Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Conduit.com entfernt. Noch was übrig geblieben in meinem System?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 06.01.2014, 09:43   #1
Sipahi_72
 
Conduit.com entfernt. Noch was übrig geblieben in meinem System? - Standard

Conduit.com entfernt. Noch was übrig geblieben in meinem System?



Guten Tag Forum,

durch eine Sekunde der Unachtsamkeit hatte ich den "Browser-Hijacker" Conduit.com mit einem Freeware Partitionierungsprogramm mit installiert. Nach Recherche im Internet konnte ich mit Mühe und not es entfernen.

Hierzu habe ich das Programm deinstalliert, den Rechner neu gestartet
regedit.exe ausgeführt und
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main->Start Page EIntrag in mein Wunsch Suchmaschine geändert, so dass momentan alles in Ordnung zu sein scheint.

Nichts desto trotz wurde es mir während dieser Aktion klar, wie viel Müll und/oder Schadsoftware im Internet gibt und wollte wissen ob mein Rechner auch mit anderen Plagegeistern infiziert sein könnte. Dieser Überlegung folgend habe ich mich im Internet nach Foren umgeschaut, die auf dieses Thema spezialisiert sind und bin hier fündig geworden. Ich habe auch das Tool OTL Scan gefunden und mein System wie beschrieben gescant. AUch wenn momentan keine Symptome zu merken sind, kann jmd mir sagen ob nach scan LOGs in meinem System irgendwelche Schadsoftware eingenistet sind?

Ich danke für vorab für sachkundige Hilfe.

P.s.: OTL kann ich nicht anhängen. ANgeblich sei die Datei mit 121 kb größer als erlaubt. Soll ich es unter per copy paste einfügen?

Edit: @admin bitte in Logfile Analyse Forum verschieben. Ich habe es erst gerade entdeckt

Code:
ATTFilter
OTL logfile created on: 06.01.2014 00:23:25 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\xxxxxx\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,93 Gb Total Physical Memory | 2,35 Gb Available Physical Memory | 59,78% Memory free
7,85 Gb Paging File | 5,64 Gb Available in Paging File | 71,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 23,98 Gb Free Space | 20,60% Space Free | Partition Type: NTFS
Drive D: | 329,79 Gb Total Space | 90,54 Gb Free Space | 27,45% Space Free | Partition Type: NTFS
 
Computer Name: **** | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\****\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe (TeamViewer GmbH)
PRC - C:\PROGRA~2\SearchProtect\SearchProtect\bin\cltmng.exe (Conduit)
PRC - C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe (Conduit)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe (asus)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
MOD - C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll ()
MOD - C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll ()
MOD - C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll ()
MOD - C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll ()
MOD - C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV - (TeamViewer9) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (CltMngSvc) -- C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe (Conduit)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ADSMService) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (AsDsm) -- C:\Windows\SysNative\drivers\AsDsm.sys (ASUSTek Computer Inc)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (ATI Technologies, Inc.)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (JME) -- C:\Windows\SysNative\drivers\JME.sys (JMicron Technology Corp.)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP6D543F0F-E309-441F-BEFC-FDC1776A2045&SSPV=
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = hxxp://search.conduit.com/Results.aspx?ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP6D543F0F-E309-441F-BEFC-FDC1776A2045&q={searchTerms}&SSPV=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.2.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.2.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B1FC07E1-E05B-4567-8891-E63FBE545BA8}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013.11.06 15:55:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2013.12.16 16:52:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Extensions
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [ADSMTray] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe (ASUS Cloud Corporation)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe File not found
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4:64bit: - HKLM..\RunOnce: [ETDUnst] C:\Windows\ETDUninst.dll (ELAN Microelectronic Corp.)
O4 - HKLM..\RunOnce: [SpUninstallCleanUp] REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.173.194.69 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{59C91FBD-F3F7-4463-BEB9-AF7C77D454B8}: DhcpNameServer = 81.173.194.69 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5B104374-3E18-4ED5-8021-A7C45896D0B3}: DhcpNameServer = 13.5.0.10
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{949cd73f-60c1-11e3-9253-20cf30c5be6c}\Shell - "" = AutoRun
O33 - MountPoints2\{949cd73f-60c1-11e3-9253-20cf30c5be6c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014.01.06 00:22:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe
[2014.01.05 22:14:10 | 000,249,736 | ---- | C] (ELAN Microelectronic Corp.) -- C:\Windows\ETDUninst.dll
[2014.01.03 20:42:50 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\TuneUp Software
[2014.01.03 20:42:33 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2014.01.03 20:42:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
[2014.01.03 20:42:26 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2014.01.03 20:39:49 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\OpenCandy
[2014.01.03 20:39:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EaseUS
[2014.01.03 20:36:13 | 021,832,632 | ---- | C] (EaseUS                                                      ) -- C:\Users\****\Desktop\epm.exe
[2013.12.25 18:53:39 | 001,189,560 | ---- | C] (AMD Inc.) -- C:\Users\****\Desktop\catalyst_mobility_64-bit_util.exe
[2013.12.16 20:44:52 | 000,000,000 | ---D | C] -- C:\Windows\solcache
[2013.12.16 20:43:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sierra On-Line
[2013.12.16 18:27:53 | 000,000,000 | ---D | C] -- C:\Sierra
[2013.12.16 16:52:23 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Thunderbird
[2013.12.16 16:52:23 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\Thunderbird
[2013.12.16 16:52:23 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Mozilla
[2013.12.16 16:52:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.12.16 16:52:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.12.16 16:52:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.12.13 22:15:11 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\ImgBurn
[2013.12.13 22:10:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2013.12.13 22:10:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImgBurn
[2013.12.12 00:25:20 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\TeamViewer
[2013.12.12 00:16:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2013.12.12 00:03:23 | 006,052,208 | ---- | C] (TeamViewer GmbH) -- C:\Users\****\Desktop\TeamViewer_Setup_de-ckc.exe
[2013.12.11 22:03:48 | 000,000,000 | ---D | C] -- C:\Users\****\Documents\ASUS
[2013.12.11 22:03:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2013.12.11 22:03:39 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\ASUS
[2013.12.11 21:41:58 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS WebStorage
[2013.12.11 21:25:32 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2013.12.11 21:25:31 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2013.12.11 21:25:31 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2013.12.11 21:25:30 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2013.12.11 21:23:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013.12.11 21:23:36 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.12.11 21:23:36 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.12.11 21:23:36 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.12.11 21:23:36 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.12.11 21:23:36 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013.12.11 21:23:36 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.12.11 21:23:36 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013.12.11 21:23:36 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.12.11 21:23:35 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.12.11 21:23:35 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013.12.11 21:23:35 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013.12.11 21:23:34 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.12.11 21:23:33 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.12.11 21:23:33 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.12.11 21:23:30 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.12.11 15:23:08 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.12.11 15:23:08 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.12.11 15:23:07 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2013.12.11 15:23:07 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2013.12.11 15:23:07 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013.12.11 15:23:01 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2013.12.11 15:23:01 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2013.12.11 15:23:01 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2013.12.11 15:23:01 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2013.12.11 15:23:01 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2013.12.11 15:23:01 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2013.12.11 15:23:01 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2013.12.11 15:23:01 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2013.12.10 15:49:35 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\openvr
[2013.12.10 14:36:50 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\SKIDROW
[2013.12.10 14:19:53 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2013.12.10 14:19:53 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2013.12.10 14:19:53 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2013.12.10 14:19:53 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2013.12.10 14:19:52 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2013.12.10 14:19:52 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2013.12.10 14:19:52 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2013.12.10 14:19:52 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2013.12.10 14:19:52 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2013.12.10 14:19:52 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2013.12.10 14:19:52 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2013.12.10 14:19:52 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2013.12.10 14:19:51 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2013.12.10 14:19:51 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2013.12.10 14:19:50 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2013.12.10 14:19:50 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2013.12.10 14:19:50 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2013.12.10 14:19:50 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2013.12.10 14:19:50 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2013.12.10 14:19:50 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2013.12.10 14:19:49 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2013.12.10 14:19:49 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2013.12.10 14:19:49 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2013.12.10 14:19:49 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2013.12.10 14:19:48 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2013.12.10 14:19:48 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2013.12.10 14:19:48 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2013.12.10 14:19:48 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2013.12.10 14:19:47 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2013.12.10 14:19:47 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2013.12.10 14:19:47 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2013.12.10 14:19:47 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2013.12.10 14:19:46 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2013.12.10 14:19:46 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2013.12.10 14:19:46 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2013.12.10 14:19:46 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2013.12.10 14:19:46 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2013.12.10 14:19:46 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2013.12.10 14:19:45 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2013.12.10 14:19:45 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2013.12.10 14:19:45 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2013.12.10 14:19:45 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2013.12.10 14:19:44 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2013.12.10 14:19:44 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2013.12.10 14:19:40 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2013.12.10 14:19:40 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2013.12.10 14:19:40 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2013.12.10 14:19:40 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2013.12.10 14:19:40 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2013.12.10 14:19:40 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2013.12.10 14:19:40 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2013.12.10 14:19:40 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2013.12.10 14:19:39 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2013.12.10 14:19:39 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2013.12.10 14:19:39 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2013.12.10 14:19:39 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2013.12.10 14:19:38 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2013.12.10 14:19:38 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2013.12.10 14:19:38 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2013.12.10 14:19:38 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2013.12.10 14:19:38 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2013.12.10 14:19:38 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2013.12.10 14:19:36 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2013.12.10 14:19:36 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2013.12.10 14:19:36 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2013.12.10 14:19:36 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2013.12.10 14:19:34 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2013.12.10 14:19:34 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2013.12.10 14:19:34 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2013.12.10 14:19:34 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2013.12.10 14:19:34 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2013.12.10 14:19:34 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2013.12.10 14:19:33 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2013.12.10 14:19:33 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2013.12.10 14:19:33 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2013.12.10 14:19:33 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2013.12.10 14:19:33 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2013.12.10 14:19:33 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2013.12.10 14:19:31 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2013.12.10 14:19:31 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2013.12.10 14:19:31 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2013.12.10 14:19:31 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2013.12.10 14:19:31 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2013.12.10 14:19:31 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2013.12.10 14:19:30 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2013.12.10 14:19:30 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2013.12.10 14:19:30 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2013.12.10 14:19:30 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2013.12.10 14:19:30 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2013.12.10 14:19:30 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2013.12.10 14:19:30 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2013.12.10 14:19:30 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2013.12.10 14:19:29 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2013.12.10 14:19:29 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2013.12.10 14:19:28 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2013.12.10 14:19:28 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2013.12.10 14:19:28 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2013.12.10 14:19:28 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2013.12.10 14:19:27 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2013.12.10 14:19:27 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2013.12.10 14:19:27 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2013.12.10 14:19:27 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2013.12.10 14:19:26 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2013.12.10 14:19:26 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2013.12.10 14:19:24 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2013.12.10 14:19:24 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2013.12.10 14:19:24 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2013.12.10 14:19:24 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2013.12.10 14:19:24 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2013.12.10 14:19:24 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2013.12.10 14:19:22 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2013.12.10 14:19:22 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2013.12.10 14:19:21 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2013.12.10 14:19:21 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2013.12.10 14:19:20 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2013.12.10 14:19:20 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2013.12.10 14:19:20 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2013.12.10 14:19:20 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2013.12.10 14:19:19 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2013.12.10 14:19:19 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2013.12.10 14:19:18 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2013.12.10 14:19:18 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2013.12.10 14:19:18 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2013.12.10 14:19:18 | 000,018,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_2.dll
[2013.12.10 14:19:17 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2013.12.10 14:19:17 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2013.12.10 14:19:17 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2013.12.10 14:19:17 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2013.12.10 14:19:16 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2013.12.10 14:19:16 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2013.12.10 14:19:16 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2013.12.10 14:19:16 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2013.12.10 14:19:15 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2013.12.10 14:19:15 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2013.12.10 14:19:15 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2013.12.10 14:19:15 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2013.12.10 14:19:15 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2013.12.10 14:19:15 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2013.12.10 14:19:14 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2013.12.10 14:19:14 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2013.12.10 14:19:13 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2013.12.10 14:19:13 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2013.12.10 14:19:12 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2013.12.10 14:19:12 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2013.12.10 14:19:12 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2013.12.10 14:19:12 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2013.12.10 14:19:11 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2013.12.10 14:19:11 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2013.12.10 14:19:11 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2013.12.10 14:19:11 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2013.12.10 14:19:10 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2013.12.10 14:19:10 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2013.12.10 14:19:10 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2013.12.10 14:19:10 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2013.12.10 14:19:09 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2013.12.10 14:19:09 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2013.12.10 14:19:08 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2013.12.10 14:19:08 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2013.12.10 14:19:08 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2013.12.10 14:19:08 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2013.12.10 14:19:07 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2013.12.10 14:19:07 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2013.12.10 14:19:05 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2013.12.10 14:19:05 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2013.12.10 14:19:03 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2013.12.10 14:19:03 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2013.12.10 14:19:03 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2013.12.10 14:19:03 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2013.12.10 14:19:02 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2013.12.10 14:19:02 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2013.12.10 14:19:02 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2013.12.10 14:19:02 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2013.12.10 14:19:02 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2013.12.10 14:19:02 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2013.12.10 14:19:01 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2013.12.10 14:19:01 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2013.12.10 14:19:01 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2013.12.10 14:19:01 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2013.12.10 14:19:00 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2013.12.10 14:19:00 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2013.12.10 14:14:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2013.12.10 14:09:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2013.12.10 13:57:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision
[2013.12.10 12:31:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
[2013.12.10 12:31:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes
[2013.12.08 22:51:59 | 000,000,000 | ---D | C] -- C:\AMD
[2013.12.08 21:14:34 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2013.12.08 19:54:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013.12.08 19:54:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2013.12.08 19:54:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
 
========== Files - Modified Within 30 Days ==========
 
[2014.01.06 00:22:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe
[2014.01.06 00:12:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.01.05 22:50:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.01.05 22:18:35 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.01.05 22:18:35 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.01.05 22:13:40 | 001,618,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.01.05 22:13:40 | 000,699,034 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.01.05 22:13:40 | 000,653,832 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.01.05 22:13:40 | 000,149,142 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.01.05 22:13:40 | 000,121,704 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.01.05 22:09:23 | 3161,858,048 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.03 20:55:11 | 000,003,225 | -H-- | M] () -- C:\Windows\EPMBatch.ept
[2014.01.03 20:39:04 | 021,832,632 | ---- | M] (EaseUS                                                      ) -- C:\Users\****\Desktop\epm.exe
[2013.12.25 18:53:57 | 001,189,560 | ---- | M] (AMD Inc.) -- C:\Users\****\Desktop\catalyst_mobility_64-bit_util.exe
[2013.12.25 16:10:12 | 000,000,219 | ---- | M] () -- C:\Users\****\Desktop\Counter-Strike Source.url
[2013.12.24 01:03:26 | 000,035,021 | ---- | M] () -- C:\Users\****\Desktop\540094_555432364547411_1081810519_n.jpg
[2013.12.22 23:30:57 | 000,000,218 | ---- | M] () -- C:\Users\****\Desktop\Counter-Strike.url
[2013.12.18 16:13:20 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2013.12.16 16:52:03 | 000,002,088 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013.12.13 22:10:59 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2013.12.13 11:21:07 | 000,366,760 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.12.12 10:39:39 | 000,131,576 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.12.12 10:39:39 | 000,108,440 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.12.12 10:39:39 | 000,084,720 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.12.12 00:15:59 | 006,052,208 | ---- | M] (TeamViewer GmbH) -- C:\Users\****\Desktop\TeamViewer_Setup_de-ckc.exe
[2013.12.11 22:02:56 | 000,000,024 | ---- | M] () -- C:\Windows\ATKPF.ini
[2013.12.11 21:41:58 | 000,001,236 | ---- | M] () -- C:\Users\Public\Desktop\ASUS WebStorage.lnk
[2013.12.10 21:12:26 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.12.10 21:12:26 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.12.10 14:09:56 | 000,002,175 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Black Ops II.lnk
[2013.12.10 14:09:56 | 000,002,175 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Black Ops II Zombie Mode.lnk
[2013.12.10 14:09:56 | 000,002,175 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Black Ops II Multiplayer.lnk
[2013.12.10 12:32:14 | 000,001,252 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2013.12.08 21:14:34 | 000,000,219 | ---- | M] () -- C:\Users\****\Desktop\Team Fortress 2.url
[2013.12.08 19:54:55 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
 
========== Files Created - No Company Name ==========
 
[2014.01.03 20:54:11 | 000,003,225 | -H-- | C] () -- C:\Windows\EPMBatch.ept
[2013.12.25 16:10:12 | 000,000,219 | ---- | C] () -- C:\Users\****\Desktop\Counter-Strike Source.url
[2013.12.24 01:03:46 | 000,035,021 | ---- | C] () -- C:\Users\****\Desktop\540094_555432364547411_1081810519_n.jpg
[2013.12.22 23:30:57 | 000,000,218 | ---- | C] () -- C:\Users\****\Desktop\Counter-Strike.url
[2013.12.16 16:52:03 | 000,002,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2013.12.16 16:52:03 | 000,002,088 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013.12.13 22:10:59 | 000,001,879 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
[2013.12.13 22:10:59 | 000,001,867 | ---- | C] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2013.12.12 00:16:21 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
[2013.12.12 00:16:21 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2013.12.11 21:41:58 | 000,001,236 | ---- | C] () -- C:\Users\Public\Desktop\ASUS WebStorage.lnk
[2013.12.10 14:09:56 | 000,002,175 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Black Ops II.lnk
[2013.12.10 14:09:56 | 000,002,175 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Black Ops II Zombie Mode.lnk
[2013.12.10 14:09:56 | 000,002,175 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Black Ops II Multiplayer.lnk
[2013.12.10 12:32:14 | 000,001,252 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2013.12.08 21:14:34 | 000,000,219 | ---- | C] () -- C:\Users\****\Desktop\Team Fortress 2.url
[2013.12.08 19:54:55 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2013.11.27 01:51:34 | 001,592,784 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.11.13 15:28:06 | 000,393,256 | ---- | C] () -- C:\Windows\SysWow64\CNQ2414N.DAT
[2013.11.03 22:30:04 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Files - Unicode (All) ==========
[2013.11.13 23:43:21 | 104,165,720 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\踑赔•
[2013.11.13 17:35:18 | 104,165,720 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\踑赔•
[2013.11.04 20:33:28 | 104,964,650 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\赔’
[2013.11.04 20:33:28 | 104,964,650 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\赔’

< End of report >
         
Code:
ATTFilter
OTL Extras logfile created on: 06.01.2014 00:23:25 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tayfun\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,93 Gb Total Physical Memory | 2,35 Gb Available Physical Memory | 59,78% Memory free
7,85 Gb Paging File | 5,64 Gb Available in Paging File | 71,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 23,98 Gb Free Space | 20,60% Space Free | Partition Type: NTFS
Drive D: | 329,79 Gb Total Space | 90,54 Gb Free Space | 27,45% Space Free | Partition Type: NTFS
 
Computer Name: **** | User Name: Tayfun | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{38FFB4E5-88C1-4247-95A9-D6D88DBB3F15}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{6974C435-4D16-42D5-BBEA-900499EA39B0}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary | 
"{8B845B0F-386E-4635-BBD3-31D3FB69192D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{D72BB968-329B-4EE2-A2A7-00A2BBB11FD2}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01119767-A000-46F8-ABF8-D136FC6E69FC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe | 
"{03580102-0BC2-4CA9-A8C8-F183226738D7}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty black ops ii\t6sp.exe | 
"{054D6AA5-8668-4302-B12A-C034603A96E9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | 
"{0CCC4BCC-CE08-4C18-A8D9-0D18DE1DAB2F}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{0E513E1E-8CDE-430B-87CE-3FA4FD323706}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe | 
"{1BF2C352-929E-4B14-8538-2BEA7A8972FA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{1DC3282F-0C09-4A46-B269-44F2B55E6023}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{22F0473D-D1B3-4430-83F7-558C25A6B452}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{231F8B6F-4339-44AB-B862-BFC26C3D63DF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe | 
"{2D56CA39-DD8D-4694-ACA5-E6DFEDFC22BF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{3AD7C6DE-A726-495E-9050-C0C0391A6CE5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | 
"{3C6051AB-C214-45A6-B95A-6498C36C3A79}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{44E7A1F6-C45B-4161-ACD7-7C0E98F9B35D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe | 
"{5A2D7D97-68CB-4C21-A936-F6D471C4BA86}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{5FE7780E-7691-4BAC-A917-913E2C91E75D}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{63517B24-D895-46FF-9BAD-8D80D2826FAD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{65027869-84AA-4BFC-BB17-1BF3BF29DFEE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{70C6E4A3-15AA-4E98-A7FE-2E21557484E2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{7ACE87F0-66D9-48C0-93EE-DE67C3C31837}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe | 
"{8388E1CB-9F6B-460D-9643-C53872A96179}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe | 
"{8A4A91A5-D616-4D1E-B982-DEC103034285}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | 
"{9B67084D-DDD5-474D-91EC-9F95EDB14040}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe | 
"{A0C7D731-04C0-4CC3-B611-1A6E13DC50AA}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe | 
"{BE8114D4-D8B7-4F4F-B68B-6A5DE96E74FC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | 
"{C2BF00D9-8EC4-493D-8FD7-976F3AE5ADC5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | 
"{C97EA9C5-293C-47F9-A6FC-4700D5B6E5B4}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty black ops ii\t6sp.exe | 
"{E7CEB118-999F-458C-ADE7-48410B36D608}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | 
"{FDC64321-1528-4439-BC02-44229EF86D26}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | 
"TCP Query User{6AAAE67B-5EB4-4ACA-931B-C9128A0A1ECA}C:\program files (x86)\activision\call of duty black ops ii\t6sp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty black ops ii\t6sp.exe | 
"TCP Query User{99025F7C-B0FE-413B-A3E7-B77894B55CC0}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"UDP Query User{79DC43F4-5B51-40AD-8E80-6F4B085A53B4}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"UDP Query User{E99501FB-727F-4649-97DA-90616330489D}C:\program files (x86)\activision\call of duty black ops ii\t6sp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty black ops ii\t6sp.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq2414" = CanoScan LiDE 110 Scanner Driver
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq9601" = CanoScan LiDE 700F Scanner Driver
"{2E414A76-E6A7-3504-4235-29EAB3FE1F7A}" = ATI AVIVO64 Codecs
"{3768263E-8BE8-4CEF-9463-6D36F731824B}" = Windows Live Family Safety
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{72EF03F5-0507-4861-9A44-D99FD4C41418}" = Paint.NET v3.5.11
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96CCD84C-3F80-C618-6202-568608213C7E}" = ccc-utility64
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{C513739C-5F16-37B5-9ACF-99925FF1C1F3}" = Microsoft .NET Framework 4.5.1 (DEU)
"{FDB61EAE-7C1D-7EB6-E1EE-14528E3EB266}" = ATI Catalyst Install Manager
"CNXT_AUDIO_HDA" = Conexant HD Audio
"GPL Ghostscript 9.10" = GPL Ghostscript
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"USB2.0 UVC VGA WebCam" = USB2.0 UVC VGA WebCam
"VLC media player" = VLC media player 2.1.0
"WinRAR archiver" = WinRAR 5.00 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{011162D5-6853-9D60-2BD4-1F3D01966A59}" = CCC Help English
"{05CF7905-AD18-769E-7717-1DC8AF388BEA}" = CCC Help Hungarian
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{1382CAD9-2A6A-F826-96DF-27CC6CC7B3B0}" = CCC Help Czech
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F4C4124-6D6C-4282-63B8-F9468E4404BC}" = Catalyst Control Center InstallProxy
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{28452235-8D43-464B-EDB2-18DA5542722D}" = CCC Help Portuguese
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3BD37E91-C31A-CB8A-C48C-21CE58723AEF}" = CCC Help Polish
"{47A1A0D5-37DE-7A02-F411-8DFBA338CCC2}" = CCC Help Swedish
"{47B4F3BD-1FCB-914B-397A-7220136A175F}" = CCC Help Japanese
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4D38B420-FDA9-282A-DBBA-3E8E9158A5F4}" = Catalyst Control Center Localization All
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.10
"{597535B3-348A-8FBF-1C39-C21E634C1E8A}" = CCC Help Norwegian
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{69A7B958-4617-9924-F32B-7C1FF3C7EE6C}" = Catalyst Control Center Graphics Previews Common
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{73AA1842-2960-328C-E51E-CEC0B23950C2}" = Catalyst Control Center Graphics Previews Vista
"{75CE15F1-3508-D4AA-6EB4-AB9D55FAD076}" = CCC Help Russian
"{76246D4D-C095-5B94-9EFA-0F6DFF804BB1}" = CCC Help Greek
"{77CC4640-98F0-603A-2CDB-A981F09FED6D}" = CCC Help French
"{7D1C43EB-EAE9-5D8C-FEF4-E00AF6B9500F}" = CCC Help Finnish
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{81BEA2F5-4F9B-4AF5-A9B2-3210F71931D3}" = Catalyst Control Center - Branding
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{886EA01E-D4B4-D2E1-CEA2-213E9C06DFF5}" = CCC Help Spanish
"{88799CBD-90A6-67FB-310E-79CAB1479F0F}" = CCC Help Chinese Traditional
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}" = JMicron Ethernet Adapter NDIS Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D8847D7-DF68-2325-250A-96BE101FCF69}" = CCC Help Italian
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A88E1685-1986-4A86-8E88-5FE1E727D026}" = RealDownloader
"{AA8F54E5-393C-B09B-B641-7CE1D1E1933F}" = CCC Help Dutch
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.5 MUI
"{B8174E5B-B515-3423-1273-4B4B6B483C4B}" = CCC Help Chinese Standard
"{BBED4F90-7AE5-40BF-AFB7-1B495692F4AB}" = syncables desktop SE
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C1234B72-5EAF-807C-46E8-59A1C9FEF6CA}" = CCC Help Turkish
"{D5CCDB0C-00B7-3A4F-3877-6C57920F05D8}" = CCC Help Korean
"{DA8D3A2D-5FD5-82D1-C9A8-801079EE0FD0}" = CCC Help Thai
"{DAB623DC-33F2-E22E-7B24-2270E8AB1EB3}" = ccc-core-static
"{DDA92568-FE0E-E2F4-35A5-7CD99ADACF26}" = CCC Help Danish
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC6A04DE-135E-AC5C-AA19-8E350AA5B6D4}" = CCC Help German
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ASUS WebStorage" = ASUS WebStorage
"Avira AntiVir Desktop" = Avira Antivirus Premium
"Call of Duty Black Ops II_is1" = Call of Duty Black Ops II
"DivX Setup" = DivX-Setup
"FreePDF_XP" = FreePDF (Remove only)
"ImgBurn" = ImgBurn
"K_Series_ScreenSaver_EN" = K_Series_ScreenSaver_EN
"Mozilla Thunderbird 24.2.0 (x86 de)" = Mozilla Thunderbird 24.2.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 2.1" = Canon MP Navigator EX 2.1
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Steam" = Steam
"Steam App 10" = Counter-Strike
"Steam App 240" = Counter-Strike: Source
"Steam App 440" = Team Fortress 2
"Steam App 550" = Left 4 Dead 2
"TeamViewer 9" = TeamViewer 9
"VirtualCloneDrive" = VirtualCloneDrive
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 19.12.2013 03:49:32 | Computer Name = **** | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{A88E1685-1986-4A86-8E88-5FE1E727D026}\recordingmanager.exe".
Die
 abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 19.12.2013 12:28:53 | Computer Name = **** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: recordingmanager.exe, Version: 1.2.0.144,
 Zeitstempel: 0x502417c6  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247,
 Zeitstempel: 0x521ea8e7  Ausnahmecode: 0xc0000374  Fehleroffset: 0x000ce753  ID des fehlerhaften
 Prozesses: 0x13e4  Startzeit der fehlerhaften Anwendung: 0x01cefbf850471776  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: a606af1a-68ca-11e3-a693-20cf30c5be6c
 
Error - 20.12.2013 15:14:44 | Computer Name = **** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 20.12.2013 15:15:46 | Computer Name = **** | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{A88E1685-1986-4A86-8E88-5FE1E727D026}\recordingmanager.exe".
Die
 abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 20.12.2013 18:31:06 | Computer Name = **** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 20.12.2013 18:31:43 | Computer Name = **** | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{A88E1685-1986-4A86-8E88-5FE1E727D026}\recordingmanager.exe".
Die
 abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 20.12.2013 19:47:42 | Computer Name = **** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 20.12.2013 19:48:40 | Computer Name = **** | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{A88E1685-1986-4A86-8E88-5FE1E727D026}\recordingmanager.exe".
Die
 abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 22.12.2013 06:55:31 | Computer Name = **** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 22.12.2013 06:56:37 | Computer Name = **** | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{A88E1685-1986-4A86-8E88-5FE1E727D026}\recordingmanager.exe".
Die
 abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
[ System Events ]
Error - 02.12.2013 10:23:49 | Computer Name = **** | Source = ACPI | ID = 327690
Description = ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich
 (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
 zu erhalten.
 
Error - 02.12.2013 10:23:49 | Computer Name = **** | Source = ACPI | ID = 327690
Description = ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich
 (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
 zu erhalten.
 
Error - 02.12.2013 11:16:25 | Computer Name = **** | Source = ACPI | ID = 327690
Description = ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich
 (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
 zu erhalten.
 
Error - 02.12.2013 11:16:25 | Computer Name = **** | Source = ACPI | ID = 327690
Description = ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich
 (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
 zu erhalten.
 
Error - 02.12.2013 11:57:14 | Computer Name = **** | Source = ACPI | ID = 327690
Description = ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich
 (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
 zu erhalten.
 
Error - 02.12.2013 11:57:14 | Computer Name = **** | Source = ACPI | ID = 327690
Description = ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich
 (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
 zu erhalten.
 
Error - 02.12.2013 12:14:36 | Computer Name = **** | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus
 lautet: 252.
 
Error - 02.12.2013 12:14:36 | Computer Name = **** | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus
 lautet: 252.
 
Error - 08.12.2013 14:58:06 | Computer Name = **** | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Steam Client Service erreicht.
 
Error - 08.12.2013 14:58:06 | Computer Name = **** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
 
< End of report >
         

Alt 06.01.2014, 20:23   #2
aharonov
/// TB-Ausbilder
 
Conduit.com entfernt. Noch was übrig geblieben in meinem System? - Standard

Conduit.com entfernt. Noch was übrig geblieben in meinem System?



Hallo,

mach bitte einen FRST-Scan:


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 07.01.2014, 18:53   #3
Sipahi_72
 
Conduit.com entfernt. Noch was übrig geblieben in meinem System? - Standard

Conduit.com entfernt. Noch was übrig geblieben in meinem System?



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-01-2014
Ran by *** (administrator) on C__TER on 07-01-2014 19:29:19
Running from C:\Users\***\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
(ASUS) C:\Windows\AsScrPro.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
HKLM\...\Run: [Setwallpaper] - c:\programdata\SetWallpaper.cmd
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440 2010-07-02] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSMTray] - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [272952 2009-06-24] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] - C:\Windows\AsScrPro.exe [3054136 2010-11-17] (ASUS)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe [740736 2012-08-03] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [EaseUS EPM tray] - C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
MountPoints2: {949cd73f-60c1-11e3-9253-20cf30c5be6c} - F:\AutoRun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 81.173.194.69 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\h9l041ci.default
FF Homepage: www.google.de
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.2.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.2.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{B1FC07E1-E05B-4567-8891-E63FBE545BA8}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\

==================== Services (Whitelisted) =================

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [896056 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-08-09] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWow64\epmntdrv.sys [13896 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWow64\EuGdiDrv.sys [9160 2013-03-07] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
U3 tmlwf; 
U3 tmwfp; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-07 19:29 - 2014-01-07 19:29 - 00013779 _____ C:\Users\***\Desktop\FRST.txt
2014-01-07 19:29 - 2014-01-07 19:29 - 00000000 ____D C:\FRST
2014-01-07 19:26 - 2014-01-07 19:27 - 00000000 ____D C:\Users\***\AppData\Local\Mozilla
2014-01-07 19:26 - 2014-01-07 19:26 - 00001149 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-07 19:26 - 2014-01-07 19:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-07 19:23 - 2014-01-07 19:23 - 00283096 _____ (Mozilla) C:\Users\***\Desktop\Firefox Setup Stub 26.0.exe
2014-01-07 19:21 - 2014-01-07 19:28 - 01931762 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2014-01-07 19:21 - 2014-01-07 19:22 - 00000000 ____D C:\Users\***\AppData\Roaming\Apple Computer
2014-01-07 19:21 - 2014-01-07 19:21 - 00001785 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-07 19:21 - 2014-01-07 19:21 - 00000000 ____D C:\Users\***\AppData\Local\Apple Computer
2014-01-07 19:20 - 2014-01-07 19:20 - 00000000 ____D C:\Users\***\AppData\Local\Apple
2014-01-07 19:20 - 2014-01-07 19:20 - 00000000 ____D C:\ProgramData\Apple Computer
2014-01-07 19:20 - 2014-01-07 19:20 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-07 19:20 - 2014-01-07 19:20 - 00000000 ____D C:\Program Files\iTunes
2014-01-07 19:20 - 2014-01-07 19:20 - 00000000 ____D C:\Program Files\iPod
2014-01-07 19:20 - 2014-01-07 19:20 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-07 19:20 - 2014-01-07 19:20 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2014-01-07 19:20 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-01-07 19:19 - 2014-01-07 19:20 - 00000000 ____D C:\ProgramData\Apple
2014-01-07 19:19 - 2014-01-07 19:19 - 00000000 ____D C:\Program Files\Common Files\Apple
2014-01-07 19:19 - 2014-01-07 19:19 - 00000000 ____D C:\Program Files\Bonjour
2014-01-07 19:19 - 2014-01-07 19:19 - 00000000 ____D C:\Program Files (x86)\Bonjour
2014-01-07 03:56 - 2014-01-07 03:56 - 00001393 _____ C:\Users\Public\Desktop\EaseUS Partition Master 9.3.0.lnk
2014-01-07 03:56 - 2013-10-09 15:34 - 03381832 _____ C:\Windows\system32\BootMan.exe
2014-01-07 03:56 - 2013-10-09 15:24 - 02499656 _____ C:\Windows\SysWOW64\BootMan.exe
2014-01-07 03:56 - 2013-03-07 09:49 - 00100936 _____ C:\Windows\system32\setupempdrvx64.exe
2014-01-07 03:56 - 2013-03-07 09:49 - 00087112 _____ C:\Windows\SysWOW64\setupempdrv03.exe
2014-01-07 03:56 - 2013-03-07 09:49 - 00019840 _____ C:\Windows\SysWOW64\EuEpmGdi.dll
2014-01-07 03:56 - 2013-03-07 09:49 - 00017480 _____ C:\Windows\system32\epmntdrv.sys
2014-01-07 03:56 - 2013-03-07 09:49 - 00016256 _____ C:\Windows\system32\EuEpmGdi.dll
2014-01-07 03:56 - 2013-03-07 09:49 - 00013896 _____ C:\Windows\SysWOW64\epmntdrv.sys
2014-01-07 03:56 - 2013-03-07 09:49 - 00009800 _____ C:\Windows\system32\EuGdiDrv.sys
2014-01-07 03:56 - 2013-03-07 09:49 - 00009160 _____ C:\Windows\SysWOW64\EuGdiDrv.sys
2014-01-06 19:16 - 2014-01-06 19:16 - 01544704 _____ C:\Windows\isRS-000.tmp
2014-01-06 01:34 - 2014-01-06 01:34 - 00000871 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2014-01-06 01:34 - 2014-01-06 01:34 - 00000000 ____D C:\Program Files\CPUID
2014-01-06 01:33 - 2014-01-06 01:33 - 01460512 _____ (                                                            ) C:\Users\***\Downloads\cpu-z_1.67-setup-en.exe
2014-01-06 00:44 - 2014-01-06 11:00 - 00057912 _____ C:\Users\***\Desktop\Extras.Txt
2014-01-06 00:42 - 2014-01-06 11:01 - 00124362 _____ C:\Users\***\Desktop\OTL.Txt
2014-01-06 00:22 - 2014-01-06 00:22 - 00602112 _____ (OldTimer Tools) C:\Users\***\Desktop\OTL.exe
2014-01-05 23:05 - 2014-01-05 23:05 - 00004755 _____ C:\Users\***\Downloads\eicfg_removal_utility.zip
2014-01-05 22:14 - 2010-02-03 07:03 - 00249736 _____ (ELAN Microelectronic Corp.) C:\Windows\ETDUninst.dll
2014-01-03 20:54 - 2014-01-07 04:01 - 00001778 ____H C:\Windows\EPMBatch.ept
2014-01-03 20:42 - 2014-01-03 20:43 - 00000000 ____D C:\ProgramData\TuneUp Software
2014-01-03 20:42 - 2014-01-03 20:42 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-03 20:42 - 2014-01-03 20:42 - 00000000 ____D C:\Users\***\AppData\Roaming\TuneUp Software
2014-01-03 20:39 - 2014-01-03 20:39 - 00000000 ____D C:\Users\***\AppData\Roaming\OpenCandy
2014-01-03 20:39 - 2014-01-03 20:39 - 00000000 ____D C:\Program Files (x86)\EaseUS
2013-12-25 18:53 - 2013-12-25 18:53 - 01189560 _____ (AMD Inc.) C:\Users\***\Desktop\catalyst_mobility_64-bit_util.exe
2013-12-25 16:10 - 2013-12-25 16:10 - 00000219 _____ C:\Users\***\Desktop\Counter-Strike Source.url
2013-12-22 23:30 - 2013-12-22 23:30 - 00000218 _____ C:\Users\***\Desktop\Counter-Strike.url
2013-12-16 20:44 - 2013-12-16 20:44 - 00000000 ____D C:\Windows\solcache
2013-12-16 20:43 - 2013-12-16 20:43 - 00000000 ____D C:\Program Files (x86)\Sierra On-Line
2013-12-16 18:27 - 2013-12-16 20:54 - 00000000 ____D C:\Sierra
2013-12-16 16:52 - 2014-01-07 19:26 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2013-12-16 16:52 - 2014-01-07 19:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-16 16:52 - 2013-12-16 16:52 - 00002088 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-12-16 16:52 - 2013-12-16 16:52 - 00000000 ____D C:\Users\***\AppData\Roaming\Thunderbird
2013-12-16 16:52 - 2013-12-16 16:52 - 00000000 ____D C:\Users\***\AppData\Local\Thunderbird
2013-12-16 16:52 - 2013-12-16 16:52 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-16 16:52 - 2013-12-16 16:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-12-16 16:49 - 2013-12-16 16:51 - 21981704 _____ (Mozilla) C:\Users\***\Downloads\Thunderbird Setup 24.2.0.exe
2013-12-13 22:15 - 2013-12-13 22:15 - 00000000 ____D C:\Users\***\AppData\Roaming\ImgBurn
2013-12-13 22:10 - 2013-12-13 22:10 - 00001867 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2013-12-13 22:10 - 2013-12-13 22:10 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2013-12-13 11:21 - 2014-01-07 14:01 - 00004269 _____ C:\Windows\setupact.log
2013-12-13 11:21 - 2013-12-13 11:21 - 00000000 _____ C:\Windows\setuperr.log
2013-12-12 00:25 - 2013-12-12 00:29 - 00000000 ____D C:\Users\***\AppData\Roaming\TeamViewer
2013-12-12 00:16 - 2013-12-18 16:13 - 00001092 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk
2013-12-12 00:16 - 2013-12-12 00:16 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-12-12 00:03 - 2013-12-12 00:15 - 06052208 _____ (TeamViewer GmbH) C:\Users\***\Desktop\TeamViewer_Setup_de-ckc.exe
2013-12-11 22:03 - 2013-12-11 22:03 - 00000000 ____D C:\Users\***\Documents\ASUS
2013-12-11 22:03 - 2013-12-11 22:03 - 00000000 ____D C:\Users\***\AppData\Local\ASUS
2013-12-11 22:03 - 2013-12-11 22:03 - 00000000 ____D C:\ProgramData\ASUS
2013-12-11 21:41 - 2013-12-11 21:41 - 00001236 _____ C:\Users\Public\Desktop\ASUS WebStorage.lnk
2013-12-11 21:41 - 2013-12-11 21:41 - 00000000 ____D C:\ProgramData\ASUS WebStorage
2013-12-11 21:25 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 21:25 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 21:25 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 21:25 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 21:23 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 21:23 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 21:23 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 21:23 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 21:23 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 21:23 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-11 21:23 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 21:23 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 21:23 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 21:23 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 21:23 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 21:23 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 21:23 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-11 21:23 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-11 21:23 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 21:23 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 21:23 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 21:23 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 21:23 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 21:23 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-11 21:23 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 21:23 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 21:23 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 21:23 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-11 21:23 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 21:23 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 21:23 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 21:23 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-11 21:23 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-11 21:23 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 21:23 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 15:23 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 15:23 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 15:23 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 15:23 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 15:23 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 15:23 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 15:23 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 15:23 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 15:23 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 15:23 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 15:23 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 15:23 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 15:23 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 15:23 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 15:23 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 15:23 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 15:23 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 15:23 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 15:23 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 15:49 - 2013-12-10 15:49 - 00000000 ____D C:\Users\***\AppData\Roaming\openvr
2013-12-10 14:36 - 2013-12-10 14:36 - 00000000 ____D C:\Users\***\AppData\Local\SKIDROW
2013-12-10 14:19 - 2010-06-02 03:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2013-12-10 14:19 - 2010-06-02 03:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2013-12-10 14:19 - 2010-06-02 03:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2013-12-10 14:19 - 2010-06-02 03:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2013-12-10 14:19 - 2010-06-02 03:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2013-12-10 14:19 - 2010-06-02 03:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2013-12-10 14:19 - 2010-05-26 10:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2013-12-10 14:19 - 2010-05-26 10:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2013-12-10 14:19 - 2010-05-26 10:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-12-10 14:19 - 2010-05-26 10:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2013-12-10 14:19 - 2010-05-26 10:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2013-12-10 14:19 - 2010-05-26 10:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2013-12-10 14:19 - 2010-05-26 10:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2013-12-10 14:19 - 2010-05-26 10:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2013-12-10 14:19 - 2010-05-26 10:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2013-12-10 14:19 - 2010-05-26 10:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2013-12-10 14:19 - 2010-02-04 09:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2013-12-10 14:19 - 2010-02-04 09:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2013-12-10 14:19 - 2010-02-04 09:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2013-12-10 14:19 - 2010-02-04 09:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2013-12-10 14:19 - 2010-02-04 09:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2013-12-10 14:19 - 2010-02-04 09:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2013-12-10 14:19 - 2010-02-04 09:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2013-12-10 14:19 - 2010-02-04 09:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2013-12-10 14:19 - 2009-09-04 16:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2013-12-10 14:19 - 2009-09-04 16:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2013-12-10 14:19 - 2009-09-04 16:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2013-12-10 14:19 - 2009-09-04 16:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2013-12-10 14:19 - 2009-09-04 16:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2013-12-10 14:19 - 2009-09-04 16:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2013-12-10 14:19 - 2009-09-04 16:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2013-12-10 14:19 - 2009-09-04 16:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2013-12-10 14:19 - 2009-09-04 16:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2013-12-10 14:19 - 2009-09-04 16:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2013-12-10 14:19 - 2009-09-04 16:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2013-12-10 14:19 - 2009-09-04 16:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-12-10 14:19 - 2009-09-04 16:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2013-12-10 14:19 - 2009-09-04 16:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2013-12-10 14:19 - 2009-09-04 16:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2013-12-10 14:19 - 2009-09-04 16:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2013-12-10 14:19 - 2009-03-16 13:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2013-12-10 14:19 - 2009-03-16 13:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2013-12-10 14:19 - 2009-03-16 13:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2013-12-10 14:19 - 2009-03-16 13:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2013-12-10 14:19 - 2009-03-16 13:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2013-12-10 14:19 - 2009-03-16 13:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2013-12-10 14:19 - 2009-03-09 14:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2013-12-10 14:19 - 2009-03-09 14:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2013-12-10 14:19 - 2009-03-09 14:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2013-12-10 14:19 - 2009-03-09 14:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2013-12-10 14:19 - 2009-03-09 14:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2013-12-10 14:19 - 2009-03-09 14:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2013-12-10 14:19 - 2008-10-27 09:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2013-12-10 14:19 - 2008-10-27 09:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2013-12-10 14:19 - 2008-10-27 09:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2013-12-10 14:19 - 2008-10-27 09:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2013-12-10 14:19 - 2008-10-27 09:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2013-12-10 14:19 - 2008-10-27 09:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2013-12-10 14:19 - 2008-10-27 09:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2013-12-10 14:19 - 2008-10-27 09:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2013-12-10 14:19 - 2008-10-10 03:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2013-12-10 14:19 - 2008-10-10 03:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2013-12-10 14:19 - 2008-10-10 03:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2013-12-10 14:19 - 2008-10-10 03:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2013-12-10 14:19 - 2008-10-10 03:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2013-12-10 14:19 - 2008-10-10 03:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2013-12-10 14:19 - 2008-07-31 09:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2013-12-10 14:19 - 2008-07-31 09:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2013-12-10 14:19 - 2008-07-31 09:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2013-12-10 14:19 - 2008-07-31 09:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-12-10 14:19 - 2008-07-31 09:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2013-12-10 14:19 - 2008-07-31 09:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2013-12-10 14:19 - 2008-07-10 10:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-12-10 14:19 - 2008-07-10 10:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2013-12-10 14:19 - 2008-07-10 10:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-12-10 14:19 - 2008-07-10 10:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2013-12-10 14:19 - 2008-07-10 10:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-12-10 14:19 - 2008-07-10 10:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2013-12-10 14:19 - 2008-05-30 13:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2013-12-10 14:19 - 2008-05-30 13:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2013-12-10 14:19 - 2008-05-30 13:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2013-12-10 14:19 - 2008-05-30 13:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2013-12-10 14:19 - 2008-05-30 13:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2013-12-10 14:19 - 2008-05-30 13:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2013-12-10 14:19 - 2008-05-30 13:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2013-12-10 14:19 - 2008-05-30 13:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2013-12-10 14:19 - 2008-05-30 13:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2013-12-10 14:19 - 2008-05-30 13:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2013-12-10 14:19 - 2008-05-30 13:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2013-12-10 14:19 - 2008-05-30 13:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2013-12-10 14:19 - 2008-05-30 13:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2013-12-10 14:19 - 2008-05-30 13:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2013-12-10 14:19 - 2008-03-05 15:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2013-12-10 14:19 - 2008-03-05 15:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2013-12-10 14:19 - 2008-03-05 15:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2013-12-10 14:19 - 2008-03-05 15:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2013-12-10 14:19 - 2008-03-05 15:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2013-12-10 14:19 - 2008-03-05 15:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2013-12-10 14:19 - 2008-03-05 14:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2013-12-10 14:19 - 2008-03-05 14:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2013-12-10 14:19 - 2008-03-05 14:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2013-12-10 14:19 - 2008-03-05 14:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2013-12-10 14:19 - 2008-02-05 22:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2013-12-10 14:19 - 2008-02-05 22:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2013-12-10 14:19 - 2007-10-22 02:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2013-12-10 14:19 - 2007-10-22 02:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2013-12-10 14:19 - 2007-10-22 02:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2013-12-10 14:19 - 2007-10-12 14:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2013-12-10 14:19 - 2007-10-12 14:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2013-12-10 14:19 - 2007-10-12 14:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2013-12-10 14:19 - 2007-10-12 14:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2013-12-10 14:19 - 2007-10-02 08:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2013-12-10 14:19 - 2007-10-02 08:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2013-12-10 14:19 - 2007-07-19 23:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2013-12-10 14:19 - 2007-07-19 23:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2013-12-10 14:19 - 2007-07-19 23:54 - 00018280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_2.dll
2013-12-10 14:19 - 2007-07-19 17:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2013-12-10 14:19 - 2007-07-19 17:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2013-12-10 14:19 - 2007-07-19 17:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2013-12-10 14:19 - 2007-07-19 17:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2013-12-10 14:19 - 2007-07-19 17:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2013-12-10 14:19 - 2007-07-19 17:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2013-12-10 14:19 - 2007-06-20 19:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2013-12-10 14:19 - 2007-06-20 19:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2013-12-10 14:19 - 2007-05-16 15:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2013-12-10 14:19 - 2007-05-16 15:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2013-12-10 14:19 - 2007-05-16 15:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2013-12-10 14:19 - 2007-05-16 15:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2013-12-10 14:19 - 2007-05-16 15:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2013-12-10 14:19 - 2007-05-16 15:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2013-12-10 14:19 - 2007-04-04 17:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2013-12-10 14:19 - 2007-04-04 17:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2013-12-10 14:19 - 2007-04-04 17:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2013-12-10 14:19 - 2007-04-04 17:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2013-12-10 14:19 - 2007-03-15 15:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2013-12-10 14:19 - 2007-03-15 15:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2013-12-10 14:19 - 2007-03-12 15:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2013-12-10 14:19 - 2007-03-12 15:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2013-12-10 14:19 - 2007-03-12 15:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2013-12-10 14:19 - 2007-03-12 15:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2013-12-10 14:19 - 2007-03-05 11:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2013-12-10 14:19 - 2007-03-05 11:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2013-12-10 14:19 - 2007-01-24 14:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2013-12-10 14:19 - 2007-01-24 14:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2013-12-10 14:19 - 2006-12-08 11:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2013-12-10 14:19 - 2006-12-08 11:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2013-12-10 14:19 - 2006-11-29 12:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2013-12-10 14:19 - 2006-11-29 12:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2013-12-10 14:19 - 2006-09-28 15:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2013-12-10 14:19 - 2006-09-28 15:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-12-10 14:19 - 2006-09-28 15:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2013-12-10 14:19 - 2006-09-28 15:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2013-12-10 14:19 - 2006-07-28 08:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2013-12-10 14:19 - 2006-07-28 08:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2013-12-10 14:19 - 2006-07-28 08:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2013-12-10 14:19 - 2006-07-28 08:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2013-12-10 14:19 - 2006-05-31 06:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2013-12-10 14:19 - 2006-05-31 06:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2013-12-10 14:19 - 2006-03-31 11:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2013-12-10 14:19 - 2006-03-31 11:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2013-12-10 14:19 - 2006-03-31 11:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2013-12-10 14:19 - 2006-03-31 11:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2013-12-10 14:19 - 2006-03-31 11:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2013-12-10 14:19 - 2006-03-31 11:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2013-12-10 14:19 - 2006-02-03 07:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2013-12-10 14:19 - 2006-02-03 07:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2013-12-10 14:19 - 2006-02-03 07:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2013-12-10 14:19 - 2006-02-03 07:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2013-12-10 14:19 - 2006-02-03 07:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2013-12-10 14:19 - 2006-02-03 07:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2013-12-10 14:19 - 2005-12-05 17:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2013-12-10 14:19 - 2005-12-05 17:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2013-12-10 14:19 - 2005-07-22 18:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2013-12-10 14:19 - 2005-07-22 18:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2013-12-10 14:19 - 2005-05-26 14:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2013-12-10 14:19 - 2005-05-26 14:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2013-12-10 14:19 - 2005-03-18 16:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2013-12-10 14:19 - 2005-03-18 16:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2013-12-10 14:19 - 2005-02-05 18:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2013-12-10 14:19 - 2005-02-05 18:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2013-12-10 14:14 - 2013-12-10 14:19 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-12-10 14:09 - 2013-12-10 14:09 - 00002175 _____ C:\Users\Public\Desktop\Call of Duty Black Ops II.lnk
2013-12-10 14:09 - 2013-12-10 14:09 - 00002175 _____ C:\Users\Public\Desktop\Call of Duty Black Ops II Zombie Mode.lnk
2013-12-10 14:09 - 2013-12-10 14:09 - 00002175 _____ C:\Users\Public\Desktop\Call of Duty Black Ops II Multiplayer.lnk
2013-12-10 13:57 - 2013-12-10 13:57 - 00000000 ____D C:\Program Files (x86)\Activision
2013-12-10 12:32 - 2013-12-10 12:32 - 00001252 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2013-12-10 12:31 - 2013-12-10 12:31 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-12-09 13:25 - 2013-12-09 13:30 - 233311096 _____ (Lenovo Group Limited                                        ) C:\Users\***\Downloads\tvtrnr423_017gr.exe
2013-12-08 22:51 - 2013-12-08 22:51 - 00000000 ____D C:\AMD
2013-12-08 21:14 - 2013-12-26 17:38 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-12-08 21:14 - 2013-12-08 21:14 - 00000219 _____ C:\Users\***\Desktop\Team Fortress 2.url
2013-12-08 19:54 - 2014-01-04 13:12 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-08 19:54 - 2013-12-08 19:54 - 00000965 _____ C:\Users\Public\Desktop\Steam.lnk

==================== One Month Modified Files and Folders =======

2014-01-07 19:29 - 2014-01-07 19:29 - 00013779 _____ C:\Users\***\Desktop\FRST.txt
2014-01-07 19:29 - 2014-01-07 19:29 - 00000000 ____D C:\FRST
2014-01-07 19:28 - 2014-01-07 19:21 - 01931762 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2014-01-07 19:27 - 2014-01-07 19:26 - 00000000 ____D C:\Users\***\AppData\Local\Mozilla
2014-01-07 19:26 - 2014-01-07 19:26 - 00001149 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-07 19:26 - 2014-01-07 19:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-07 19:26 - 2013-12-16 16:52 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2014-01-07 19:26 - 2013-12-16 16:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-07 19:23 - 2014-01-07 19:23 - 00283096 _____ (Mozilla) C:\Users\***\Desktop\Firefox Setup Stub 26.0.exe
2014-01-07 19:22 - 2014-01-07 19:21 - 00000000 ____D C:\Users\***\AppData\Roaming\Apple Computer
2014-01-07 19:21 - 2014-01-07 19:21 - 00001785 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-07 19:21 - 2014-01-07 19:21 - 00000000 ____D C:\Users\***\AppData\Local\Apple Computer
2014-01-07 19:20 - 2014-01-07 19:20 - 00000000 ____D C:\Users\***\AppData\Local\Apple
2014-01-07 19:20 - 2014-01-07 19:20 - 00000000 ____D C:\ProgramData\Apple Computer
2014-01-07 19:20 - 2014-01-07 19:20 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-07 19:20 - 2014-01-07 19:20 - 00000000 ____D C:\Program Files\iTunes
2014-01-07 19:20 - 2014-01-07 19:20 - 00000000 ____D C:\Program Files\iPod
2014-01-07 19:20 - 2014-01-07 19:20 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-07 19:20 - 2014-01-07 19:20 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2014-01-07 19:20 - 2014-01-07 19:19 - 00000000 ____D C:\ProgramData\Apple
2014-01-07 19:19 - 2014-01-07 19:19 - 00000000 ____D C:\Program Files\Common Files\Apple
2014-01-07 19:19 - 2014-01-07 19:19 - 00000000 ____D C:\Program Files\Bonjour
2014-01-07 19:19 - 2014-01-07 19:19 - 00000000 ____D C:\Program Files (x86)\Bonjour
2014-01-07 19:12 - 2013-11-04 12:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-07 18:38 - 2013-11-04 20:48 - 00000000 ____D C:\Users\***\AppData\Roaming\vlc
2014-01-07 17:48 - 2009-08-04 10:51 - 00699034 _____ C:\Windows\system32\perfh007.dat
2014-01-07 17:48 - 2009-08-04 10:51 - 00149142 _____ C:\Windows\system32\perfc007.dat
2014-01-07 17:48 - 2009-07-14 06:13 - 01618320 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-07 16:20 - 2010-11-17 11:28 - 01673981 _____ C:\Windows\WindowsUpdate.log
2014-01-07 14:08 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-07 14:08 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-07 14:03 - 2010-11-17 12:08 - 00000000 ____D C:\Program Files\P4G
2014-01-07 14:01 - 2013-12-13 11:21 - 00004269 _____ C:\Windows\setupact.log
2014-01-07 14:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-07 04:01 - 2014-01-03 20:54 - 00001778 ____H C:\Windows\EPMBatch.ept
2014-01-07 03:56 - 2014-01-07 03:56 - 00001393 _____ C:\Users\Public\Desktop\EaseUS Partition Master 9.3.0.lnk
2014-01-07 03:46 - 2013-11-16 23:59 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2014-01-06 19:16 - 2014-01-06 19:16 - 01544704 _____ C:\Windows\isRS-000.tmp
2014-01-06 19:16 - 2013-11-16 23:59 - 00001951 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-01-06 11:01 - 2014-01-06 00:42 - 00124362 _____ C:\Users\***\Desktop\OTL.Txt
2014-01-06 11:00 - 2014-01-06 00:44 - 00057912 _____ C:\Users\***\Desktop\Extras.Txt
2014-01-06 01:34 - 2014-01-06 01:34 - 00000871 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2014-01-06 01:34 - 2014-01-06 01:34 - 00000000 ____D C:\Program Files\CPUID
2014-01-06 01:33 - 2014-01-06 01:33 - 01460512 _____ (                                                            ) C:\Users\***\Downloads\cpu-z_1.67-setup-en.exe
2014-01-06 00:22 - 2014-01-06 00:22 - 00602112 _____ (OldTimer Tools) C:\Users\***\Desktop\OTL.exe
2014-01-05 23:05 - 2014-01-05 23:05 - 00004755 _____ C:\Users\***\Downloads\eicfg_removal_utility.zip
2014-01-04 13:12 - 2013-12-08 19:54 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-03 20:43 - 2014-01-03 20:42 - 00000000 ____D C:\ProgramData\TuneUp Software
2014-01-03 20:42 - 2014-01-03 20:42 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-03 20:42 - 2014-01-03 20:42 - 00000000 ____D C:\Users\***\AppData\Roaming\TuneUp Software
2014-01-03 20:39 - 2014-01-03 20:39 - 00000000 ____D C:\Users\***\AppData\Roaming\OpenCandy
2014-01-03 20:39 - 2014-01-03 20:39 - 00000000 ____D C:\Program Files (x86)\EaseUS
2013-12-30 20:04 - 2013-11-06 16:42 - 00003380 _____ C:\Windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1658190363-760034021-3416605230-1000
2013-12-26 17:38 - 2013-12-08 21:14 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-12-25 18:53 - 2013-12-25 18:53 - 01189560 _____ (AMD Inc.) C:\Users\***\Desktop\catalyst_mobility_64-bit_util.exe
2013-12-25 16:10 - 2013-12-25 16:10 - 00000219 _____ C:\Users\***\Desktop\Counter-Strike Source.url
2013-12-22 23:30 - 2013-12-22 23:30 - 00000218 _____ C:\Users\***\Desktop\Counter-Strike.url
2013-12-18 16:13 - 2013-12-12 00:16 - 00001092 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk
2013-12-16 20:54 - 2013-12-16 18:27 - 00000000 ____D C:\Sierra
2013-12-16 20:44 - 2013-12-16 20:44 - 00000000 ____D C:\Windows\solcache
2013-12-16 20:43 - 2013-12-16 20:43 - 00000000 ____D C:\Program Files (x86)\Sierra On-Line
2013-12-16 16:52 - 2013-12-16 16:52 - 00002088 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-12-16 16:52 - 2013-12-16 16:52 - 00000000 ____D C:\Users\***\AppData\Roaming\Thunderbird
2013-12-16 16:52 - 2013-12-16 16:52 - 00000000 ____D C:\Users\***\AppData\Local\Thunderbird
2013-12-16 16:52 - 2013-12-16 16:52 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-16 16:52 - 2013-12-16 16:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-12-16 16:51 - 2013-12-16 16:49 - 21981704 _____ (Mozilla) C:\Users\***\Downloads\Thunderbird Setup 24.2.0.exe
2013-12-16 02:36 - 2013-11-05 01:56 - 00000000 ____D C:\Users\***\AppData\Roaming\Skype
2013-12-14 15:04 - 2010-11-17 11:57 - 00202866 _____ C:\Windows\PFRO.log
2013-12-13 22:15 - 2013-12-13 22:15 - 00000000 ____D C:\Users\***\AppData\Roaming\ImgBurn
2013-12-13 22:10 - 2013-12-13 22:10 - 00001867 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2013-12-13 22:10 - 2013-12-13 22:10 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2013-12-13 11:21 - 2013-12-13 11:21 - 00000000 _____ C:\Windows\setuperr.log
2013-12-13 11:21 - 2009-07-14 05:45 - 00366760 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 12:44 - 2013-11-03 21:10 - 00091752 _____ C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-12 10:39 - 2013-11-03 22:00 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-12 10:39 - 2013-11-03 21:57 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-12 10:39 - 2013-11-03 21:57 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-12 00:29 - 2013-12-12 00:25 - 00000000 ____D C:\Users\***\AppData\Roaming\TeamViewer
2013-12-12 00:16 - 2013-12-12 00:16 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-12-12 00:15 - 2013-12-12 00:03 - 06052208 _____ (TeamViewer GmbH) C:\Users\***\Desktop\TeamViewer_Setup_de-ckc.exe
2013-12-11 23:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-11 22:03 - 2013-12-11 22:03 - 00000000 ____D C:\Users\***\Documents\ASUS
2013-12-11 22:03 - 2013-12-11 22:03 - 00000000 ____D C:\Users\***\AppData\Local\ASUS
2013-12-11 22:03 - 2013-12-11 22:03 - 00000000 ____D C:\ProgramData\ASUS
2013-12-11 22:03 - 2010-11-17 11:35 - 02923888 _____ C:\Windows\AsDebug.log
2013-12-11 22:03 - 2010-11-17 11:35 - 00341568 _____ C:\Windows\AsCDProc.log
2013-12-11 22:02 - 2013-11-03 22:30 - 00000024 _____ C:\Windows\ATKPF.ini
2013-12-11 21:42 - 2013-11-03 21:19 - 00000000 ____D C:\Users\***\Documents\ASUS WebStorage
2013-12-11 21:42 - 2013-11-03 21:19 - 00000000 ____D C:\Users\***\AppData\Roaming\Asus WebStorage
2013-12-11 21:41 - 2013-12-11 21:41 - 00001236 _____ C:\Users\Public\Desktop\ASUS WebStorage.lnk
2013-12-11 21:41 - 2013-12-11 21:41 - 00000000 ____D C:\ProgramData\ASUS WebStorage
2013-12-11 21:41 - 2013-11-26 19:07 - 00000000 ____D C:\Windows\Minidump
2013-12-11 21:25 - 2013-11-04 21:29 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 21:22 - 2013-11-03 22:52 - 00000000 ____D C:\Windows\system32\MRT
2013-12-11 21:20 - 2013-11-03 22:52 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-10 21:12 - 2013-11-04 12:21 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-10 21:12 - 2013-11-04 12:21 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 21:12 - 2013-11-04 12:21 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-10 15:49 - 2013-12-10 15:49 - 00000000 ____D C:\Users\***\AppData\Roaming\openvr
2013-12-10 14:36 - 2013-12-10 14:36 - 00000000 ____D C:\Users\***\AppData\Local\SKIDROW
2013-12-10 14:24 - 2013-11-03 21:10 - 00000000 ____D C:\Users\***\AppData\Local\VirtualStore
2013-12-10 14:19 - 2013-12-10 14:14 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-12-10 14:19 - 2013-11-03 21:15 - 00041231 _____ C:\Windows\DirectX.log
2013-12-10 14:09 - 2013-12-10 14:09 - 00002175 _____ C:\Users\Public\Desktop\Call of Duty Black Ops II.lnk
2013-12-10 14:09 - 2013-12-10 14:09 - 00002175 _____ C:\Users\Public\Desktop\Call of Duty Black Ops II Zombie Mode.lnk
2013-12-10 14:09 - 2013-12-10 14:09 - 00002175 _____ C:\Users\Public\Desktop\Call of Duty Black Ops II Multiplayer.lnk
2013-12-10 13:57 - 2013-12-10 13:57 - 00000000 ____D C:\Program Files (x86)\Activision
2013-12-10 12:32 - 2013-12-10 12:32 - 00001252 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2013-12-10 12:31 - 2013-12-10 12:31 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-12-09 13:30 - 2013-12-09 13:25 - 233311096 _____ (Lenovo Group Limited                                        ) C:\Users\***\Downloads\tvtrnr423_017gr.exe
2013-12-08 22:51 - 2013-12-08 22:51 - 00000000 ____D C:\AMD
2013-12-08 21:14 - 2013-12-08 21:14 - 00000219 _____ C:\Users\***\Desktop\Team Fortress 2.url
2013-12-08 19:54 - 2013-12-08 19:54 - 00000965 _____ C:\Users\Public\Desktop\Steam.lnk
2013-12-08 19:04 - 2013-11-04 12:20 - 00000000 ____D C:\Users\***\AppData\Local\Adobe

Some content of TEMP:
====================
C:\Users\***\AppData\Local\Temp\avgnt.exe
C:\Users\***\AppData\Local\Temp\nsf9F3F.exe
C:\Users\***\AppData\Local\Temp\nsg747A.exe
C:\Users\***\AppData\Local\Temp\nskC21B.exe
C:\Users\***\AppData\Local\Temp\ose00000.exe
C:\Users\***\AppData\Local\Temp\setup__3862.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-30 12:40

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2014
Ran by *** at 2014-01-07 19:30:16
Running from C:\Users\***\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 Plugin (x32 Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (x32 Version: 9.5.5 - Adobe Systems Incorporated)
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ASUS AI Recovery (x32 Version: 1.0.10 - ASUS)
ASUS Data Security Manager (x32 Version: 1.00.0014 - ASUS)
ASUS LifeFrame3 (x32 Version: 3.0.20 - ASUS)
ASUS Live Update (x32 Version: 2.5.9 - ASUS)
ASUS Power4Gear Hybrid (Version: 1.1.40 - ASUS)
ASUS SmartLogon (x32 Version: 1.0.0008 - ASUS)
ASUS Splendid Video Enhancement Technology (x32 Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (x32 Version: 1.0.20 - asus)
ASUS WebStorage (x32 Version: 3.0.143.296 - ASUS Cloud Corporation)
ATI AVIVO64 Codecs (Version: 11.6.0.50811 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (Version: 3.0.790.0 - ATI Technologies, Inc.)
ATK Package (x32 Version: 1.0.0006 - ASUS)
Avira Antivirus Premium (x32 Version: 14.0.2.286 - Avira)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Call of Duty Black Ops II (x32 Version:  - )
Canon MP Navigator EX 2.1 (x32 Version:  - )
Canon MP Navigator EX 4.0 (x32 Version:  - )
CanoScan LiDE 110 Scanner Driver (Version:  - )
CanoScan LiDE 700F Scanner Driver (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0811.2122.36462 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0811.2122.36462 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0811.2122.36462 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0811.2122.36462 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
CCC Help English (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
CCC Help French (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
CCC Help German (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0811.2121.36462 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0811.2122.36462 - ATI) Hidden
ccc-utility64 (Version: 2010.0811.2122.36462 - ATI) Hidden
CDBurnerXP (x32 Version: 4.5.2.4478 - CDBurnerXP)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Conexant HD Audio (Version: 4.127.0.61 - Conexant)
ControlDeck (x32 Version: 1.0.8 - ASUS)
Counter-Strike (x32 Version:  - Valve)
Counter-Strike: Source (x32 Version:  - Valve)
CPUID CPU-Z 1.67.1 (Version:  - )
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version:  - Microsoft)
DivX-Setup (x32 Version: 2.6.1.87 - DivX, LLC)
EaseUS Partition Master 9.3.0 (x32 Version:  - EaseUS)
FreePDF (Remove only) (x32 Version:  - )
GPL Ghostscript (Version: 9.10 - Artifex Software Inc.)
ImgBurn (x32 Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (Version: 1.0.115.11 - Intel)
iTunes (Version: 11.1.3.8 - Apple Inc.)
JMicron Ethernet Adapter NDIS Driver (x32 Version: 6.0.17.1 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (x32 Version: 1.0.33.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
K_Series_ScreenSaver_EN (x32 Version:  - )
Left 4 Dead 2 (x32 Version:  - Valve)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (x32 Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (x32 Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 de) (x32 Version: 24.2.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0 - Microsoft Corporation)
Paint.NET v3.5.11 (Version: 3.61.0 - dotPDN LLC)
RealDownloader (x32 Version: 1.2.0 - RealNetworks, Inc.)
RedMon - Redirection Port Monitor (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.10 (x32 Version: 6.10.104 - Skype Technologies S.A.)
Steam (x32 Version:  - Valve Corporation)
syncables desktop SE (x32 Version: 5.5.615.9518 - syncables)
Team Fortress 2 (x32 Version:  - Valve)
TeamViewer 9 (x32 Version: 9.0.24951 - TeamViewer)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version:  - Microsoft)
USB2.0 UVC VGA WebCam (Version: 5.8.54000.207 - Sonix)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (x32 Version: 5.4.7.0 - Elaborate Bytes)
VLC media player 2.1.0 (Version: 2.1.0 - VideoLAN)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8052.1208 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8051.1204 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
WinFlash (x32 Version: 2.30.3 - ASUS)
WinRAR 5.00 (64-Bit) (Version: 5.00.0 - win.rar GmbH)
Wireless Console 3 (x32 Version: 3.0.17 - ASUS)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {07C511D2-CB70-417F-A8B8-69B8EA1524AD} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {27D109C1-8612-4C75-9623-21B174FF1CAF} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [2010-06-09] (asus)
Task: {3AB3C3A4-4D3B-440D-BE4F-CFD6869754B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {5DA66760-AEB3-4A9A-A9F8-4B0D9C9E3AD0} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-08-12] (ASUS)
Task: {6A17A3AB-E2FD-4A8F-9DEA-BE06C73D91F0} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)
Task: {8A99C472-B4F6-46C1-9873-83E3BABB48E6} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {A0F3B5DF-1E3D-4D31-954B-63A7782A7EE4} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1658190363-760034021-3416605230-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2012-08-09] (RealNetworks, Inc.)
Task: {A4456F2B-8C63-487E-A63E-63845DE45FEB} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {E1E0AD0C-35F8-4571-B1E7-D5DE7F3B5587} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1658190363-760034021-3416605230-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2012-08-09] (RealNetworks, Inc.)
Task: {F9E2A854-7967-407B-91AC-9F7AF2ECA3C1} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1658190363-760034021-3416605230-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2012-08-09] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2007-06-15 19:28 - 2007-06-15 19:28 - 00104960 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll
2007-06-02 01:52 - 2007-06-02 01:52 - 00159744 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
2008-10-01 08:02 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2010-08-27 00:52 - 2010-08-27 00:52 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-08-12 06:20 - 2010-08-12 06:20 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-11-03 21:57 - 2013-11-03 21:51 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-08-29 01:25 - 2013-08-29 01:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2010-02-23 15:14 - 2010-02-23 15:14 - 00041472 _____ () C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll
2010-02-23 15:14 - 2010-02-23 15:14 - 00071680 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
2010-02-23 15:11 - 2010-02-23 15:11 - 00076288 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
2010-02-23 15:12 - 2010-02-23 15:12 - 00186880 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
2010-02-23 15:14 - 2010-02-23 15:14 - 00050688 _____ () C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2007-06-15 19:28 - 2007-06-15 19:28 - 00147456 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
2007-06-02 02:08 - 2007-06-02 02:08 - 00143360 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
2014-01-07 19:26 - 2013-12-05 20:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/07/2014 07:27:09 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/07/2014 07:26:55 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/07/2014 07:26:53 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/07/2014 07:26:47 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/07/2014 07:21:14 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/07/2014 07:20:31 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = iTunes wird installiert; Fehler = 0x80070422).

Error: (01/07/2014 07:20:15 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/07/2014 07:20:15 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Installed iTunes; Fehler = 0x80070422).

Error: (01/07/2014 07:19:50 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/07/2014 03:10:43 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).


System errors:
=============
Error: (01/07/2014 06:45:03 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "" wurden verworfen, weil die Bereitsstellungaufhebung von Volume "", das einen Schattenkopiespeicher für diese Schattenkopie enthält, erzwungen wurde.

Error: (01/07/2014 02:00:51 PM) (Source: volmgr) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (01/07/2014 02:00:22 PM) (Source: volmgr) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (01/07/2014 06:08:30 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (01/06/2014 05:13:37 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (01/06/2014 05:13:37 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (01/06/2014 05:09:17 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (01/06/2014 03:59:46 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (01/06/2014 03:59:46 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (01/06/2014 03:58:47 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.


Microsoft Office Sessions:
=========================
Error: (01/07/2014 07:27:09 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{A88E1685-1986-4A86-8E88-5FE1E727D026}\recordingmanager.exe

Error: (01/07/2014 07:26:55 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{A88E1685-1986-4A86-8E88-5FE1E727D026}\recordingmanager.exe

Error: (01/07/2014 07:26:53 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{A88E1685-1986-4A86-8E88-5FE1E727D026}\recordingmanager.exe

Error: (01/07/2014 07:26:47 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{A88E1685-1986-4A86-8E88-5FE1E727D026}\recordingmanager.exe

Error: (01/07/2014 07:21:14 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{A88E1685-1986-4A86-8E88-5FE1E727D026}\recordingmanager.exe

Error: (01/07/2014 07:20:31 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /ViTunes wird installiert0x80070422

Error: (01/07/2014 07:20:15 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{A88E1685-1986-4A86-8E88-5FE1E727D026}\recordingmanager.exe

Error: (01/07/2014 07:20:15 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VInstalled iTunes0x80070422

Error: (01/07/2014 07:19:50 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{A88E1685-1986-4A86-8E88-5FE1E727D026}\recordingmanager.exe

Error: (01/07/2014 03:10:43 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationGeplanter Prüfpunkt0x80070422


==================== Memory info =========================== 

Percentage of memory in use: 54%
Total physical RAM: 4020.51 MB
Available physical RAM: 1848.84 MB
Total Pagefile: 8039.2 MB
Available Pagefile: 5089.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:250 GB) (Free:163.39 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:661.98 GB) (Free:412.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 54BAADC2)
Partition 1: (Not Active) - (Size=20 GB) - (Type=1C)
Partition 2: (Active) - (Size=250 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=662 GB) - (Type=OF Extended)

==================== End Of Log ============================
         
Anmerkung...

weil ich gerade einen Festplattenumzug durchgeführt habe befindet das ganze auf ein 1TB Festplatte. Als Umzugshelfer wurde Clonezilla benützt.
__________________

Alt 07.01.2014, 19:03   #4
aharonov
/// TB-Ausbilder
 
Conduit.com entfernt. Noch was übrig geblieben in meinem System? - Standard

Conduit.com entfernt. Noch was übrig geblieben in meinem System?



Hi,

das sieht soweit gut aus. Läuft der Rechner denn normal oder irgendwie auffällig?
Noch eine Kontrolle:



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
cheers,
Leo

Alt 07.01.2014, 21:46   #5
Sipahi_72
 
Conduit.com entfernt. Noch was übrig geblieben in meinem System? - Standard

Conduit.com entfernt. Noch was übrig geblieben in meinem System?



Zitat:
Zitat von aharonov Beitrag anzeigen
Hi,

das sieht soweit gut aus. Läuft der Rechner denn normal oder irgendwie auffällig?
Er läuft normal. Wie bereits genannt wollte ich nur "gegenprüfen" lassen, ob noch etwas hängengeblieben ist.

Zitat:
Zitat von aharonov Beitrag anzeigen
Noch eine Kontrolle:



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset
Ist es nicht riskant während online scan Antivirusprogramm zu deaktivieren?


Alt 07.01.2014, 22:04   #6
aharonov
/// TB-Ausbilder
 
Conduit.com entfernt. Noch was übrig geblieben in meinem System? - Standard

Conduit.com entfernt. Noch was übrig geblieben in meinem System?



Nein, surfe einfach in dieser Zeit nicht, sondern lass ihn in Ruhe scannen.
__________________
--> Conduit.com entfernt. Noch was übrig geblieben in meinem System?

Alt 08.01.2014, 00:08   #7
Sipahi_72
 
Conduit.com entfernt. Noch was übrig geblieben in meinem System? - Standard

Conduit.com entfernt. Noch was übrig geblieben in meinem System?



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=0831ffe9fb7c924eb64418101991aabe
# engine=16553
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-07 11:56:58
# local_time=2014-01-08 12:56:58 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 66 85 4734553 140768868 0 0
# scanned=214946
# found=1
# cleaned=0
# scan_time=6289
sh=BA0DA5EDA33BBD08D551B2B4E2FE74920A977AF2 ft=0 fh=0000000000000000 vn="Win32/HackTool.CrackSearch.A application" ac=I fn="D:\***\G\***\WINDATA\downloads\searcher.rar.VIRUS"
         

Alt 08.01.2014, 00:53   #8
aharonov
/// TB-Ausbilder
 
Conduit.com entfernt. Noch was übrig geblieben in meinem System? - Standard

Conduit.com entfernt. Noch was übrig geblieben in meinem System?



Ok, passt.


Schritt 1

Die Version deines Adobe PDF Readers ist veraltet, wir müssen ihn updaten:
  • Deinstalliere bitte deine aktuelle Version von Adobe Reader über
    Start --> Systemsteuerung --> Software (bei Windows XP)
    Start --> Systemsteuerung --> Programme und Funktionen (bei Vista / Windows 7)
  • Besuche diese Seite von Adobe.
  • Entferne gegebenenfalls den Haken bei McAfee Security Scan bzw. Google Chrome.
  • Drücke auf Jetzt herunterladen und installiere die neuste Version.



Cleanup

Zum Schluss werden wir jetzt noch unsere Tools (inklusive der Quarantäne-Ordner) wegräumen, die verseuchten Systemwiederherstellungspunkte löschen und alle Einstellungen wieder herrichten. Auch diese Schritte sind noch wichtig und sollten in der angegebenen Reihenfolge ausgeführt werden.
  1. Den ESET Online Scanner kannst du behalten, um ab und zu (monatlich) für eine Zweitmeinung dein System damit zu scannen. Falls du ESET deinstallieren möchtest, dann kannst du das ebenfalls über die Systemsteuerung tun.
  2. Downloade dir bitte auf jeden Fall DelFix auf deinen Desktop.
    • Schliesse alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • DelFix entfernt u.a. alle von uns verwendeten Programme und löscht sich anschliessend selbst.
  3. Wenn jetzt noch etwas übriggeblieben ist, dann kannst du es einfach manuell löschen.




>> OK <<
Wir sind durch, deine Logs sehen für mich im Moment sauber aus.

Ich habe dir nachfolgend ein paar Hinweise und Tipps zusammengestellt, die dazu beitragen sollen, dass du in Zukunft unsere Hilfe nicht mehr brauchen wirst.

Bitte gib mir danach noch eine kurze Rückmeldung, wenn auch von deiner Seite keine Probleme oder Fragen mehr offen sind, damit ich dieses Thema als erledigt betrachten kann.




Epilog: Tipps, Dos & Don'ts

Aktualität von System und Software

Das Betriebsystem Windows muss zwingend immer auf dem neusten Stand sein. Stelle sicher, dass die automatischen Updates aktiviert sind:
  • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
  • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren

Auch die installierte Software sollte immer in der aktuellsten Version vorliegen.
Speziell gilt das für den Browser, Java, Flash-Player und PDF-Reader, denn bekannte Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim blossen Besuch einer präparierten Website per Drive-by Download Malware zu installieren. Das kann sogar auf normalerweise legitimen Websites geschehen, wenn es einem Angreifer gelungen ist, seinen Code in die Seite einzuschleusen, und ist deshalb relativ unberechenbar.
  • Mit diesem kleinen Plugin-Check kannst du regelmässig diese Komponenten auf deren Aktualität überprüfen.
  • Achte auch darauf, dass alte, nicht mehr verwendete Versionen deinstalliert sind.
  • Optional: Das Programm Secunia Personal Software Inspector kann dich dabei unterstützen, stets die aktuellen Versionen sämtlicher installierter Software zu nutzen.

Sicherheits-Software

Eine Bemerkung vorneweg: Jede Softwarelösung hat ihre Schwächen. Die gesamte Verantwortung für die Sicherheit auf Software zu übertragen und einen Rundum-Schutz zu erwarten, wäre eine gefährliche Illusion. Bei unbedachtem oder bewusst risikoreichem Verhalten wird auch das beste Programm früher oder später seinen Dienst versagen (z.B. ein Virenscanner, der eine verseuchte Datei nicht erkennt).
Trotzdem ist entsprechende Software natürlich wichtig und hilft dir in Kombination mit einem gut gewarteten (up-to-date) System und durchdachtem Verhalten, deinen Rechner sauber zu halten.
  • Nutze einen Virenscanner mit Hintergrundwächter mit stets aktueller Datenbank. Welches Produkt gewählt wird, spielt keine so entscheidende Rolle. Wenn du ein kommerzielles Programm kaufen möchtest, kann ich dir Emsisoft Anti-Malware empfehlen (die Freeware-Version davon reicht aber nicht, denn die hat keinen Hintergrundwächter). Bevorzugst du ein kostenloses Produkt, dann ist Avast! Free Antivirus eine gute Alternative.
    Betreibe aber keinesfalls zwei Wächter parallel, die würden sich gegenseitig behindern.
  • Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.
  • Zusätzlich zum Virenscanner kannst du dein System regelmässig mit einem On-Demand Antimalwareprogramm scannen. Empfehlenswert ist die Free-Version von Malwarebytes Anti-Malware. Vor jedem Scan die Datenbank updaten.
  • Optional: Das Programm Sandboxie führt Anwendungen in einer isolierten Umgebung ("Sandkasten") aus, so dass keine Änderungen am System vorgenommen werden können. Wenn du deinen Browser darin startest, vermindert sich die Chance, dass beim Surfen eingefangene Malware sich dauerhaft im System festsetzen kann.
  • Optional: Das Addon WOT (web of trust) warnt dich vor einer als schädlich gemeldeten Website, bevor sie geladen wird. Für verschiedene Browser erhältlich.

Es liegt in der Natur der Sache, dass die am weitesten verbreitete Anwendungs-Software auch am häufigsten von Malware-Autoren attackiert wird. Es kann daher bereits einen kleinen Sicherheitsgewinn darstellen, wenn man alternative Software (z.B. einen alternativen PDF Reader) benutzt.
Anstelle des Internet Explorers kann man beispielsweise den Mozilla Firefox einsetzen, für welchen es zwei nützliche Addons zur Empfehlung gibt:
  • NoScript verhindert standardmässig das Ausführen von aktiven Inhalten (Java, JavaScript, Flash, ..) für sämtliche Websites. Du kannst selber nach dem Prinzip einer Whitelist festlegen, welchen Seiten du vertrauen und Scripts erlauben willst, auch temporär.
  • Adblock Plus blockt die meisten Werbebanner weg. Solche Banner können nebst ihrer störenden Erscheinung auch als Infektionsherde fungieren.

(Un-)Sicheres Verhalten im Internet

Nebst unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert.

Der Besuch zwielichtiger Websites kann bereits Risiken bergen. Und Downloads aus dubiosen Quellen sind immer russisches Roulette. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
  • Illegale Cracks, Keygens und Serials sind ein ausgesprochen einfacher (und ein beliebter) Weg, um Malware zu verbreiten.
  • Bei Dateien aus Peer-to-Peer- und Filesharingprogrammen oder von Filehostern kannst du dir nie sicher sein, ob auch wirklich drin ist, was drauf steht.

Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden dazu zu bringen, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
  • Surfe mit Vorsicht und lass dich nicht von irgendwie interessant erscheinenden Elementen zu einem vorschnellen Klick verleiten. Lass dich nicht von Popups täuschen, die aussehen wie System- oder Virenmeldungen.
  • Sei skeptisch bei unerwarteten E-Mails, insbesondere wenn sie Anhänge enthalten. Auch wenn sie auf den ersten Blick authentisch wirken, persönliche Daten von dir enthalten oder vermeintlich von einem bekannten Absender stammen: Lieber nochmals in Ruhe überdenken oder nachfragen, anstatt einfach mal Links oder ausführbare Anhänge öffnen oder irgendwo deine Daten eingeben.
  • Auch in sozialen Netzwerken oder über Instant Messaging Systeme können schädliche Links oder Dateien die Runde machen. Erhältst du von einem deiner Freunde eine Nachricht, die merkwürdig ist oder so sensationell interessant oder skandalös tönt, dass man einfach draufklicken muss, dann hat bei ihm/ihr wahrscheinlich Neugier über Verstand gesiegt und du solltest nicht denselben Fehler machen.
  • Lass die Dateiendungen anzeigen, so dass du dich nicht täuschen lässt, wenn eine ausführbare Datei über ein doppelte Dateiendung kaschiert wird, z.B. Nacktfoto.jpg.exe.

Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
  • Lade Software in erster Priorität immer direkt vom Hersteller herunter. Viele Softwareportale (z.B. Softonic) packen noch unnützes Zeug mit in die Installation. Alternativ dazu wähle ein sauberes Portal wie Filepony oder heise.
  • Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen fürs Programm irrelevanten Ergänzungen.

Allgemeine Hinweise

Abschliessend noch ein paar grundsätzliche Bemerkungen:
  • Dein Benutzerkonto für den alltäglichen Gebrauch sollte nicht über Administratorenrechte verfügen. Nutze ein Konto mit eingeschränkten Rechten (Windows XP) bzw. aktiviere die Benutzerkontensteuerung (UAC) auf der höchsten Stufe (Windows Vista / 7).
  • Erstelle regelmässig Backups deiner Daten und Dokumente auf externen Datenträgern, bei wichtigen Dateien mindestens zweifach. Nicht nur ein Malwarebefall kann schmerzhaften Datenverlust nach sich ziehen sondern auch ein gewöhnlicher Festplattendefekt.
  • Die Autorun/Autoplay-Funktion stellt ein Risiko dar, denn sie ermöglicht es, dass beispielsweise beim Einstecken eines entsprechend infizierten USB-Sticks der Befall auf den Rechner überspringt. Überlege dir, ob du diese Funktion nicht besser deaktivieren möchtest.
  • Wähle deine Passwörter gemäss den gängigen Regeln, um besser gegen Brute-Force- und Wörterbuchattacken gewappnet zu sein. Benutze jedes deiner Passwörter nur einmal und ändere sie regelmässig.
  • Der Nutzen von Registry-Cleanern zur Performancesteigerung ist umstritten. Auf jeden Fall lässt sich damit grosser Schaden anrichten, wenn man nicht weiss, was man tut. Wir empfehlen deshalb, die Finger von der Registry zu lassen. Um von Zeit zu Zeit die temporären Dateien zu löschen, genügt TFC.

Wenn du möchtest, kannst du das Forum mit einer kleinen Spende unterstützen.
Es bleibt mir nur noch, dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.
__________________
cheers,
Leo

Alt 08.01.2014, 04:31   #9
Sipahi_72
 
Conduit.com entfernt. Noch was übrig geblieben in meinem System? - Standard

Conduit.com entfernt. Noch was übrig geblieben in meinem System?



Vielen Dank für alles,

Ich habe alle Schritte wie Empfehlungen wie beschrieben befolgt.
Bis auf eine Kleinigkeit scheint alles ok zu sein. Seitdem ich für online scan es ausgeschaltet hatte lässt sich mein AVIRA E-Mailschutz nicht mehr aktivieren (siehe Anhang)...Woran könnte es liegen?

Gruss
Miniaturansicht angehängter Grafiken
-avirafenster.jpg  

Alt 08.01.2014, 12:38   #10
aharonov
/// TB-Ausbilder
 
Conduit.com entfernt. Noch was übrig geblieben in meinem System? - Standard

Conduit.com entfernt. Noch was übrig geblieben in meinem System?



Lässt sich dieser auch nach einem Neustart nicht mehr aktivieren?
__________________
cheers,
Leo

Alt 08.01.2014, 18:55   #11
Sipahi_72
 
Conduit.com entfernt. Noch was übrig geblieben in meinem System? - Standard

Conduit.com entfernt. Noch was übrig geblieben in meinem System?



Leider nicht

Ich habe folgendes gefunden welches noch nicht ausprobiert habe. Soll ich?


https://forum.avira.com/wbb/index.php?page=Thread&threadID=157272

Alt 09.01.2014, 13:27   #12
aharonov
/// TB-Ausbilder
 
Conduit.com entfernt. Noch was übrig geblieben in meinem System? - Standard

Conduit.com entfernt. Noch was übrig geblieben in meinem System?



Deinstalliere Avira und installiere es neu.
__________________
cheers,
Leo

Alt 15.01.2014, 17:25   #13
Sipahi_72
 
Conduit.com entfernt. Noch was übrig geblieben in meinem System? - Standard

Conduit.com entfernt. Noch was übrig geblieben in meinem System?



Sorry für späte Rückmeldung. Ich war die letzten Tage offline. Ich habe das Problem gelöst. Vielen Dank für die Hilfe. Dieses Issue kann als erledigt betrachtet werden.

Gruss

Alt 15.01.2014, 18:36   #14
aharonov
/// TB-Ausbilder
 
Conduit.com entfernt. Noch was übrig geblieben in meinem System? - Standard

Conduit.com entfernt. Noch was übrig geblieben in meinem System?



Danke für die Rückmeldung.


Freut mich, dass wir helfen konnten.

Falls du dem Forum noch Verbesserungsvorschläge, Kritik oder ein Lob mitgeben möchtest, kannst du das hier tun.

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten.
Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________
cheers,
Leo

Antwort

Themen zu Conduit.com entfernt. Noch was übrig geblieben in meinem System?
.com, canon, datei, explorer, folge, foren, forum, freeware, geändert, guten, infiziert, install.exe, internet, internet explorer, microsoft, neu, not, ntdll.dll, plagegeister, plug-in, rechner, richtlinie, scan, sierra, software, suchmaschine, system, tan, thema, tool, trotz



Ähnliche Themen: Conduit.com entfernt. Noch was übrig geblieben in meinem System?


  1. Als Trojaner identifizierte Datei aus Quarantäne gelöscht. Ist noch etwas auf meinem System?
    Log-Analyse und Auswertung - 17.03.2015 (3)
  2. Conduit Search & Protect - trotz Deinstallieren immer noch im PC!
    Log-Analyse und Auswertung - 12.12.2013 (5)
  3. System Care Antivirus manuell gelöscht. Vermutlich noch Backdoor oder andere Reste übrig.
    Log-Analyse und Auswertung - 13.08.2013 (6)
  4. Ich bin mir unsicher, ob der Qvo6-Virus noch in meinem System ist.
    Plagegeister aller Art und deren Bekämpfung - 25.07.2013 (17)
  5. hab ich noch was vom qv06 übrig?
    Log-Analyse und Auswertung - 28.06.2013 (31)
  6. System Care Antivirus im abgesicherten Modus entfernt- Backdoor noch da?
    Log-Analyse und Auswertung - 22.05.2013 (19)
  7. Nach GVU Trojaner (bereits entfernt durch euch), möglicherweise noch Rootkit auf meinem Rechner?
    Log-Analyse und Auswertung - 10.01.2013 (11)
  8. System Check Malware entfernt, aber immer noch Probleme
    Log-Analyse und Auswertung - 13.02.2012 (37)
  9. Combofix Log -> Reste übrig geblieben?
    Log-Analyse und Auswertung - 07.10.2011 (1)
  10. Backdoor oder Trojaner noch immer auf meinem System?
    Plagegeister aller Art und deren Bekämpfung - 06.09.2010 (5)
  11. Antimalware Doctor entfernt, trotzdem verdächtige Datei übrig (azlkl.sys)
    Plagegeister aller Art und deren Bekämpfung - 26.08.2010 (27)
  12. Antivir Solution Pro entfernt - was muss noch entfernt werden?
    Plagegeister aller Art und deren Bekämpfung - 29.07.2010 (22)
  13. FakeXPA gelöscht - ist noch etwas übrig geblieben?
    Log-Analyse und Auswertung - 10.05.2010 (4)
  14. Hab ich noch Viren auf meinem System?
    Log-Analyse und Auswertung - 07.02.2009 (1)
  15. Sind noch Schädlinge auf meinem System?
    Log-Analyse und Auswertung - 29.10.2008 (51)
  16. Noch Bedrohungen übrig nach Rogue-Spyware-Beseitigung?
    Log-Analyse und Auswertung - 25.02.2008 (1)
  17. Neulich Trojaner gelöscht-Ist noch was übrig?
    Log-Analyse und Auswertung - 23.07.2006 (26)

Zum Thema Conduit.com entfernt. Noch was übrig geblieben in meinem System? - Guten Tag Forum, durch eine Sekunde der Unachtsamkeit hatte ich den "Browser-Hijacker" Conduit.com mit einem Freeware Partitionierungsprogramm mit installiert. Nach Recherche im Internet konnte ich mit Mühe und not es - Conduit.com entfernt. Noch was übrig geblieben in meinem System?...
Archiv
Du betrachtest: Conduit.com entfernt. Noch was übrig geblieben in meinem System? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.