\System32\DRIVERS\vjoy.sys [15104 2012-10-15] (Headsoft)
S3 ALSysIO; \??\C:\Users\JRG~1\AppData\Local\Temp\ALSysIO64.sys [x]
S3 OSFMount; \??\C:\Program Files\OSFMount\OSFMount.sys [x]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013\WNt500x64\Sandra.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-25 13:08 - 2013-09-25 13:08 - 00001532 _____ C:\Users\*****\Desktop\JRT.txt
2013-09-25 13:03 - 2013-09-25 13:03 - 00001443 _____ C:\Users\*****\Desktop\JRT.exe - Verknüpfung.lnk
2013-09-25 13:03 - 2013-09-25 13:03 - 00000000 ____D C:\Windows\ERUNT
2013-09-25 12:54 - 2013-09-25 12:57 - 00000000 ____D C:\AdwCleaner
2013-09-24 16:38 - 2013-09-24 16:38 - 00000000 ____D C:\FRST
2013-09-24 16:35 - 2013-09-24 16:35 - 00000020 _____ C:\Users\*****\defogger_reenable
2013-09-24 16:13 - 2013-09-25 12:59 - 00001008 _____ C:\Windows\setupact.log
2013-09-24 16:13 - 2013-09-24 16:13 - 00003722 _____ C:\Windows\PFRO.log
2013-09-24 16:13 - 2013-09-24 16:13 - 00000000 _____ C:\Windows\setuperr.log
2013-09-24 15:48 - 2013-09-25 12:58 - 00158771 _____ C:\Windows\WindowsUpdate.log
2013-09-24 15:42 - 2013-09-24 15:43 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-09-24 15:41 - 2013-03-29 21:42 - 03379272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-09-24 15:41 - 2013-03-29 18:04 - 21170176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2013-09-24 15:41 - 2013-03-29 17:52 - 00914992 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-09-24 15:41 - 2013-03-29 17:10 - 00449481 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-09-24 15:41 - 2013-03-27 16:57 - 00135240 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-09-24 15:41 - 2013-03-26 17:06 - 02797128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-09-24 15:41 - 2013-03-26 15:40 - 03693128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-09-24 15:41 - 2013-03-26 14:38 - 01659464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-09-24 15:41 - 2013-03-25 17:32 - 03180264 _____ C:\Windows\system32\Drivers\rtvienna.dat
2013-09-24 15:41 - 2013-03-20 13:17 - 09123608 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2013-09-24 15:41 - 2013-03-20 13:16 - 02102040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2013-09-24 15:41 - 2013-03-20 13:16 - 01900312 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2013-09-24 15:41 - 2013-03-20 13:16 - 00910104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-09-24 15:41 - 2013-03-15 19:34 - 04957976 _____ (A-volute) C:\Windows\system32\RTKSMlfx.dll
2013-09-24 15:41 - 2013-03-15 19:33 - 00887640 _____ (A-Volute) C:\Windows\system32\RTKSMSettingsIPC.dll
2013-09-24 15:41 - 2013-03-12 18:16 - 00613448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2013-09-24 15:41 - 2013-03-08 12:51 - 00904752 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2013-09-24 15:41 - 2013-02-28 13:10 - 14021912 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2013-09-24 15:41 - 2013-02-28 13:10 - 02032408 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2013-09-24 15:41 - 2013-02-27 05:37 - 00823072 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2013-09-24 15:41 - 2013-02-27 05:37 - 00633632 _____ (SRS Labs, Inc.) C:\Windows\system32\sltech64.dll
2013-09-24 15:41 - 2013-02-27 05:37 - 00517408 _____ (SRS Labs, Inc.) C:\Windows\system32\sl3apo64.dll
2013-09-24 15:41 - 2013-02-27 05:37 - 00213792 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2013-09-24 15:41 - 2013-02-21 17:26 - 00858032 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2013-09-24 15:41 - 2013-02-21 17:26 - 00148912 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2013-09-24 15:41 - 2013-02-21 17:25 - 00569256 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2013-09-24 15:41 - 2013-02-20 18:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-09-24 15:41 - 2013-02-19 18:52 - 00991816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-09-24 15:41 - 2013-01-17 19:32 - 00719640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2013-09-24 15:41 - 2012-12-12 11:17 - 00395208 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-09-24 15:41 - 2012-09-10 20:06 - 00612728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2013-09-24 15:41 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2013-09-24 15:41 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2013-09-24 15:41 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2013-09-24 15:41 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2013-09-24 15:41 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2013-09-24 15:41 - 2012-07-15 21:13 - 00394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-09-24 15:41 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2013-09-24 15:41 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2013-09-24 15:41 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-09-24 15:41 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2013-09-24 15:41 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2013-09-24 15:41 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2013-09-24 15:41 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2013-09-24 15:41 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-09-24 15:41 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-09-24 15:41 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2013-09-24 15:41 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-09-24 15:41 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-09-24 15:41 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2013-09-24 15:41 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2013-09-24 15:41 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2013-09-24 15:41 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-09-24 15:41 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-09-24 15:41 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2013-09-24 15:41 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-09-24 15:41 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2013-09-24 15:41 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2013-09-24 15:41 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-09-24 15:40 - 2013-03-26 17:04 - 02734624 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2013-09-24 15:40 - 2013-03-23 03:43 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-09-24 15:40 - 2012-10-02 14:41 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2013-09-24 15:40 - 2012-10-02 14:41 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2013-09-24 15:40 - 2012-10-02 14:41 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2013-09-24 15:40 - 2012-06-20 17:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-09-24 15:40 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-09-24 15:40 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2013-09-24 15:40 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2013-09-24 15:34 - 2013-08-27 14:08 - 00883928 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt64win7.sys
2013-09-24 15:34 - 2013-08-27 14:08 - 00108760 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2013-09-24 15:34 - 2013-08-27 14:08 - 00074456 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2013-09-24 15:32 - 2013-09-24 15:32 - 00000000 ____D C:\ProgramData\ATI
2013-09-24 15:31 - 2013-09-24 15:31 - 00060777 _____ C:\Windows\SysWOW64\CCCInstall_201309241531329455.log
2013-09-24 15:31 - 2013-09-24 15:31 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-09-24 15:18 - 2013-09-24 15:24 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-24 15:11 - 2012-08-28 14:27 - 00058536 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys
2013-09-24 14:57 - 2013-09-24 14:57 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-24 14:57 - 2013-09-24 14:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-24 14:56 - 2013-09-24 14:56 - 00281896 _____ (Mozilla) C:\Users\*****\Downloads\Firefox Setup Stub 24.0.exe
2013-09-24 14:55 - 2013-09-24 14:55 - 00000000 ____D C:\Users\*****\AppData\Roaming\Win7codecs
2013-09-24 14:35 - 2013-09-24 14:35 - 00000000 ____D C:\Program Files (x86)\FinalWire
2013-09-24 14:34 - 2013-09-24 14:35 - 15273288 _____ (FinalWire Ltd.                                              ) C:\Users\*****\Downloads\aida64extreme320.exe
2013-09-20 17:36 - 2013-09-22 14:17 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-09-13 21:05 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-13 21:05 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-13 21:05 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-13 21:05 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-13 21:05 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-13 21:05 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-13 21:05 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-13 21:05 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-13 21:05 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-13 21:05 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-13 21:05 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-13 21:05 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-13 21:05 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-13 21:05 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-13 21:05 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-13 21:05 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-13 21:05 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-13 21:05 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-13 21:05 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-13 21:05 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-13 21:05 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-12 17:16 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-12 17:16 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-12 17:16 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-12 17:16 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-12 17:16 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-12 17:16 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-12 17:16 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-12 17:16 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-12 17:16 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-12 17:16 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-12 17:16 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-12 17:16 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-12 17:16 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-12 17:16 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-12 17:16 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-12 17:16 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-12 17:16 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-12 17:16 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-12 17:16 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-12 17:16 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-12 17:16 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-12 17:16 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-12 17:16 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-12 17:16 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-12 17:16 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-10 18:28 - 2013-09-20 14:28 - 03723656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-09-10 17:46 - 2013-09-13 21:05 - 00000000 ____D C:\Windows\system32\MRT
2013-08-31 02:14 - 2013-08-31 02:14 - 00125824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2013-08-31 02:14 - 2013-08-31 02:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2013-08-31 02:14 - 2013-08-31 02:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2013-08-31 02:14 - 2013-08-31 02:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2013-08-31 02:14 - 2013-08-31 02:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 08215992 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 07256496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 06767240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 06189416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 06176008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 01027544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 00114488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 00097984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2013-08-31 02:11 - 2013-08-31 02:11 - 12528640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2013-08-31 01:48 - 2013-08-31 01:48 - 00229376 _____ C:\Windows\system32\clinfo.exe
2013-08-31 01:48 - 2013-08-31 01:48 - 00127488 _____ (AMD) C:\Windows\system32\coinst_13.152.dll
2013-08-31 01:47 - 2013-08-31 01:47 - 28192256 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2013-08-31 01:47 - 2013-08-31 01:47 - 01187342 _____ C:\Windows\system32\amdocl_as64.exe
2013-08-31 01:47 - 2013-08-31 01:47 - 01061902 _____ C:\Windows\system32\amdocl_ld64.exe
2013-08-31 01:47 - 2013-08-31 01:47 - 00995342 _____ C:\Windows\SysWOW64\amdocl_as32.exe
2013-08-31 01:47 - 2013-08-31 01:47 - 00798734 _____ C:\Windows\SysWOW64\amdocl_ld32.exe
2013-08-31 01:47 - 2013-08-31 01:47 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2013-08-31 01:47 - 2013-08-31 01:47 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2013-08-31 01:47 - 2013-08-31 01:47 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2013-08-31 01:47 - 2013-08-31 01:47 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2013-08-31 01:45 - 2013-08-31 01:45 - 23760896 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2013-08-31 01:43 - 2013-08-31 01:43 - 00063488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-08-31 01:43 - 2013-08-31 01:43 - 00057344 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-08-31 01:35 - 2013-08-31 01:35 - 25387520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2013-08-31 01:18 - 2013-08-31 01:18 - 00530824 _____ C:\Windows\SysWOW64\atiapfxx.blb
2013-08-31 01:18 - 2013-08-31 01:18 - 00530824 _____ C:\Windows\system32\atiapfxx.blb
2013-08-31 01:18 - 2013-08-31 01:18 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2013-08-31 01:18 - 2013-08-31 01:18 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2013-08-31 01:18 - 2013-08-31 01:18 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2013-08-31 01:18 - 2013-08-31 01:18 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2013-08-31 01:18 - 2013-08-31 01:18 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2013-08-31 01:17 - 2013-08-31 01:17 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2013-08-31 01:14 - 2013-08-31 01:14 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2013-08-31 01:13 - 2013-08-31 01:13 - 21400064 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2013-08-31 01:04 - 2013-08-31 01:04 - 03388672 _____ C:\Windows\system32\atiumd6a.cap
2013-08-31 00:59 - 2013-08-31 00:59 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2013-08-31 00:58 - 2013-08-31 00:58 - 00571904 _____ (AMD) C:\Windows\system32\atieclxx.exe
2013-08-31 00:58 - 2013-08-31 00:58 - 00026112 _____ (AMD) C:\Windows\system32\atimuixx.dll
2013-08-31 00:57 - 2013-08-31 00:57 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2013-08-31 00:56 - 2013-08-31 00:56 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2013-08-31 00:50 - 2013-08-31 00:50 - 03422720 _____ C:\Windows\SysWOW64\atiumdva.cap
2013-08-31 00:33 - 2013-08-31 00:33 - 00784384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2013-08-31 00:33 - 2013-08-31 00:33 - 00594944 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2013-08-31 00:33 - 2013-08-31 00:33 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2013-08-31 00:32 - 2013-08-31 00:32 - 00618496 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2013-08-31 00:32 - 2013-08-31 00:32 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2013-08-31 00:32 - 2013-08-31 00:32 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2013-08-31 00:32 - 2013-08-31 00:32 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2013-08-31 00:32 - 2013-08-31 00:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2013-08-31 00:32 - 2013-08-31 00:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2013-08-30 19:58 - 2013-08-30 19:58 - 00051200 _____ C:\Windows\system32\kdbsdk64.dll
2013-08-30 19:53 - 2013-08-30 19:53 - 00038912 _____ C:\Windows\SysWOW64\kdbsdk32.dll
2013-08-27 21:06 - 2013-08-27 21:06 - 00233652 _____ C:\Windows\system32\ativvaxy_cik.dat
2013-08-27 19:27 - 2013-08-27 19:27 - 00082336 _____ C:\Windows\system32\ativce02.dat
2013-08-26 12:06 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-26 12:06 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-26 12:06 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-26 12:06 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-26 12:06 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-26 12:06 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-26 12:06 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-26 12:06 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-26 12:06 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-26 12:06 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-26 12:05 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-26 12:05 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-26 12:05 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-26 12:05 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-26 12:05 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-26 12:05 - 2013-06-15 06:35 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-08-26 12:05 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

2013-09-25 13:11 - 2012-09-29 16:41 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071852959-998558986-2337029572-1000UA.job
2013-09-25 13:08 - 2013-09-25 13:08 - 00001532 _____ C:\Users\*****\Desktop\JRT.txt
2013-09-25 13:06 - 2009-07-14 06:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-25 13:06 - 2009-07-14 06:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-25 13:03 - 2013-09-25 13:03 - 00001443 _____ C:\Users\*****\Desktop\JRT.exe - Verknüpfung.lnk
2013-09-25 13:03 - 2013-09-25 13:03 - 00000000 ____D C:\Windows\ERUNT
2013-09-25 13:02 - 2013-09-24 15:48 - 00158771 _____ C:\Windows\WindowsUpdate.log
2013-09-25 13:02 - 2012-01-22 19:07 - 00000000 ___RD C:\Users\*****\Sicherheit
2013-09-25 13:01 - 2012-09-17 17:46 - 00000000 ____D C:\ProgramData\ABBYY
2013-09-25 12:59 - 2013-09-24 16:13 - 00001008 _____ C:\Windows\setupact.log
2013-09-25 12:59 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-25 12:57 - 2013-09-25 12:54 - 00000000 ____D C:\AdwCleaner
2013-09-24 22:28 - 2012-09-29 22:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-24 19:09 - 2011-01-03 19:22 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc
2013-09-24 17:28 - 2009-07-14 19:58 - 00699154 _____ C:\Windows\system32\perfh007.dat
2013-09-24 17:28 - 2009-07-14 19:58 - 00149294 _____ C:\Windows\system32\perfc007.dat
2013-09-24 17:28 - 2009-07-14 07:13 - 01619544 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-24 16:44 - 2011-02-27 17:47 - 00001912 _____ C:\Windows\epplauncher.mif
2013-09-24 16:44 - 2011-02-27 17:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-09-24 16:38 - 2013-09-24 16:38 - 00000000 ____D C:\FRST
2013-09-24 16:35 - 2013-09-24 16:35 - 00000020 _____ C:\Users\*****\defogger_reenable
2013-09-24 16:35 - 2010-12-29 16:22 - 00000000 ____D C:\Users\*****
2013-09-24 16:13 - 2013-09-24 16:13 - 00003722 _____ C:\Windows\PFRO.log
2013-09-24 16:13 - 2013-09-24 16:13 - 00000000 _____ C:\Windows\setuperr.log
2013-09-24 16:04 - 2011-02-27 18:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-24 16:02 - 2013-02-10 11:39 - 00096256 ___SH C:\Users\*****\Thumbs.db
2013-09-24 15:48 - 2011-03-01 12:46 - 00000000 ____D C:\Windows\Minidump
2013-09-24 15:43 - 2013-09-24 15:42 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-09-24 15:39 - 2010-12-29 16:44 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-24 15:36 - 2010-12-29 16:44 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-09-24 15:32 - 2013-09-24 15:32 - 00000000 ____D C:\ProgramData\ATI
2013-09-24 15:31 - 2013-09-24 15:31 - 00060777 _____ C:\Windows\SysWOW64\CCCInstall_201309241531329455.log
2013-09-24 15:31 - 2013-09-24 15:31 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-09-24 15:31 - 2012-11-11 11:32 - 00000000 ____D C:\ProgramData\AMD
2013-09-24 15:30 - 2010-12-29 16:33 - 00000000 ____D C:\Program Files\ATI Technologies
2013-09-24 15:24 - 2013-09-24 15:18 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-24 15:22 - 2011-02-27 17:47 - 01584728 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-09-24 14:57 - 2013-09-24 14:57 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-24 14:57 - 2013-09-24 14:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-24 14:57 - 2012-12-09 14:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-24 14:56 - 2013-09-24 14:56 - 00281896 _____ (Mozilla) C:\Users\*****\Downloads\Firefox Setup Stub 24.0.exe
2013-09-24 14:55 - 2013-09-24 14:55 - 00000000 ____D C:\Users\*****\AppData\Roaming\Win7codecs
2013-09-24 14:55 - 2010-12-30 13:53 - 00000000 ____D C:\ProgramData\Win7codecs
2013-09-24 14:35 - 2013-09-24 14:35 - 00000000 ____D C:\Program Files (x86)\FinalWire
2013-09-24 14:35 - 2013-09-24 14:34 - 15273288 _____ (FinalWire Ltd.                                              ) C:\Users\*****\Downloads\aida64extreme320.exe
2013-09-24 14:11 - 2012-09-29 16:41 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071852959-998558986-2337029572-1000Core.job
2013-09-24 13:59 - 2012-03-04 19:04 - 00000000 ____D C:\Users\*****\AppData\Roaming\GHISLER
2013-09-24 13:58 - 2012-02-10 11:52 - 00000000 ____D C:\Users\*****\AppData\Local\Samsung
2013-09-24 13:58 - 2012-02-09 13:50 - 00000000 ____D C:\ProgramData\Samsung
2013-09-24 13:55 - 2012-01-22 17:14 - 00000000 ____D C:\Program Files (x86)\Polar
2013-09-24 13:54 - 2013-01-01 17:17 - 00000000 ____D C:\ProgramData\BlueStacks
2013-09-24 13:54 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-09-24 13:51 - 2012-04-06 09:48 - 00000000 ____D C:\Users\*****\AppData\Local\Thunderbird
2013-09-24 13:44 - 2011-11-27 16:31 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-09-24 13:42 - 2012-05-16 11:39 - 00000000 ____D C:\Users\*****\AppData\Roaming\uTorrent
2013-09-22 14:17 - 2013-09-20 17:36 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-09-20 16:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-20 14:28 - 2013-09-10 18:28 - 03723656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-09-20 14:28 - 2012-09-29 22:58 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-20 14:28 - 2012-09-29 22:58 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-20 14:28 - 2011-11-18 12:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-13 21:28 - 2010-12-29 16:23 - 00000000 ___RD C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-13 21:28 - 2010-12-29 16:23 - 00000000 ___RD C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 21:28 - 2009-07-14 06:45 - 00340120 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 21:05 - 2013-09-10 17:46 - 00000000 ____D C:\Windows\system32\MRT
2013-09-13 21:02 - 2011-03-06 11:34 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-13 21:02 - 2011-01-09 16:49 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-11 16:59 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-31 02:14 - 2013-08-31 02:14 - 00125824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2013-08-31 02:14 - 2013-08-31 02:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2013-08-31 02:14 - 2013-08-31 02:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2013-08-31 02:14 - 2013-08-31 02:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2013-08-31 02:14 - 2013-08-31 02:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2013-08-31 02:14 - 2010-11-26 04:16 - 00142792 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 08215992 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 07256496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 06767240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 06189416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 06176008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 01027544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 00114488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2013-08-31 02:13 - 2013-08-31 02:13 - 00097984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2013-08-31 02:13 - 2010-11-26 04:57 - 01233080 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2013-08-31 02:13 - 2010-11-26 04:40 - 09464840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2013-08-31 02:11 - 2013-08-31 02:11 - 12528640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2013-08-31 01:48 - 2013-08-31 01:48 - 00229376 _____ C:\Windows\system32\clinfo.exe
2013-08-31 01:48 - 2013-08-31 01:48 - 00127488 _____ (AMD) C:\Windows\system32\coinst_13.152.dll
2013-08-31 01:47 - 2013-08-31 01:47 - 28192256 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2013-08-31 01:47 - 2013-08-31 01:47 - 01187342 _____ C:\Windows\system32\amdocl_as64.exe
2013-08-31 01:47 - 2013-08-31 01:47 - 01061902 _____ C:\Windows\system32\amdocl_ld64.exe
2013-08-31 01:47 - 2013-08-31 01:47 - 00995342 _____ C:\Windows\SysWOW64\amdocl_as32.exe
2013-08-31 01:47 - 2013-08-31 01:47 - 00798734 _____ C:\Windows\SysWOW64\amdocl_ld32.exe
2013-08-31 01:47 - 2013-08-31 01:47 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2013-08-31 01:47 - 2013-08-31 01:47 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2013-08-31 01:47 - 2013-08-31 01:47 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2013-08-31 01:47 - 2013-08-31 01:47 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2013-08-31 01:45 - 2013-08-31 01:45 - 23760896 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2013-08-31 01:43 - 2013-08-31 01:43 - 00063488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-08-31 01:43 - 2013-08-31 01:43 - 00057344 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-08-31 01:35 - 2013-08-31 01:35 - 25387520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2013-08-31 01:18 - 2013-08-31 01:18 - 00530824 _____ C:\Windows\SysWOW64\atiapfxx.blb
2013-08-31 01:18 - 2013-08-31 01:18 - 00530824 _____ C:\Windows\system32\atiapfxx.blb
2013-08-31 01:18 - 2013-08-31 01:18 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2013-08-31 01:18 - 2013-08-31 01:18 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2013-08-31 01:18 - 2013-08-31 01:18 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2013-08-31 01:18 - 2013-08-31 01:18 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2013-08-31 01:18 - 2013-08-31 01:18 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2013-08-31 01:17 - 2013-08-31 01:17 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2013-08-31 01:14 - 2013-08-31 01:14 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2013-08-31 01:13 - 2013-08-31 01:13 - 21400064 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2013-08-31 01:04 - 2013-08-31 01:04 - 03388672 _____ C:\Windows\system32\atiumd6a.cap
2013-08-31 00:59 - 2013-08-31 00:59 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2013-08-31 00:58 - 2013-08-31 00:58 - 00571904 _____ (AMD) C:\Windows\system32\atieclxx.exe
2013-08-31 00:58 - 2013-08-31 00:58 - 00026112 _____ (AMD) C:\Windows\system32\atimuixx.dll
2013-08-31 00:57 - 2013-08-31 00:57 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2013-08-31 00:56 - 2013-08-31 00:56 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2013-08-31 00:50 - 2013-08-31 00:50 - 03422720 _____ C:\Windows\SysWOW64\atiumdva.cap
2013-08-31 00:33 - 2013-08-31 00:33 - 00784384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2013-08-31 00:33 - 2013-08-31 00:33 - 00594944 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2013-08-31 00:33 - 2013-08-31 00:33 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2013-08-31 00:32 - 2013-08-31 00:32 - 00618496 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2013-08-31 00:32 - 2013-08-31 00:32 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2013-08-31 00:32 - 2013-08-31 00:32 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2013-08-31 00:32 - 2013-08-31 00:32 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2013-08-31 00:32 - 2013-08-31 00:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2013-08-31 00:32 - 2013-08-31 00:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2013-08-30 19:58 - 2013-08-30 19:58 - 00051200 _____ C:\Windows\system32\kdbsdk64.dll
2013-08-30 19:53 - 2013-08-30 19:53 - 00038912 _____ C:\Windows\SysWOW64\kdbsdk32.dll
2013-08-27 21:06 - 2013-08-27 21:06 - 00233652 _____ C:\Windows\system32\ativvaxy_cik.dat
2013-08-27 19:27 - 2013-08-27 19:27 - 00082336 _____ C:\Windows\system32\ativce02.dat
2013-08-27 14:08 - 2013-09-24 15:34 - 00883928 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt64win7.sys
2013-08-27 14:08 - 2013-09-24 15:34 - 00108760 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2013-08-27 14:08 - 2013-09-24 15:34 - 00074456 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2013-08-26 11:58 - 2011-01-14 19:06 - 00000000 ____D C:\Program Files\Lx_cats

Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\Quarantine.exe
C:\Users\*****\AppData\Local\Temp\SpotifyUninstall.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-21 12:56

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 25.09.2013, 18:22   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 64bit: PC langsam und 50000 .tmp Datein - Standard

Windows 7 64bit: PC langsam und 50000 .tmp Datein




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 7 64bit: PC langsam und 50000 .tmp Datein
.com, adblock, branding, desktop, farbar, farbar recovery scan tool, firefox, flash player, focus, homepage, installation, langsam, launch, problem, programm, pup.optional.1clickdownload.a, pup.optional.atdhenettvap.a, pup.optional.babylon, pup.optional.babylon.a, pup.optional.babylontoolbar.a, pup.optional.browserdefender.a, pup.optional.datamngr.a, pup.optional.dealply.a, pup.optional.delta.a, pup.optional.opencandy, pup.optional.startpage, pup.optional.sweetim.a, pup.optional.tarma.a, security, svchost.exe, tarma, windows



Ähnliche Themen: Windows 7 64bit: PC langsam und 50000 .tmp Datein


  1. Windows 10 Programme reagieren nicht Pc extrem langsam abstürze von dll datein Apliccation Error
    Plagegeister aller Art und deren Bekämpfung - 30.10.2015 (14)
  2. laptop läuft sehr langsam, Tastatureingabe oft zeitverzögert, windows 7, 64bit
    Plagegeister aller Art und deren Bekämpfung - 11.10.2015 (21)
  3. Windows 7 - 64bit: PC sehr langsam, Vermutung Malware, Toshiba Service Station Problem
    Log-Analyse und Auswertung - 01.07.2015 (20)
  4. Window 7 (64bit): PC sehr Langsam
    Log-Analyse und Auswertung - 30.04.2015 (7)
  5. Window 7 (64bit): PC seit ca. 1 Woche sehr Langsam
    Log-Analyse und Auswertung - 28.04.2015 (11)
  6. Win8 64bit (neu) bootet langsam, pop ups und werbungen im chrome...
    Plagegeister aller Art und deren Bekämpfung - 01.04.2015 (20)
  7. Windows 7 64Bit home Premium sehr langsam
    Log-Analyse und Auswertung - 26.10.2014 (11)
  8. Windows7/64bit: extrem langsam
    Log-Analyse und Auswertung - 15.07.2014 (11)
  9. Windows 7 64bit: Computer bootet langsam trotz Neuinstallation
    Alles rund um Windows - 06.03.2014 (1)
  10. Windows 8 (64bit) - PC plötzlich langsam
    Plagegeister aller Art und deren Bekämpfung - 17.02.2014 (13)
  11. Windows 7 Home Premium 64Bit, Internet langsam bzw Downloads
    Alles rund um Windows - 04.01.2014 (1)
  12. tbhcn in Autostart - Win7 64bit sehr langsam
    Log-Analyse und Auswertung - 02.11.2013 (9)
  13. BSI Trojaner februar 2013, datein verschlüsselt mögliche rettung der Datein
    Log-Analyse und Auswertung - 25.02.2013 (9)
  14. Windows Datein Verschlüsselt
    Log-Analyse und Auswertung - 06.06.2012 (3)
  15. Windows Sicherheits Trojaner (Datein entschlüsseln)
    Log-Analyse und Auswertung - 29.05.2012 (1)
  16. Windows Verschlüsselung - Sind die Datein zu retten?
    Log-Analyse und Auswertung - 27.04.2012 (5)
  17. Pc läuft extrem langsam, Datein können nicht gelöscht werden..
    Log-Analyse und Auswertung - 03.01.2012 (1)

Zum Thema Windows 7 64bit: PC langsam und 50000 .tmp Datein - Hallo zusammen, mein PC ist in letzter Zeit sehr langsam geworden und so habe ich heute beschlossen einfach mal ein wenig aufzuräumen. Alles schön und gut, nun geht er gefühlt - Windows 7 64bit: PC langsam und 50000 .tmp Datein...
Archiv
Du betrachtest: Windows 7 64bit: PC langsam und 50000 .tmp Datein auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.