OTL logfile created on: 03.11.2013 20:21:35 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,30 Gb Available Physical Memory | 57,62% Memory free 8,00 Gb Paging File | 5,64 Gb Available in Paging File | 70,48% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 194,24 Gb Total Space | 123,41 Gb Free Space | 63,54% Space Free | Partition Type: NTFS Drive D: | 271,33 Gb Total Space | 192,18 Gb Free Space | 70,83% Space Free | Partition Type: NTFS Computer Name: SCHEJA | User Name: Fifa | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013.11.03 20:20:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Downloads\otl.exe PRC - [2013.10.09 01:02:45 | 000,844,752 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2013.09.30 10:01:31 | 000,440,392 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2013.09.30 10:01:13 | 000,681,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.09.30 10:01:13 | 000,440,392 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2013.08.30 19:33:36 | 000,389,120 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe PRC - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.12.13 21:16:19 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2011.09.23 18:37:42 | 000,641,832 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe PRC - [2008.08.29 15:20:56 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013.10.09 01:02:43 | 000,415,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll MOD - [2013.10.09 01:02:42 | 013,584,336 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll MOD - [2013.10.09 01:02:41 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll MOD - [2013.10.09 01:01:50 | 000,698,832 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll MOD - [2013.10.09 01:01:49 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll MOD - [2013.10.09 01:01:47 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll MOD - [2011.03.16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2013.10.29 17:40:18 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:[b]64bit:[/b] - [2011.12.11 23:00:00 | 000,135,824 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\SysNative\escsvc64.exe -- (EpsonScanSvc) SRV:[b]64bit:[/b] - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013.10.26 02:53:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.10.09 13:38:54 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.09.30 10:01:31 | 000,440,392 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.09.30 10:01:13 | 000,440,392 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.04.18 10:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.12.13 21:16:19 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2012.02.22 21:37:38 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService) SRV - [2011.09.23 18:37:42 | 000,641,832 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2011.06.12 10:43:28 | 051,740,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Software\Microsoft Office 2010\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2011.03.16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2010.01.09 21:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64) SRV - [2009.08.18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.08.29 15:20:56 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2013.10.08 14:58:42 | 012,534,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2013.10.08 14:58:42 | 012,534,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2013.10.08 13:27:46 | 000,619,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2013.09.30 10:01:13 | 000,132,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:[b]64bit:[/b] - [2013.09.30 10:01:13 | 000,105,856 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:[b]64bit:[/b] - [2013.09.30 10:01:13 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:[b]64bit:[/b] - [2013.09.24 15:53:50 | 000,094,208 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:[b]64bit:[/b] - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2013.01.23 09:31:52 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64) DRV:[b]64bit:[/b] - [2013.01.23 09:31:52 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:[b]64bit:[/b] - [2013.01.23 09:31:52 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:[b]64bit:[/b] - [2013.01.23 09:31:52 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64) DRV:[b]64bit:[/b] - [2013.01.23 09:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:[b]64bit:[/b] - [2013.01.23 09:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:[b]64bit:[/b] - [2012.10.17 13:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:[b]64bit:[/b] - [2012.03.09 19:41:16 | 000,685,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011.07.13 13:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol) DRV:[b]64bit:[/b] - [2011.07.13 13:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp) DRV:[b]64bit:[/b] - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010.11.20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2010.11.20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:[b]64bit:[/b] - [2010.07.04 23:51:54 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2010.02.18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:[b]64bit:[/b] - [2010.01.27 03:09:02 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf) DRV:[b]64bit:[/b] - [2009.09.30 15:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009.06.02 09:55:20 | 001,207,808 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV:[b]64bit:[/b] - [2009.05.14 02:26:24 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV:[b]64bit:[/b] - [2009.05.05 05:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) DRV:[b]64bit:[/b] - [2009.04.29 15:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV:[b]64bit:[/b] - [2009.02.24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus) DRV:[b]64bit:[/b] - [2008.06.27 06:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs) DRV - [2013.09.20 00:05:02 | 000,059,648 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2.0) DRV - [2013.09.20 00:05:02 | 000,059,648 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E6 C4 B2 34 12 B2 CD 01 [binary data] IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {01bd49d7-c76b-4310-8beb-14d7e5f322c6} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 195.200.199.98:8080 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Software\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@gametap.com/npdd,version=1.0: C:\Program Files (x86)\Downloader\Metabol\npdd.dll (Metaboli) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Michael André Scheja\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks) FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@TrendMicro.com/FFExtension: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll File not found FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.16: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Users\Fifa\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\e-webprint@epson.com: C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2013.08.17 12:57:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.10.10 20:41:42 | 000,000,000 | ---D | M] [2013.11.03 17:18:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fifa\AppData\Roaming\mozilla\Extensions [2013.09.30 22:23:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2013.11.03 17:17:53 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2011.10.27 14:45:50 | 000,083,456 | ---- | M] (LiveVDO ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://startsear.ch/?aff=2&cf=2b009f7a-2428-11e1-825a-002618d3f860 CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Fifa\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll CHR - plugin: Trend Micro Titanium (Enabled) = C:\Users\Fifa\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj\5.4.0.1034_0\npToolbarChrome.dll CHR - plugin: LiveVDO plug-in (Enabled) = C:\Users\Fifa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0\chvsharetvplg.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: LiveVDO plug-in (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Downloader Detector (Enabled) = C:\Program Files (x86)\Downloader\Metabol\npdd.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U13 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Program Files (x86)\TVUPlayer\npTVUAx.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll CHR - plugin: Move Media Player 7 (Enabled) = C:\Users\Michael Andr\u00E9 Scheja\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll CHR - plugin: Java Deployment Toolkit 7.0.130.20 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - Extension: WiseConvert = C:\Users\Fifa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgiaikfpllchefojlnehlmpekeogihnm\2.5.0.1_0\ O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Software\Microsoft Office 2010\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:[b]64bit:[/b] - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2:[b]64bit:[/b] - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Software\Microsoft Office 2010\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [BCSSync] D:\Software\Microsoft Office 2010\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:[b]64bit:[/b] - Extra context menu item: An OneNote s&enden - D:\Software\Microsoft Office 2010\Office14\ONBttnIE.dll (Microsoft Corporation) O8:[b]64bit:[/b] - Extra context menu item: Nach Microsoft E&xcel exportieren - D:\Software\Microsoft Office 2010\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: An OneNote s&enden - D:\Software\Microsoft Office 2010\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - D:\Software\Microsoft Office 2010\Office14\EXCEL.EXE (Microsoft Corporation) O9:[b]64bit:[/b] - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Software\Microsoft Office 2010\Office14\ONBttnIE.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Software\Microsoft Office 2010\Office14\ONBttnIE.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Software\Microsoft Office 2010\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Software\Microsoft Office 2010\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F7EBFB4F-3890-4BAF-B379-E2BBDE530E46}: DhcpNameServer = 192.168.2.1 192.168.2.1 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18 - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18:[b]64bit:[/b] - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Software\Microsoft Office 2010\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013.11.03 20:10:36 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.11.03 19:08:23 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0 [2013.11.03 18:46:05 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2013.11.03 18:39:54 | 000,000,000 | ---D | C] -- C:\Users\Fifa\AppData\Roaming\Malwarebytes [2013.11.03 18:39:48 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.11.03 18:39:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.11.03 17:17:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013.11.01 13:34:12 | 000,000,000 | ---D | C] -- C:\Users\Fifa\Documents\My Games [2013.11.01 12:24:52 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2013.11.01 12:24:39 | 000,000,000 | ---D | C] -- C:\Users\Fifa\AppData\Roaming\library_dir [2013.11.01 12:23:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center [2013.10.31 19:47:39 | 000,000,000 | ---D | C] -- C:\Users\Fifa\Documents\Battlefield 4 [2013.10.31 19:46:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins [2013.10.31 19:44:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache [2013.10.25 13:13:01 | 000,000,000 | ---D | C] -- C:\Users\Fifa\Documents\FUSSBALL MANAGER 14 [2013.10.19 17:02:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3 [2013.10.19 17:02:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6.3 [2013.10.19 15:51:15 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013.10.19 15:51:11 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013.10.19 15:51:11 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013.10.19 15:51:11 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013.10.19 15:51:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [2013.10.19 15:40:18 | 000,000,000 | ---D | C] -- C:\Users\Fifa\AppData\Roaming\337 [2013.10.19 15:40:10 | 000,000,000 | ---D | C] -- C:\Users\Fifa\AppData\Roaming\Omiga Plus [2013.10.19 15:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Omiga Plus [2013.10.19 15:40:07 | 000,000,000 | ---D | C] -- C:\Users\Fifa\AppData\Roaming\WinZipper [2013.10.19 15:40:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinZipper [2013.10.19 15:38:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\337 [2013.10.12 20:26:08 | 000,000,000 | ---D | C] -- C:\Users\Fifa\AppData\Local\Nero_AG [2013.10.12 20:25:47 | 000,000,000 | ---D | C] -- C:\Users\Fifa\AppData\Local\Nero [2013.10.12 14:56:10 | 000,000,000 | ---D | C] -- C:\Users\Fifa\AppData\Roaming\AVS4YOU [2013.10.12 14:50:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVS4YOU [2013.10.12 14:43:47 | 000,000,000 | ---D | C] -- C:\Users\Fifa\Application Data [2013.10.12 14:43:07 | 000,000,000 | ---D | C] -- C:\Users\Fifa\AppData\Roaming\Digiarty [2013.10.12 14:41:44 | 000,000,000 | ---D | C] -- C:\Users\Fifa\Downloads [2013.10.11 20:58:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle [2013.10.11 20:58:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.10.11 20:58:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2013.10.10 20:52:13 | 000,000,000 | ---D | C] -- C:\Users\Fifa\AppData\Roaming\Avira [2013.10.10 20:48:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2013.10.10 20:48:22 | 000,132,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013.10.10 20:48:22 | 000,105,856 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013.10.10 20:48:22 | 000,083,160 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013.10.10 20:48:22 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013.10.10 20:48:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2013.10.10 20:48:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2013.10.10 20:42:09 | 000,000,000 | ---D | C] -- C:\Users\Fifa\AppData\Roaming\InstallShield [2013.10.10 20:39:09 | 000,000,000 | ---D | C] -- C:\Users\Fifa\AppData\Roaming\uTorrent [2013.10.10 19:22:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime [2013.10.08 15:01:20 | 000,156,712 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdhcp64.dll [2013.10.08 15:01:18 | 000,141,256 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdhcp32.dll [2013.10.08 15:01:14 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll [2013.10.08 15:01:14 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll [2013.10.08 15:01:12 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll [2013.10.08 15:01:12 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll [2013.10.08 15:01:04 | 000,114,488 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll [2013.10.08 15:00:36 | 006,767,240 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll [2013.10.08 15:00:32 | 007,256,496 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll [2013.10.08 14:58:42 | 012,534,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys [2013.10.08 14:39:06 | 000,098,816 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll [2013.10.08 14:38:58 | 000,083,456 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll [2013.10.08 14:38:52 | 000,086,528 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll [2013.10.08 14:38:48 | 000,073,216 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll [2013.10.08 14:38:30 | 028,192,256 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll [2013.10.08 14:36:22 | 023,761,408 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll [2013.10.08 14:34:34 | 000,063,488 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2013.10.08 14:34:28 | 000,057,344 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2013.10.08 14:17:50 | 025,385,984 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll [2013.10.08 14:13:44 | 000,368,640 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe [2013.10.08 14:13:34 | 000,062,464 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll [2013.10.08 14:13:32 | 000,052,224 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll [2013.10.08 14:13:26 | 000,055,808 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll [2013.10.08 14:13:24 | 000,049,152 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll [2013.10.08 14:13:08 | 015,716,352 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll [2013.10.08 14:09:52 | 014,302,208 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll [2013.10.08 14:00:30 | 021,400,064 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll [2013.10.08 13:54:10 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll [2013.10.08 13:53:58 | 000,026,112 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll [2013.10.08 13:53:50 | 000,576,512 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe [2013.10.08 13:52:58 | 000,239,616 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe [2013.10.08 13:51:30 | 000,190,976 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll [2013.10.08 13:29:04 | 000,096,256 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll [2013.10.08 13:28:56 | 000,090,624 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll [2013.10.08 13:28:42 | 000,089,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll [2013.10.08 13:28:36 | 000,784,384 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll [2013.10.08 13:28:34 | 000,080,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atisamu32.dll [2013.10.08 13:28:26 | 000,594,944 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll [2013.10.08 13:28:12 | 000,075,264 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll [2013.10.08 13:28:08 | 000,069,632 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll [2013.10.08 13:28:08 | 000,069,632 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll [2013.10.08 13:28:04 | 000,100,352 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll [2013.10.08 13:27:56 | 000,096,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll [2013.10.08 13:27:46 | 000,619,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys [2013.10.08 13:24:54 | 000,043,520 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll [5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013.11.03 20:14:42 | 000,020,480 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.11.03 20:14:42 | 000,020,480 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.11.03 20:10:02 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.11.03 20:09:00 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.11.03 20:08:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.11.03 20:08:50 | 3220,574,208 | -HS- | M] () -- C:\hiberfil.sys [2013.11.03 19:38:23 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.11.03 18:39:49 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013.11.03 17:17:56 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.11.03 17:09:49 | 000,001,057 | ---- | M] () -- C:\Users\Fifa\AppData\Roaming\vso_ts_preview.xml [2013.11.03 10:09:51 | 000,017,408 | ---- | M] () -- C:\Users\Fifa\AppData\Local\WebpageIcons.db [2013.11.01 12:20:21 | 001,694,430 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.11.01 12:20:21 | 000,740,926 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.11.01 12:20:21 | 000,684,846 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.11.01 12:20:21 | 000,163,114 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.11.01 12:20:21 | 000,135,040 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.11.01 12:20:14 | 001,694,430 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.10.31 20:13:54 | 000,000,981 | ---- | M] () -- C:\Users\Fifa\Desktop\BF 4.lnk [2013.10.29 18:27:14 | 000,051,200 | ---- | M] () -- C:\Windows\SysNative\kdbsdk64.dll [2013.10.29 18:22:24 | 000,038,912 | ---- | M] () -- C:\Windows\SysWow64\kdbsdk32.dll [2013.10.25 13:11:16 | 000,000,676 | ---- | M] () -- C:\Users\Public\Desktop\FUSSBALL MANAGER 14.lnk [2013.10.19 17:02:05 | 000,001,049 | ---- | M] () -- C:\Users\Fifa\Desktop\Cheat Engine.lnk [2013.10.10 20:48:34 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013.10.10 20:42:11 | 000,000,736 | ---- | M] () -- C:\Windows\SamsungMaster.INI [2013.10.10 20:33:16 | 000,000,418 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2013.10.09 13:38:53 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.10.09 13:38:53 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.10.08 15:01:20 | 000,156,712 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdhcp64.dll [2013.10.08 15:01:18 | 000,141,256 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdhcp32.dll [2013.10.08 15:01:14 | 000,078,432 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll [2013.10.08 15:01:14 | 000,078,432 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll [2013.10.08 15:01:12 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll [2013.10.08 15:01:12 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll [2013.10.08 15:01:06 | 000,142,792 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll [2013.10.08 15:01:06 | 000,125,824 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll [2013.10.08 15:01:04 | 000,114,488 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll [2013.10.08 15:01:04 | 000,097,984 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll [2013.10.08 15:01:02 | 001,237,200 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll [2013.10.08 15:01:00 | 001,030,128 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll [2013.10.08 15:00:56 | 009,464,840 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll [2013.10.08 15:00:52 | 008,215,992 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll [2013.10.08 15:00:46 | 006,176,008 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll [2013.10.08 15:00:42 | 006,189,416 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll [2013.10.08 15:00:36 | 006,767,240 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll [2013.10.08 15:00:32 | 007,256,496 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll [2013.10.08 14:58:42 | 012,534,784 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys [2013.10.08 14:39:22 | 000,229,376 | ---- | M] () -- C:\Windows\SysNative\clinfo.exe [2013.10.08 14:39:10 | 001,187,342 | ---- | M] () -- C:\Windows\SysNative\amdocl_as64.exe [2013.10.08 14:39:10 | 001,061,902 | ---- | M] () -- C:\Windows\SysNative\amdocl_ld64.exe [2013.10.08 14:39:08 | 000,995,342 | ---- | M] () -- C:\Windows\SysWow64\amdocl_as32.exe [2013.10.08 14:39:08 | 000,798,734 | ---- | M] () -- C:\Windows\SysWow64\amdocl_ld32.exe [2013.10.08 14:39:06 | 000,098,816 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll [2013.10.08 14:38:58 | 000,083,456 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll [2013.10.08 14:38:52 | 000,086,528 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll [2013.10.08 14:38:48 | 000,073,216 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll [2013.10.08 14:38:30 | 028,192,256 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll [2013.10.08 14:36:22 | 023,761,408 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll [2013.10.08 14:34:34 | 000,063,488 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2013.10.08 14:34:28 | 000,057,344 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2013.10.08 14:17:50 | 025,385,984 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll [2013.10.08 14:14:04 | 000,530,832 | ---- | M] () -- C:\Windows\SysWow64\atiapfxx.blb [2013.10.08 14:14:04 | 000,530,832 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb [2013.10.08 14:13:44 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe [2013.10.08 14:13:34 | 000,062,464 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll [2013.10.08 14:13:32 | 000,052,224 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll [2013.10.08 14:13:26 | 000,055,808 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll [2013.10.08 14:13:24 | 000,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll [2013.10.08 14:13:08 | 015,716,352 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll [2013.10.08 14:09:52 | 014,302,208 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll [2013.10.08 14:00:30 | 021,400,064 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll [2013.10.08 13:56:12 | 003,388,672 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap [2013.10.08 13:54:10 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll [2013.10.08 13:53:58 | 000,026,112 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll [2013.10.08 13:53:50 | 000,576,512 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe [2013.10.08 13:52:58 | 000,239,616 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe [2013.10.08 13:51:30 | 000,190,976 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll [2013.10.08 13:41:28 | 003,422,720 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap [2013.10.08 13:29:04 | 000,096,256 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll [2013.10.08 13:28:56 | 000,090,624 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll [2013.10.08 13:28:42 | 000,089,088 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll [2013.10.08 13:28:36 | 000,784,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll [2013.10.08 13:28:34 | 000,080,896 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atisamu32.dll [2013.10.08 13:28:26 | 000,594,944 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll [2013.10.08 13:28:12 | 000,075,264 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll [2013.10.08 13:28:08 | 000,069,632 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll [2013.10.08 13:28:08 | 000,069,632 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll [2013.10.08 13:28:04 | 000,100,352 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll [2013.10.08 13:27:56 | 000,096,768 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll [2013.10.08 13:27:46 | 000,619,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys [2013.10.08 13:24:54 | 000,043,520 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll [2013.10.08 06:50:37 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013.10.08 06:46:52 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013.10.08 06:46:47 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013.10.08 06:46:23 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013.11.03 18:39:49 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013.11.03 17:17:56 | 000,001,123 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.11.03 17:17:56 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.10.31 20:13:54 | 000,000,981 | ---- | C] () -- C:\Users\Fifa\Desktop\BF 4.lnk [2013.10.29 18:27:14 | 000,051,200 | ---- | C] () -- C:\Windows\SysNative\kdbsdk64.dll [2013.10.29 18:22:24 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2013.10.25 13:11:16 | 000,000,676 | ---- | C] () -- C:\Users\Public\Desktop\FUSSBALL MANAGER 14.lnk [2013.10.19 17:02:05 | 000,001,049 | ---- | C] () -- C:\Users\Fifa\Desktop\Cheat Engine.lnk [2013.10.10 20:48:34 | 000,002,030 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013.10.10 20:42:11 | 000,000,736 | ---- | C] () -- C:\Windows\SamsungMaster.INI [2013.10.08 14:39:22 | 000,229,376 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe [2013.10.08 14:39:10 | 001,187,342 | ---- | C] () -- C:\Windows\SysNative\amdocl_as64.exe [2013.10.08 14:39:10 | 001,061,902 | ---- | C] () -- C:\Windows\SysNative\amdocl_ld64.exe [2013.10.08 14:39:08 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe [2013.10.08 14:39:08 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe [2013.10.08 14:14:04 | 000,530,832 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb [2013.10.08 14:14:04 | 000,530,832 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb [2013.10.08 13:56:12 | 003,388,672 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap [2013.10.08 13:41:28 | 003,422,720 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap [2013.08.14 17:19:08 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI [2013.08.11 11:41:12 | 000,003,996 | ---- | C] () -- C:\Users\Fifa\.recently-used.xbel [2013.06.30 08:29:42 | 000,234,544 | ---- | C] () -- C:\Windows\RegBootClean64.exe [2013.03.02 18:35:41 | 000,011,264 | ---- | C] () -- C:\Windows\SysWow64\lua51.dll [2012.12.13 21:16:21 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.12.13 21:16:19 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.10.14 22:08:02 | 000,001,057 | ---- | C] () -- C:\Users\Fifa\AppData\Roaming\vso_ts_preview.xml [2012.10.11 22:25:45 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.10.11 22:25:45 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.10.11 21:59:23 | 000,017,408 | ---- | C] () -- C:\Users\Fifa\AppData\Local\WebpageIcons.db [2012.02.22 23:21:38 | 000,000,418 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2012.02.22 21:38:01 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe [color=#E56717]========== ZeroAccess Check ==========[/color] [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:C3AE45C9 < End of report >