| |
| |||||||
Log-Analyse und Auswertung: Seth Avazutracking.netWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
31.07.2013, 08:37
| #1 |
| |  Seth Avazutracking.net Hallo liebe Trojaner-Gemeinde, ich habe einen Seth Avazutracker, mit Seitenumleitungen im Browser, öffnen von extra Seiten und allgemeiner Langsamkeit des Browsers. Nachdem ich den Schritten 1-2 durchgeführt habe, stürzt mein Rechner in den Bluescreen beim Ausführen von Schritt 3, also dem starten von Gmer! Die Fehlermeldung ist whea-uncorretcable-problem! Hier mein Log für Schritte 1-2: OTL exe OTL logfile created on: 31/07/2013 09:29:36 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dirk\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16635) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 3.89 Gb Total Physical Memory | 2.34 Gb Available Physical Memory | 60.24% Memory free 7.89 Gb Paging File | 6.23 Gb Available in Paging File | 78.94% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 94.23 Gb Total Space | 17.94 Gb Free Space | 19.04% Space Free | Partition Type: NTFS Computer Name: DIESCHMIEDE | User Name: Dirk | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/07/31 08:34:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dirk\Downloads\OTL.exe PRC - [2013/07/31 08:33:57 | 000,050,477 | ---- | M] () -- C:\Users\Dirk\Downloads\Defogger.exe PRC - [2013/07/31 08:07:05 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2013/07/31 08:06:39 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2013/07/31 08:06:38 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2013/07/28 16:44:18 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe PRC - [2013/07/04 11:56:45 | 000,010,752 | ---- | M] (Microsoft) -- C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe PRC - [2013/07/02 10:26:11 | 000,257,136 | ---- | M] (Microsoft Corporation) -- C:\Users\Dirk\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe PRC - [2013/06/28 09:39:11 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013/06/05 01:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Dirk\AppData\Local\Akamai\netsession_win.exe PRC - [2013/05/25 02:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012/09/11 11:43:14 | 000,020,352 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe PRC - [2012/09/06 06:50:40 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe PRC - [2012/08/27 10:45:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe PRC - [2012/07/30 14:27:58 | 000,193,576 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\irstrtsv.exe PRC - [2012/07/24 20:21:22 | 001,123,536 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe PRC - [2012/07/17 16:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012/07/17 16:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012/06/27 14:47:02 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe PRC - [2012/06/25 12:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe ========== Modules (No Company Name) ========== MOD - [2013/07/31 08:33:57 | 000,050,477 | ---- | M] () -- C:\Users\Dirk\Downloads\Defogger.exe MOD - [2013/07/28 16:44:17 | 016,166,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll MOD - [2013/06/28 09:39:00 | 003,285,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2013/03/13 22:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Dirk\AppData\Roaming\Dropbox\bin\libcef.dll MOD - [2013/01/28 14:08:56 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2013/01/28 14:08:28 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2012/11/14 01:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Dirk\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ========== Services (SafeList) ========== SRV:64bit: - [2013/06/09 23:09:24 | 001,900,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc) SRV:64bit: - [2013/06/01 11:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:64bit: - [2013/05/04 08:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:64bit: - [2013/05/04 08:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:64bit: - [2013/04/09 06:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:64bit: - [2013/03/05 11:43:26 | 000,221,296 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe -- (McSchedulerSvc) SRV:64bit: - [2013/03/05 11:43:26 | 000,221,296 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc) SRV:64bit: - [2013/03/05 11:43:26 | 000,221,296 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe -- (McOobeSv2) SRV:64bit: - [2013/03/05 11:43:26 | 000,221,296 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe -- (McATScheduler) SRV:64bit: - [2013/03/02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:64bit: - [2013/03/02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:64bit: - [2013/01/29 03:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV:64bit: - [2013/01/10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:64bit: - [2013/01/10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:64bit: - [2012/11/06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:64bit: - [2012/09/20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:64bit: - [2012/09/20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:64bit: - [2012/09/13 06:33:50 | 000,731,688 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3) SRV:64bit: - [2012/08/15 19:08:14 | 000,135,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr) SRV:64bit: - [2012/07/30 13:27:00 | 000,030,592 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DptfPolicyConfigTDPService.exe -- (DptfPolicyConfigTDPService) SRV:64bit: - [2012/07/30 13:26:58 | 000,029,056 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DptfParticipantProcessorService.exe -- (DptfParticipantProcessorService) SRV:64bit: - [2012/07/26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:64bit: - [2012/07/26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:64bit: - [2012/07/26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:64bit: - [2012/07/26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:64bit: - [2012/07/26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:64bit: - [2012/07/26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:64bit: - [2012/07/26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:64bit: - [2012/07/26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:64bit: - [2012/07/26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:64bit: - [2012/07/26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:64bit: - [2012/07/26 05:05:12 | 000,331,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv) SRV:64bit: - [2012/07/26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent) SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:64bit: - [2012/07/18 14:14:38 | 002,699,568 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService) SRV:64bit: - [2012/07/18 14:14:16 | 000,272,176 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:64bit: - [2012/07/18 14:14:04 | 000,627,504 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV:64bit: - [2012/07/18 14:13:40 | 000,149,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV:64bit: - [2012/04/20 16:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV:64bit: - [2012/02/13 10:39:32 | 000,205,128 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\MfeFfCoreService.exe -- (MfeFfCoreService) SRV:64bit: - [2010/04/14 14:56:24 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxebcoms.exe -- (lxeb_device) SRV - [2013/07/31 08:07:05 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013/07/31 08:06:39 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013/07/28 16:44:18 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/07/04 11:56:45 | 000,010,752 | ---- | M] (Microsoft) [Auto | Running] -- C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe -- (Time) SRV - [2013/06/28 09:39:10 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/11/06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2012/09/06 06:50:40 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service) SRV - [2012/08/27 10:45:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor) SRV - [2012/07/30 14:27:58 | 000,193,576 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysWOW64\irstrtsv.exe -- (irstrtsv) SRV - [2012/07/26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2012/07/17 16:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012/07/17 16:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012/06/27 14:47:02 | 000,129,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R) SRV - [2012/06/25 12:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2012/01/26 15:19:18 | 000,332,080 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- c:\PROGRA~1\mcafee\msc\mcawfwk.exe -- (McAWFwk) SRV - [2000/01/01 02:00:00 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013/07/31 08:07:17 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2013/07/31 08:07:16 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2013/07/31 08:07:16 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2013/06/24 15:12:06 | 000,115,400 | ---- | M] (ASIX Electronics Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ax88772.sys -- (AX88772) DRV:64bit: - [2013/06/21 03:09:40 | 000,067,880 | ---- | M] (McAfee, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\MfeEEFFV.sys -- (MfeEEFFV) DRV:64bit: - [2013/06/21 03:09:38 | 000,307,888 | ---- | M] (McAfee, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\MfeEEFF.sys -- (MfeEEFF) DRV:64bit: - [2013/06/21 03:09:36 | 000,206,424 | ---- | M] (McAfee, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\ImatDs.sys -- (ImatDs) DRV:64bit: - [2013/06/21 03:09:34 | 000,505,576 | ---- | M] (McAfee, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\ImatDmk.sys -- (ImatDmk) DRV:64bit: - [2013/06/21 03:09:34 | 000,016,360 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\ImatDisk.sys -- (ImatDisk) DRV:64bit: - [2013/06/01 13:54:16 | 000,194,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2013/06/01 13:29:35 | 000,337,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI) DRV:64bit: - [2013/06/01 13:29:35 | 000,213,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000) DRV:64bit: - [2013/06/01 05:08:26 | 000,117,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthA2DP.sys -- (BthA2DP) DRV:64bit: - [2013/05/04 16:25:53 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2013/05/04 09:34:17 | 000,446,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3) DRV:64bit: - [2013/05/04 09:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport) DRV:64bit: - [2013/03/02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci) DRV:64bit: - [2013/03/02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM) DRV:64bit: - [2013/03/02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc) DRV:64bit: - [2013/02/12 02:17:50 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usb8023x.sys -- (usb_rndisx) DRV:64bit: - [2013/02/06 08:42:10 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudmdm.sys -- (ssudmdm) DRV:64bit: - [2013/02/06 08:42:08 | 000,102,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudbus.sys -- (dg_ssudbus) DRV:64bit: - [2013/02/02 09:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:64bit: - [2013/02/02 09:24:42 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthHfAud.sys -- (BthHFAud) DRV:64bit: - [2013/01/29 03:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot) DRV:64bit: - [2013/01/29 01:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter) DRV:64bit: - [2013/01/10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32) DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012/11/27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid) DRV:64bit: - [2012/11/20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c) DRV:64bit: - [2012/11/06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM) DRV:64bit: - [2012/10/12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012/10/11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor) DRV:64bit: - [2012/10/11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam) DRV:64bit: - [2012/09/20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101) DRV:64bit: - [2012/09/20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2012/09/20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2012/09/13 08:26:34 | 004,293,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64) DRV:64bit: - [2012/09/13 06:35:08 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPALP) DRV:64bit: - [2012/09/13 06:35:08 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPAL) DRV:64bit: - [2012/09/11 11:43:44 | 000,056,704 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AsusTP.sys -- (ATP) DRV:64bit: - [2012/08/29 10:36:54 | 000,857,472 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btmhsf.sys -- (btmhsf) DRV:64bit: - [2012/08/27 10:48:12 | 000,121,728 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btmaux.sys -- (btmaux) DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012/08/09 21:29:54 | 000,035,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\intelaud.sys -- (intaud_WaveExtensible) DRV:64bit: - [2012/08/09 21:29:54 | 000,025,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iwdbus.sys -- (iwdbus) DRV:64bit: - [2012/08/09 21:29:52 | 000,188,384 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\xHCIPort.sys -- (XHCIPort) DRV:64bit: - [2012/08/09 21:29:52 | 000,048,096 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usb3Hub.sys -- (usb3Hub) DRV:64bit: - [2012/08/06 13:07:08 | 000,068,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys -- (ibtfltcoex) DRV:64bit: - [2012/08/02 05:22:48 | 000,014,992 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kbfiltr.sys -- (kbfiltr) DRV:64bit: - [2012/07/30 14:27:52 | 000,043,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\irstrtdv.sys -- (irstrtdv) DRV:64bit: - [2012/07/26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/07/26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv) DRV:64bit: - [2012/07/26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:64bit: - [2012/07/26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt) DRV:64bit: - [2012/07/26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor) DRV:64bit: - [2012/07/26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex) DRV:64bit: - [2012/07/26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis) DRV:64bit: - [2012/07/26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2012/07/26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2012/07/26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS) DRV:64bit: - [2012/07/26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2012/07/26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:64bit: - [2012/07/26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass) DRV:64bit: - [2012/07/26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2012/07/26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware) DRV:64bit: - [2012/07/26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2012/07/26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2012/07/26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS) DRV:64bit: - [2012/07/26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS) DRV:64bit: - [2012/07/26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci) DRV:64bit: - [2012/07/26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2012/07/26 04:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:64bit: - [2012/07/26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf) DRV:64bit: - [2012/07/26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay) DRV:64bit: - [2012/07/26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo) DRV:64bit: - [2012/07/26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender) DRV:64bit: - [2012/07/26 04:28:02 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\acpials.sys -- (acpials) DRV:64bit: - [2012/07/26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter) DRV:64bit: - [2012/07/26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic) DRV:64bit: - [2012/07/26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime) DRV:64bit: - [2012/07/26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig) DRV:64bit: - [2012/07/26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:64bit: - [2012/07/26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr) DRV:64bit: - [2012/07/26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd) DRV:64bit: - [2012/07/26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx) DRV:64bit: - [2012/07/26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx) DRV:64bit: - [2012/07/26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012/07/26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum) DRV:64bit: - [2012/07/26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2012/07/26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012/07/26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr) DRV:64bit: - [2012/07/26 04:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum) DRV:64bit: - [2012/07/26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:64bit: - [2012/07/26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp) DRV:64bit: - [2012/07/26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu) DRV:64bit: - [2012/07/24 20:21:22 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AiCharger.sys -- (AiCharger) DRV:64bit: - [2012/07/24 05:16:28 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA) DRV:64bit: - [2012/07/13 10:50:40 | 000,361,792 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\DptfManager.sys -- (DptfManager) DRV:64bit: - [2012/07/13 10:50:40 | 000,064,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\DptfDevGen.sys -- (DptfDevGen) DRV:64bit: - [2012/07/13 10:50:38 | 000,107,328 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\DptfDevDram.sys -- (DptfDevDram) DRV:64bit: - [2012/07/13 10:50:36 | 000,042,816 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\DptfDevFan.sys -- (DptfDevFan) DRV:64bit: - [2012/07/13 10:50:34 | 000,096,064 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\DptfDevPch.sys -- (DptfDevPch) DRV:64bit: - [2012/07/13 10:50:32 | 000,228,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\DptfDevProc.sys -- (DptfDevProc) DRV:64bit: - [2012/07/02 17:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2012/06/02 16:34:37 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\agrsm64.sys -- (AgereSoftModem) DRV:64bit: - [2012/06/02 16:31:56 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168) DRV:64bit: - [2012/06/02 16:31:50 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NETwNs64.sys -- (NETwNs64) DRV:64bit: - [2012/06/02 16:31:38 | 000,333,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\e1i63x64.sys -- (e1iexpress) DRV:64bit: - [2012/06/02 16:31:32 | 002,935,808 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\athrx.sys -- (athr) DRV:64bit: - [2012/05/31 05:47:44 | 000,021,152 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AsHIDSwitch64.sys -- (HIDSwitch) DRV:64bit: - [2000/01/01 02:00:00 | 004,534,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2000/01/01 02:00:00 | 000,442,368 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2000/01/01 02:00:00 | 000,316,560 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsUVStor.sys -- (RSUSBVSTOR) DRV:64bit: - [2000/01/01 02:00:00 | 000,019,600 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\rtcrfilt64.sys -- (rtcrfilt64) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com IE - HKCU\..\SearchScopes,DefaultScope = {6BEA9054-A753-42D6-820C-E98B0EEB4549} IE - HKCU\..\SearchScopes\{6BEA9054-A753-42D6-820C-E98B0EEB4549}: "URL" = hxxp://searchou.com/?q={searchTerms}&id=de4edb83000000000000c4850842806b&r=234 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://www.teamliquid.net/" FF - prefs.js..extensions.enabledAddons: protectme%40protectme.com:1.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/26 19:03:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012/12/19 11:01:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dirk\AppData\Roaming\mozilla\Extensions [2013/07/31 08:18:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dirk\AppData\Roaming\mozilla\Firefox\Profiles\2acnq9pm.default\extensions [2012/12/27 10:55:12 | 000,000,000 | ---D | M] ("Protect Me") -- C:\Users\Dirk\AppData\Roaming\mozilla\Firefox\Profiles\2acnq9pm.default\extensions\protectme@protectme.com [2013/05/26 19:04:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013/06/28 09:39:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google  riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{go ogle:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParam eter} CHR - plugin: Erster Nutzer (Disabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll CHR - plugin: Error reading preferences file CHR - Extension: Docs = C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\ CHR - Extension: Google Drive = C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\ CHR - Extension: YouTube = C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Google Mail = C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013/07/07 19:07:37 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (ASUS Browser Extension x64) - {78234974-0C4B-4111-BDEB-D9A104418772} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (no name) - {0C9F4179-A319-4c6a-A3E5-67FF3592A12E} - No CLSID value found. O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O2 - BHO: (ASUS Browser Extension x86) - {78234974-0C4B-4111-BDEB-D9A104418771} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll (ASUSTeK Computer Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [ASUSQuickGesture(x64)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) O4:64bit: - HKLM..\Run: [ASUSQuickGesture(x86)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTeK Computer Inc.) O4:64bit: - HKLM..\Run: [ASUSTPLoader(x64)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (AsusTek) O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.) O4:64bit: - HKLM..\Run: [DptfPolicyLpmServiceHelper] C:\Windows\SysNative\dptfpolicylpmservicehelper.exe () O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [MfeFfCore] C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\MfeFfCore.exe (McAfee, Inc.) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ATUninstallIcon] C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe (McAfee, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe (McAfee, Inc.) O4 - HKLM..\Run: [MetroTileShortcut] C:\Program Files\McAfeeAntiTheft\2.2.279.5\McATUIHost.exe (McAfee, Inc.) O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Dirk\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKCU..\Run: [Driver Detective] C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe (PC Drivers Headquarters) O4 - HKCU..\Run: [DriverBoost] C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe (PC Drivers Headquarters) O4 - HKCU..\Run: [gSyncit] C:\Program Files\Fieldston Software\gSyncit\gsyncit.exe (Fieldston Software) O4 - HKCU..\Run: [SkyDrive] C:\Users\Dirk\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) O4 - Startup: C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk = File not found O4 - Startup: C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 1 O8:64bit: - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm () O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm () O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab (DLM Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03F89746-7382-4083-AC82-6992D1C70FAC}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{40A76840-FD47-4365-AABA-62679ACEB9DA}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE325ADD-477E-4CE8-A5B6-BB22E8411A14}: DhcpNameServer = 82.144.41.8 82.145.9.8 O18:64bit: - Protocol\Handler\ipp - No CLSID value found O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\ImatSup.dll) - C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\ImatSup.dll () O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{4a2d34d9-5135-11e2-be75-b92e64a0587f}\Shell - "" = AutoRun O33 - MountPoints2\{4a2d34d9-5135-11e2-be75-b92e64a0587f}\Shell\AutoRun\command - "" = "D:\KoDP.exe" autorun O33 - MountPoints2\{ac1082d3-c4c0-11e2-be8f-972169402560}\Shell - "" = AutoRun O33 - MountPoints2\{ac1082d3-c4c0-11e2-be8f-972169402560}\Shell\AutoRun\command - "" = "E:\LaunchU3.exe" -a O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/07/31 08:16:52 | 000,000,000 | ---D | C] -- C:\Users\Dirk\AppData\Roaming\Avira [2013/07/31 08:08:31 | 000,000,000 | ---D | C] -- C:\ProgramData\APN [2013/07/31 08:08:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2013/07/31 08:08:01 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013/07/31 08:08:01 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013/07/31 08:08:01 | 000,083,672 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013/07/31 08:08:01 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013/07/31 08:08:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2013/07/31 08:08:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2013/07/30 21:07:08 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe [2013/07/30 21:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2013/07/30 15:53:34 | 000,000,000 | ---D | C] -- C:\Users\Dirk\AppData\Roaming\Malwarebytes [2013/07/30 15:53:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/07/30 15:53:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/07/30 15:53:17 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013/07/30 15:53:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013/07/30 15:40:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2013/07/30 15:40:08 | 002,102,040 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll [2013/07/30 15:40:08 | 000,834,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\slcnt64.dll [2013/07/30 15:40:08 | 000,635,160 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\sltech64.dll [2013/07/30 15:40:08 | 000,528,152 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\sl3apo64.dll [2013/07/30 15:40:08 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2013/07/30 15:40:08 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll [2013/07/30 15:40:08 | 000,215,320 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\slprp64.dll [2013/07/30 15:40:08 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2013/07/30 15:40:08 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2013/07/30 15:40:08 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2013/07/30 15:40:07 | 007,164,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll [2013/07/30 15:40:07 | 004,816,664 | ---- | C] (ASUSTeKcomputer.Inc) -- C:\Windows\SysNative\RTKSMlfx.dll [2013/07/30 15:40:07 | 000,746,840 | ---- | C] (A-Volute) -- C:\Windows\SysNative\RTKSMSettingsIPC.dll [2013/07/30 15:40:07 | 000,434,960 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll [2013/07/30 15:40:07 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2013/07/30 15:40:07 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2013/07/30 15:40:07 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2013/07/30 15:40:07 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2013/07/30 15:40:07 | 000,141,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll [2013/07/30 15:40:07 | 000,124,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll [2013/07/30 15:40:07 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2013/07/30 15:40:07 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll [2013/07/30 15:40:07 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll [2013/07/30 15:40:07 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2013/07/30 15:40:07 | 000,075,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll [2013/07/30 15:40:07 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll [2013/07/30 15:40:06 | 014,021,912 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll [2013/07/30 15:40:06 | 009,123,608 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioVnA64.dll [2013/07/30 15:40:06 | 002,032,408 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll [2013/07/30 15:40:06 | 001,900,312 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll [2013/07/30 15:40:06 | 000,910,104 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll [2013/07/30 15:40:06 | 000,719,640 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO5064.dll [2013/07/30 15:40:06 | 000,612,728 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO4064.dll [2013/07/30 15:40:06 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll [2013/07/30 15:40:06 | 000,395,208 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll [2013/07/30 15:40:06 | 000,394,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll [2013/07/30 15:40:06 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2013/07/30 15:40:05 | 002,734,624 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2013/07/30 15:40:05 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll [2013/07/30 15:40:05 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll [2013/07/30 15:40:05 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll [2013/07/30 15:40:05 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll [2013/07/30 15:40:05 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll [2013/07/30 15:40:05 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll [2013/07/30 15:40:05 | 000,501,192 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll [2013/07/30 15:40:05 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll [2013/07/30 15:40:05 | 000,487,368 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll [2013/07/30 15:40:05 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll [2013/07/30 15:40:05 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll [2013/07/30 15:40:05 | 000,415,688 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll [2013/07/30 15:40:05 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll [2013/07/30 15:40:05 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll [2013/07/30 15:40:05 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll [2013/07/30 15:40:05 | 000,110,592 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll [2013/07/30 15:40:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2013/07/30 15:32:02 | 000,024,576 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2013/07/30 15:30:41 | 000,064,000 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\Intel_OpenCL_ICD64.dll [2013/07/30 15:30:41 | 000,060,416 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\Intel_OpenCL_ICD32.dll [2013/07/30 15:26:47 | 000,000,000 | ---D | C] -- C:\Users\Dirk\AppData\Local\SlimWare Utilities Inc [2013/07/30 15:26:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers [2013/07/30 15:26:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SlimDrivers [2013/07/30 15:26:42 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers [2013/07/30 14:52:47 | 000,000,000 | ---D | C] -- C:\Users\Dirk\AppData\Local\Akamai [2013/07/30 14:22:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices [2013/07/30 14:01:22 | 000,505,576 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\ImatDmk.sys [2013/07/30 14:01:22 | 000,307,888 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\MfeEEFF.sys [2013/07/30 14:01:22 | 000,206,424 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\ImatDs.sys [2013/07/30 14:01:22 | 000,067,880 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\MfeEEFFV.sys [2013/07/30 14:01:22 | 000,016,360 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\ImatDisk.sys [2013/07/30 14:00:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Anti-Theft Service [2013/07/30 13:55:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfeeAntiTheft [2013/07/30 13:55:41 | 000,000,000 | ---D | C] -- C:\Program Files\McAfeeAntiTheft [2013/07/29 17:23:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013/07/29 17:23:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2013/07/29 17:23:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2013/07/29 11:14:22 | 000,000,000 | ---D | C] -- C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Should I Remove It [2013/07/29 11:14:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reason [2013/07/29 10:25:35 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin [2013/07/23 09:14:08 | 000,000,000 | ---D | C] -- C:\Users\Dirk\Desktop\Bayreuth [2013/07/18 09:03:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT [2013/07/14 16:33:37 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2013/07/14 16:33:30 | 006,131,200 | ---- | C] (Advanced Messaging Systems LLC) -- C:\Windows\SysWow64\PhoenixDll.dll [2013/07/14 16:33:30 | 000,791,680 | ---- | C] (Advanced Messaging Systems LLC) -- C:\Windows\SysWow64\StellarProfile.dll [2013/07/14 16:33:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Windows Data Recovery - Professional [2013/07/14 16:33:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery [2013/07/14 12:38:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital [2013/07/07 19:13:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2 [2013/07/07 19:10:38 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2013/07/04 20:09:40 | 000,000,000 | ---D | C] -- C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvisoft [2013/07/04 20:09:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft [2013/07/04 09:43:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2013/07/04 09:42:46 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013/07/04 09:42:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2013/07/04 09:42:46 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013/07/04 09:42:46 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/07/31 09:25:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/07/31 09:23:18 | 000,412,912 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/07/31 09:23:16 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013/07/31 09:23:15 | 821,139,852 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013/07/31 09:23:14 | 3340,271,616 | -HS- | M] () -- C:\hiberfil.sys [2013/07/31 09:18:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/07/31 08:46:47 | 001,745,416 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/07/31 08:46:47 | 000,760,560 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013/07/31 08:46:47 | 000,717,670 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/07/31 08:46:47 | 000,158,770 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013/07/31 08:46:47 | 000,135,558 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/07/31 08:34:26 | 000,000,168 | ---- | M] () -- C:\Users\Dirk\defogger_reenable [2013/07/31 08:21:17 | 000,043,714 | ---- | M] () -- C:\Users\Dirk\Documents\cc_20130731_082047.reg [2013/07/31 08:07:17 | 000,083,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013/07/31 08:07:17 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013/07/31 08:07:16 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013/07/31 08:07:16 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013/07/30 21:07:08 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe [2013/07/30 15:39:49 | 000,016,258 | ---- | M] () -- C:\Windows\SysNative\results.xml [2013/07/30 14:58:23 | 002,526,590 | ---- | M] () -- C:\Users\Dirk\Documents\UX31AAS219.zip [2013/07/30 10:11:48 | 000,001,254 | ---- | M] () -- C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2013/07/26 18:23:00 | 000,322,467 | ---- | M] () -- C:\Users\Dirk\Documents\TSCards_Aid.pdf [2013/07/14 17:15:14 | 000,000,141 | ---- | M] () -- C:\Windows\spwdrp.INI [2013/07/07 19:09:48 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE [2013/07/07 19:07:37 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/07/31 09:23:15 | 821,139,852 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013/07/31 08:34:26 | 000,000,168 | ---- | C] () -- C:\Users\Dirk\defogger_reenable [2013/07/31 08:21:10 | 000,043,714 | ---- | C] () -- C:\Users\Dirk\Documents\cc_20130731_082047.reg [2013/07/30 15:40:07 | 003,180,912 | ---- | C] () -- C:\Windows\SysNative\drivers\rtvienna.dat [2013/07/30 15:40:07 | 000,465,645 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT [2013/07/30 15:38:33 | 000,014,480 | ---- | C] () -- C:\Windows\SysNative\rtcrco.dll [2013/07/30 15:30:40 | 000,012,288 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll [2013/07/30 15:30:37 | 024,283,136 | ---- | C] () -- C:\Windows\SysNative\igdfcl64.dll [2013/07/30 15:30:37 | 000,286,720 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll [2013/07/30 15:30:37 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2013/07/30 15:30:37 | 000,117,760 | ---- | C] () -- C:\Windows\SysNative\igdail64.dll [2013/07/30 15:30:37 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll [2013/07/30 15:30:34 | 002,384,896 | ---- | C] () -- C:\Windows\SysNative\GfxRes.dll [2013/07/30 15:30:26 | 000,256,973 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources [2013/07/30 15:30:26 | 000,243,062 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources [2013/07/30 15:30:26 | 000,225,909 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources [2013/07/30 15:30:26 | 000,192,779 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources [2013/07/30 15:30:26 | 000,189,982 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources [2013/07/30 15:30:26 | 000,184,704 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources [2013/07/30 15:30:26 | 000,173,641 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources [2013/07/30 15:30:26 | 000,173,255 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources [2013/07/30 15:30:26 | 000,171,308 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources [2013/07/30 15:30:26 | 000,170,949 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources [2013/07/30 15:30:26 | 000,170,868 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources [2013/07/30 15:30:26 | 000,169,419 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources [2013/07/30 15:30:26 | 000,168,766 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources [2013/07/30 15:30:26 | 000,168,624 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources [2013/07/30 15:30:26 | 000,168,145 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources [2013/07/30 15:30:26 | 000,167,827 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources [2013/07/30 15:30:26 | 000,167,279 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources [2013/07/30 15:30:26 | 000,166,207 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources [2013/07/30 15:30:26 | 000,166,115 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources [2013/07/30 15:30:26 | 000,165,888 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources [2013/07/30 15:30:26 | 000,165,805 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources [2013/07/30 15:30:26 | 000,165,389 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources [2013/07/30 15:30:26 | 000,164,428 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources [2013/07/30 15:30:26 | 000,161,093 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources [2013/07/30 15:30:26 | 000,160,055 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources [2013/07/30 15:30:26 | 000,159,440 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources [2013/07/30 15:30:26 | 000,154,905 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources [2013/07/30 15:30:26 | 000,148,171 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources [2013/07/30 15:30:26 | 000,146,480 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources [2013/07/30 15:30:26 | 000,044,025 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp [2013/07/30 15:30:26 | 000,043,816 | ---- | C] () -- C:\Windows\SysNative\iglhxc64_dev.vp [2013/07/30 15:30:26 | 000,043,494 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp [2013/07/30 15:30:26 | 000,043,298 | ---- | C] () -- C:\Windows\SysNative\iglhxg64_dev.vp [2013/07/30 15:30:26 | 000,043,256 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp [2013/07/30 15:30:26 | 000,042,079 | ---- | C] () -- C:\Windows\SysNative\iglhxo64_dev.vp [2013/07/30 15:30:26 | 000,017,502 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp [2013/07/30 15:30:26 | 000,001,125 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp [2013/07/30 15:30:25 | 002,813,952 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa [2013/07/30 15:30:25 | 000,001,806 | ---- | C] () -- C:\Windows\SysNative\GfxUIEx.exe.config [2013/07/30 15:30:25 | 000,000,935 | ---- | C] () -- C:\Windows\SysNative\DPTopologyApp.exe.config [2013/07/30 15:30:25 | 000,000,935 | ---- | C] () -- C:\Windows\SysNative\CustomModeApp.exe.config [2013/07/30 15:30:25 | 000,000,264 | ---- | C] () -- C:\Windows\SysNative\GfxUIHotKeyMenu.exe.config [2013/07/30 14:58:19 | 002,526,590 | ---- | C] () -- C:\Users\Dirk\Documents\UX31AAS219.zip [2013/07/26 18:22:47 | 000,322,467 | ---- | C] () -- C:\Users\Dirk\Documents\TSCards_Aid.pdf [2013/07/17 19:54:24 | 000,386,642 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml [2013/07/14 16:33:30 | 000,000,141 | ---- | C] () -- C:\Windows\spwdrp.INI [2013/07/14 14:48:16 | 000,412,912 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/04/16 20:36:41 | 000,000,106 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc [2013/04/16 10:45:06 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-DIESCHMIEDE-Microsoft-Windows-8-(64-Bit).dat [2012/12/27 22:04:54 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2012/11/17 13:32:50 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll [2012/11/17 13:26:46 | 000,185,216 | ---- | C] () -- C:\Windows\SysWow64\dptfinvalidpolicyremover.exe [2012/11/17 13:26:46 | 000,004,362 | ---- | C] () -- C:\Windows\SysWow64\dptfinvalidpolicyremover.ini [2012/09/27 07:24:41 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin [2012/09/27 07:24:26 | 019,586,560 | ---- | C] () -- C:\Windows\SysWow64\igdfcl32.dll [2012/09/27 07:24:24 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin [2012/08/17 02:52:29 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe [2012/08/17 02:52:28 | 000,000,217 | ---- | C] () -- C:\ProgramData\SetStretch.cmd [2012/07/26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2012/07/26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2012/07/26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2012/07/26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2012/07/25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2012/07/25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2012/07/25 22:22:56 | 000,267,284 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin [2012/07/25 22:22:54 | 000,963,376 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin [2012/06/02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2012/04/20 15:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [2012/12/19 23:49:46 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/03/06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/03/06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\Windows\SysWow64\wbem\fastprox.dll -- [2012/07/26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012/12/17 20:19:20 | 000,000,000 | ---D | M] -- C:\Users\Dirk\AppData\Roaming\ASUS WebStorage [2013/07/31 08:16:36 | 000,000,000 | ---D | M] -- C:\Users\Dirk\AppData\Roaming\DAEMON Tools Lite [2013/07/31 09:24:24 | 000,000,000 | ---D | M] -- C:\Users\Dirk\AppData\Roaming\Dropbox [2013/04/16 10:05:22 | 000,000,000 | ---D | M] -- C:\Users\Dirk\AppData\Roaming\gSyncit [2013/06/26 22:18:15 | 000,000,000 | ---D | M] -- C:\Users\Dirk\AppData\Roaming\NuGet [2013/02/28 11:06:05 | 000,000,000 | ---D | M] -- C:\Users\Dirk\AppData\Roaming\SYNCING.NET [2013/07/30 22:23:05 | 000,000,000 | ---D | M] -- C:\Users\Dirk\AppData\Roaming\UseNeXT [2013/07/31 08:16:31 | 000,000,000 | ---D | M] -- C:\Users\Dirk\AppData\Roaming\uTorrent ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 3072 bytes -> C:\ProgramData\WinZipEC:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\WinZip:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Western Digital:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\USBChargerPlus:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\UAB:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\TEMP:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\StarApp:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Roaming:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\RELOADED:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\regid.1991-06.com.microsoft:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\PRICache:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\PC Drivers HeadQuarters:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Mozilla:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tinypic:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Windows Data Recovery - Professional:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegHunter:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange 3:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCTGN:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Anti-Theft Service:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gSyncit:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverBoost:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft SkyDrive:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft Help:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\McAfee:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Malwarebytes:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\lx_Cats:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Intel:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Intel.sav:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\HitmanPro:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\FolderView:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\DriverBoost:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\DAEMON Tools Lite:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\ChangeFolderView:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Avira:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\ASUSLogos:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\ASUS:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\ASUS WebStorage:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Apple:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Apple Computer:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\APN:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Adobe:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\Program Files:IMAT__DS_DIR_HDR @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP  5FBE8F9< End of report > Extra-Report gab es nicht!!! Vielen Dank für die Hilfe, PropositionD |
|
31.07.2013, 08:48
| #2 |
| /// the machine /// TB-Ausbilder    | Seth Avazutracking.net hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
 So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
31.07.2013, 09:13
| #3 |
| | Seth Avazutracking.net Hallo und Danke für die schnelle Hilfsbereitschaft!
__________________Leider stürzt mein PC beim Ausführen von Frst 64 immer ab. (Sofort aus!!!) |
|
31.07.2013, 10:54
| #4 |
| /// the machine /// TB-Ausbilder | Seth Avazutracking.net
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.07.2013, 10:59
| #5 |
| | Seth Avazutracking.net Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-07-2013 03 Ran by Dirk at 2013-07-31 11:56:28 Running from C:\Users\Dirk\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= µTorrent (x32 Version: 3.3.0.29625) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94) Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03) Akamai NetSession Interface (HKCU) Apple Application Support (x32 Version: 2.3.4) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (x32 Version: 2.1.3.127) ASUS Smart Gesture (x32 Version: 1.0.32) ASUS USB Charger Plus (x32 Version: 2.1.4) Avira Free Antivirus (x32 Version: 13.0.0.3884) Bonjour (Version: 3.0.0.10) CCleaner (Version: 4.00) DAEMON Tools Lite (x32 Version: 4.47.1.0333) dows Driver Package - ASUS (ATP) Mouse (08/27/2012 1.0.0.125) (Version: 08/27/2012 1.0.0.125) DriverBoost (x32 Version: 8.1) Dropbox (HKCU Version: 2.0.22) gSyncit (Version: 3.6.139) Intel Anti-Theft Service (Version: 2.2.279.5) Intel PROSet Wireless Intel(R) Dynamic Platform and Thermal Framework (x32 Version: 6.0.5.1080) Intel(R) Management Engine Components (x32 Version: 8.1.0.1252) Intel(R) Processor Graphics (x32 Version: 9.18.10.3071) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.5.4.0423) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 2.6.1209.0268) Intel(R) Rapid Start Technology (x32 Version: 2.1.0.1002) Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.63463) Intel(R) WiDi (Version: 3.5.34.0) Intel® PROSet/Wireless WiFi Software (Version: 15.05.4000.1515) Intel® Trusted Connect Service Client (Version: 1.24.388.1) iTunes (Version: 11.0.4.4) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft Office 365 Home Premium - de-de (Version: 15.0.4517.1005) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SkyDrive (HKCU Version: 17.0.2011.0627) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0) Mozilla Maintenance Service (x32 Version: 22.0) Office 15 Click-to-Run Extensibility Component (Version: 15.0.4517.1005) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4481.1510) Office 15 Click-to-Run Licensing Component (Version: 15.0.4481.1510) Office 15 Click-to-Run Licensing Component (Version: 15.0.4517.1005) Office 15 Click-to-Run Localization Component (Version: 15.0.4517.1005) Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4481.1510) PDF-XChange 3 Realtek High Definition Audio Driver (x32 Version: 6.0.1.6886) Realtek USB 2.0 Card Reader (x32 Version: 6.2.8400.39032) RegHunter (Version: 1.0.59.1480) Shared C Run-time for x64 (Version: 10.0.0) Should I Remove It (HKCU Version: 1.0.4) Should I Remove It (x32 Version: 1.0.4) SlimDrivers (x32 Version: 2.2.30877) Stellar Phoenix Windows Data Recovery - Professional (x32 Version: 6.0.0.0) Tinypic 3.18 (x32 Version: Tinypic 3.18) Tweaking.com - Windows Repair (All in One) (x32 Version: 1.9.15) UseNeXT by Tangysoft (x32) VLC media player 2.0.7 (x32 Version: 2.0.7) WinZip 16.0 (Version: 16.0.9715) ==================== Restore Points ========================= 31-07-2013 07:09:22 Removed Mindjet MindManager 2012. ==================== Hosts content: ========================== 2012-07-26 07:26 - 2013-07-07 19:07 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {09934ED2-BE7F-40D0-8332-B053C3EEECAC} - System32\Tasks\Driver Detective-RTMRules => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe [2012-11-12] (PC Drivers Headquarters) Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation) Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance Task: {2353B327-C65F-4EFC-96DF-BB7EF62EED48} - System32\Tasks\WPD\SqmUpload_S-1-5-21-502259374-826088890-3482316187-500 => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {24E17DC9-4E02-4250-AC1F-4F940C51753E} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall Task: {286195CD-D299-4A86-A050-6BC3D098C0D3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks Task: {3034220B-EBFE-43FE-9CAE-D4525EC71A28} - System32\Tasks\DriverBoost-RTMRules => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe [2012-11-12] (PC Drivers Headquarters) Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update Task: {34E97044-C3B6-4F57-8C8B-BFF0434F20FB} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation) Task: {3566E118-6040-43F9-83C6-B46E85D0010C} - System32\Tasks\Driver Detective-RTMScan => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe [2012-11-12] (PC Drivers Headquarters) Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance Task: {4308D253-4419-49A5-84FC-C5A5FED71540} - System32\Tasks\RegHunterStartup => C:\Program Files\Enigma Software Group\RegHunter\RegHunter.exe [2011-08-30] (Enigma Software Group USA, LLC.) Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation) Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon Task: {56F740BC-7530-4095-BD5C-562D32125576} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd) Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required Task: {5E669804-3A5B-407D-A3A1-6E603CE1B05E} - System32\Tasks\Driver Detective-RTMUpdater => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe [2012-11-12] (PC Drivers Headquarters) Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation) Task: {63DD10C0-C3A6-4D57-ACA1-70E8017C16DC} - System32\Tasks\DriverBoost-RTMScan => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe [2012-11-12] (PC Drivers Headquarters) Task: {69672394-E6FC-439A-BEF3-70765510A6BF} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation) Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance Task: {7F62E4E6-0147-4136-A2B1-00FDE25C02A2} - System32\Tasks\DriverBoost-RTMUpdater => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe [2012-11-12] (PC Drivers Headquarters) Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime Task: {94A24447-B521-430C-A16C-FEE363BA51EA} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-502259374-826088890-3482316187-1001 Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic Task: {9E3B0FC0-9836-4259-A93E-55379E1E70A6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-06-09] (Microsoft Corporation) Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask Task: {AB591A87-6B2B-41E4-B862-2972EEDBFAEC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-07-11] (Microsoft Corporation) Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan Task: {B34F91B5-2923-4D02-AD42-05662B1223FB} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe No File Task: {B3C13BF9-6350-4E35-9668-8E60F7FA9761} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.) Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan Task: {C1ECA0F2-5507-434B-B59E-3C80A913ACD8} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DIESCHMIEDE-Dirk DieSchmiede => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2013-07-11] (Microsoft Corporation) Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork Task: {D06F3753-0DAF-4902-98A7-A7836E97C25D} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery Task: {E1A66493-F379-4728-ABB7-5EDE7A3ECBD1} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation) Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation) Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM Task: {FAC56AE9-E0D0-4061-ADC1-F8D23C646995} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {FF190D47-0945-48A2-8868-0D67AE5C4BCD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-28] (Adobe Systems Incorporated) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Faulty Device Manager Devices ============= Name: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter Description: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Intel Corporation Service: BTHUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (07/31/2013 11:13:12 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1328 Error: (07/31/2013 11:13:12 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1328 Error: (07/31/2013 11:13:12 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/31/2013 10:09:22 AM) (Source: DptfPolicyLpmServiceHelper) (User: ) Description: DptfPolicyLpmServiceHelperWinMain: CreateSharedMemory() failed. Error: (07/31/2013 10:09:22 AM) (Source: DptfPolicyLpmServiceHelper) (User: ) Description: DptfPolicyLpmServiceHelperCreateSharedMemory: CreateFileMapping() failed.Last error = [0x00000005] Error: (07/31/2013 10:09:12 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Ungültige XML-Syntax. Error: (07/31/2013 09:23:47 AM) (Source: DptfPolicyLpmServiceHelper) (User: ) Description: DptfPolicyLpmServiceHelperWinMain: CreateSharedMemory() failed. Error: (07/31/2013 09:23:47 AM) (Source: DptfPolicyLpmServiceHelper) (User: ) Description: DptfPolicyLpmServiceHelperCreateSharedMemory: CreateFileMapping() failed.Last error = [0x00000005] Error: (07/31/2013 09:23:39 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Ungültige XML-Syntax. Error: (07/31/2013 09:12:32 AM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 System errors: ============= Error: (07/31/2013 10:08:59 AM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 31.07.2013 um 09:48:19 unerwartet heruntergefahren. Error: (07/31/2013 09:23:20 AM) (Source: BugCheck) (User: ) Description: 0x00000124 (0x0000000000000000, 0xfffffa80045fe028, 0x00000000fe200000, 0x0000000000041136)C:\Windows\MEMORY.DMP073113-8750-01 Error: (07/31/2013 09:23:19 AM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 31.07.2013 um 09:02:53 unerwartet heruntergefahren. Error: (07/31/2013 08:38:46 AM) (Source: Service Control Manager) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (07/31/2013 08:38:46 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%2147942487 Error: (07/31/2013 08:38:46 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: %%2147942487 Error: (07/31/2013 08:38:07 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (07/31/2013 08:37:56 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Search" wurde mit dem folgenden dienstspezifischen Fehler beendet: %%2147749126 Error: (07/31/2013 08:37:56 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "Windows Search" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%0 Error: (07/31/2013 08:37:55 AM) (Source: BugCheck) (User: ) Description: 0x00000124 (0x0000000000000000, 0xfffffa80047c9028, 0x00000000fe200000, 0x0000000000041136)C:\Windows\MEMORY.DMP073113-6312-01 Microsoft Office Sessions: ========================= Error: (07/31/2013 11:13:12 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1328 Error: (07/31/2013 11:13:12 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1328 Error: (07/31/2013 11:13:12 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/31/2013 10:09:22 AM) (Source: DptfPolicyLpmServiceHelper)(User: ) Description: DptfPolicyLpmServiceHelperWinMain: CreateSharedMemory() failed. Error: (07/31/2013 10:09:22 AM) (Source: DptfPolicyLpmServiceHelper)(User: ) Description: DptfPolicyLpmServiceHelperCreateSharedMemory: CreateFileMapping() failed.Last error = [0x00000005] Error: (07/31/2013 10:09:12 AM) (Source: SideBySide)(User: ) Description: C:\Users\Dirk\Documents\Writemonkey\WriteMonkey.exe.ManifestC:\Users\Dirk\Documents\Writemonkey\WriteMonkey.exe.Config0 Error: (07/31/2013 09:23:47 AM) (Source: DptfPolicyLpmServiceHelper)(User: ) Description: DptfPolicyLpmServiceHelperWinMain: CreateSharedMemory() failed. Error: (07/31/2013 09:23:47 AM) (Source: DptfPolicyLpmServiceHelper)(User: ) Description: DptfPolicyLpmServiceHelperCreateSharedMemory: CreateFileMapping() failed.Last error = [0x00000005] Error: (07/31/2013 09:23:39 AM) (Source: SideBySide)(User: ) Description: C:\Users\Dirk\Documents\Writemonkey\WriteMonkey.exe.ManifestC:\Users\Dirk\Documents\Writemonkey\WriteMonkey.exe.Config0 Error: (07/31/2013 09:12:32 AM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 ==================== Memory info =========================== Percentage of memory in use: 50% Total physical RAM: 3981.91 MB Available physical RAM: 1975.49 MB Total Pagefile: 8077.91 MB Available Pagefile: 5882.52 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:94.23 GB) (Free:17.67 GB) NTFS (Disk=0 Partition=4) ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 119 GB) (Disk ID: 7DC96B9E) Partition: GPT Partition Type ==================== End Of Log ============================ FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-07-2013 03
Ran by Dirk (administrator) on 31-07-2013 11:55:51
Running from C:\Users\Dirk\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\system32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
() C:\Windows\system32\DptfPolicyConfigTDPService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
( ) C:\Windows\system32\lxebcoms.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\MfeFfCoreService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft) C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(McAfee, Inc.) C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\MfeFfCore.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Fieldston Software) C:\Program Files\Fieldston Software\gSyncit\gsyncit.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Users\Dirk\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Akamai Technologies, Inc.) C:\Users\Dirk\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Dirk\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Dropbox, Inc.) C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(McAfee, Inc.) c:\PROGRA~1\mcafee\msc\mcawfwk.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Farbar) C:\Users\Dirk\Downloads\FRST64(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [DptfPolicyLpmServiceHelper] - C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [21888 2012-07-30] ()
HKLM\...\Run: [ASUSQuickGesture(x86)] - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [20352 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUSTPLoader(x64)] - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe [169856 2012-09-11] (AsusTek)
HKLM\...\Run: [ASUSQuickGesture(x64)] - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe [22400 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp [x]
HKLM\...\Run: [MfeFfCore] - C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\MfeFfCore.exe [399176 2012-02-13] (McAfee, Inc.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2000-01-01] (Realtek Semiconductor)
HKLM\...\InprocServer32: [Default-cscui] <==== ATTENTION!
HKCU\...\Run: [DriverBoost] - C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe [3537336 2012-11-12] (PC Drivers Headquarters)
HKCU\...\Run: [Driver Detective] - C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe [3537336 2012-11-12] (PC Drivers Headquarters)
HKCU\...\Run: [gSyncit] - C:\Program Files\Fieldston Software\gSyncit\gsyncit.exe [166592 2013-04-08] (Fieldston Software)
HKCU\...\Run: [SkyDrive] - C:\Users\Dirk\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-07-02] (Microsoft Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Dirk\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
MountPoints2: {4a2d34d9-5135-11e2-be75-b92e64a0587f} - "D:\KoDP.exe" autorun
MountPoints2: {ac1082d3-c4c0-11e2-be8f-972169402560} - "E:\LaunchU3.exe" -a
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [299648 2012-10-07] (McAfee, Inc.)
HKLM-x32\...\Run: [ATUninstallIcon] - C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe [511232 2013-04-23] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [MetroTileShortcut] - C:\Program Files\McAfeeAntiTheft\2.2.279.5\McATUIHost.exe [1120992 2013-07-04] (McAfee, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-31] (Avira Operations GmbH & Co. KG)
AppInit_DLLs: C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\ImatSup.dll [61688 2013-06-21] ()
Startup: C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - DefaultScope {6BEA9054-A753-42D6-820C-E98B0EEB4549} URL = hxxp://searchou.com/?q={searchTerms}&id=de4edb83000000000000c4850842806b&r=234
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6BEA9054-A753-42D6-820C-E98B0EEB4549} URL = hxxp://searchou.com/?q={searchTerms}&id=de4edb83000000000000c4850842806b&r=234
BHO: ASUS Browser Extension x64 - {78234974-0C4B-4111-BDEB-D9A104418772} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {0C9F4179-A319-4c6a-A3E5-67FF3592A12E} - No File
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ASUS Browser Extension x86 - {78234974-0C4B-4111-BDEB-D9A104418771} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll (ASUSTeK Computer Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab
Handler: ipp - No CLSID Value -
Handler: msdaipp - No CLSID Value -
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: ipp - No CLSID Value -
Handler-x32: msdaipp - No CLSID Value -
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\2acnq9pm.default
FF NewTab: user_pref("browser.newtab.url", "");
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.teamliquid.net/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\2acnq9pm.default\Extensions\protectme@protectme.com
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Dirk\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll No File
CHR Extension: (Docs) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Gmail) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-31] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [331776 2012-07-26] (Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [29056 2012-07-30] ()
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [30592 2012-07-30] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-30] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 lxeb_device; C:\Windows\system32\lxebcoms.exe [1052328 2010-04-14] ( )
R2 McATScheduler; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 MfeFfCoreService; C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\MfeFfCoreService.exe [205128 2012-02-13] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-09] (Microsoft Corporation)
R2 Time; C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe [10752 2013-07-04] (Microsoft)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [56704 2012-09-11] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-07-31] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130016 2013-07-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-07-31] (Avira Operations GmbH & Co. KG)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [115400 2013-06-24] (ASIX Electronics Corp.)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [117632 2013-06-01] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [30720 2013-02-02] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-07-13] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-07-13] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-07-13] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [96064 2012-07-13] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [228672 2012-07-13] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [361792 2012-07-13] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-05-04] (DT Soft Ltd)
R1 ImatDisk; C:\Windows\system32\DRIVERS\ImatDisk.sys [16360 2013-06-21] (McAfee, Inc.)
R1 ImatDmk; C:\Windows\System32\DRIVERS\ImatDmk.sys [505576 2013-06-21] (McAfee, Inc.)
R1 ImatDs; C:\Windows\System32\DRIVERS\ImatDs.sys [206424 2013-06-21] (McAfee, Inc.)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-30] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R1 MfeEEFF; C:\Windows\System32\DRIVERS\MfeEEFF.sys [307888 2013-06-21] (McAfee, Inc.)
R1 MfeEEFFV; C:\Windows\System32\DRIVERS\MfeEEFFV.sys [67880 2013-06-21] (McAfee, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4293672 2012-09-13] (Intel Corporation)
R0 rtcrfilt64; C:\Windows\System32\DRIVERS\rtcrfilt64.sys [19600 2000-01-01] (Realtek Semiconductor Corp.)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 cpuz135; \??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
U0 msahci;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-31 11:55 - 2013-07-31 11:55 - 01781589 _____ (Farbar) C:\Users\Dirk\Downloads\FRST64(1).exe
2013-07-31 10:08 - 2013-07-31 10:08 - 00000000 ____D C:\FRST
2013-07-31 10:07 - 2013-07-31 10:07 - 01781589 _____ (Farbar) C:\Users\Dirk\Downloads\FRST64.exe
2013-07-31 09:35 - 2013-07-31 09:35 - 00175862 _____ C:\Users\Dirk\Downloads\OTL.Txt
2013-07-31 09:23 - 2013-07-31 09:23 - 821139852 _____ C:\Windows\MEMORY.DMP
2013-07-31 09:23 - 2013-07-31 09:23 - 00285840 _____ C:\Windows\Minidump\073113-8750-01.dmp
2013-07-31 08:37 - 2013-07-31 08:37 - 00290256 _____ C:\Windows\Minidump\073113-6312-01.dmp
2013-07-31 08:36 - 2013-07-31 08:36 - 00377856 _____ C:\Users\Dirk\Downloads\gmer_2.1.19163.exe
2013-07-31 08:34 - 2013-07-31 09:29 - 00000470 _____ C:\Users\Dirk\Downloads\defogger_disable.log
2013-07-31 08:34 - 2013-07-31 08:34 - 00602112 _____ (OldTimer Tools) C:\Users\Dirk\Downloads\OTL.exe
2013-07-31 08:34 - 2013-07-31 08:34 - 00000168 _____ C:\Users\Dirk\defogger_reenable
2013-07-31 08:33 - 2013-07-31 08:33 - 00050477 _____ C:\Users\Dirk\Downloads\Defogger.exe
2013-07-31 08:21 - 2013-07-31 08:21 - 00043714 _____ C:\Users\Dirk\Documents\cc_20130731_082047.reg
2013-07-31 08:16 - 2013-07-31 08:16 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Avira
2013-07-31 08:10 - 2013-07-31 08:18 - 00001092 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-07-31 08:08 - 2013-07-31 08:08 - 00000000 ____D C:\ProgramData\Avira
2013-07-31 08:08 - 2013-07-31 08:08 - 00000000 ____D C:\ProgramData\APN
2013-07-31 08:08 - 2013-07-31 08:08 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-31 08:08 - 2013-07-31 08:07 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-07-31 08:08 - 2013-07-31 08:07 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-07-31 08:08 - 2013-07-31 08:07 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-07-31 08:08 - 2013-07-31 08:07 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-07-31 08:04 - 2013-07-31 08:04 - 02092792 _____ C:\Users\Dirk\Downloads\avira_free_antivirus.exe
2013-07-30 21:07 - 2013-07-30 21:07 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2013-07-30 21:03 - 2013-07-30 21:07 - 00000000 ____D C:\ProgramData\HitmanPro
2013-07-30 21:03 - 2013-07-30 21:03 - 09833328 _____ (SurfRight B.V.) C:\Users\Dirk\Downloads\HitmanPro_x64.exe
2013-07-30 17:27 - 2013-07-30 17:28 - 00000000 ____D C:\Users\Dirk\Downloads\Systema
2013-07-30 17:26 - 2013-07-30 17:26 - 00000000 ____D C:\Users\Dirk\Downloads\Bleak House
2013-07-30 15:53 - 2013-07-30 15:53 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Malwarebytes
2013-07-30 15:53 - 2013-07-30 15:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-30 15:53 - 2013-07-30 15:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-30 15:53 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-30 15:40 - 2013-07-30 15:40 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-07-30 15:40 - 2000-01-01 02:00 - 22429696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2013-07-30 15:40 - 2000-01-01 02:00 - 14021912 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 09123608 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 04816664 _____ (ASUSTeKcomputer.Inc) C:\Windows\system32\RTKSMlfx.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 03693128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 03355336 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-07-30 15:40 - 2000-01-01 02:00 - 03180912 _____ C:\Windows\system32\Drivers\rtvienna.dat
2013-07-30 15:40 - 2000-01-01 02:00 - 02802760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 02734624 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 02102040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 02032408 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 01900312 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 01659464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-07-30 15:40 - 2000-01-01 02:00 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 01003080 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00912432 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00910104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00858032 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00834328 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00746840 _____ (A-Volute) C:\Windows\system32\RTKSMSettingsIPC.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00719640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00635160 _____ (SRS Labs, Inc.) C:\Windows\system32\sltech64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00613448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00612728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00569256 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00528152 _____ (SRS Labs, Inc.) C:\Windows\system32\sl3apo64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00465645 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-07-30 15:40 - 2000-01-01 02:00 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00395208 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00215320 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00148912 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00138824 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2013-07-30 15:38 - 2000-01-01 02:00 - 00019600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtcrfilt64.sys
2013-07-30 15:38 - 2000-01-01 02:00 - 00014480 _____ C:\Windows\system32\rtcrco.dll
2013-07-30 15:32 - 2013-02-25 07:22 - 00024576 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-07-30 15:31 - 2013-07-30 15:31 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-07-30 15:30 - 2000-01-01 02:00 - 24283136 _____ C:\Windows\system32\igdfcl64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 09802240 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 09362944 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 08647680 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 07861760 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 07558640 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 07093248 _____ (Intel Corporation) C:\Windows\system32\ig7icd64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 05528576 _____ (Intel Corporation) C:\Windows\SysWOW64\ig7icd32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 04534784 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2013-07-30 15:30 - 2000-01-01 02:00 - 04359168 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 03988480 _____ (Microsoft) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 03511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 03401728 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 03121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 02813952 _____ C:\Windows\system32\iglhxa64.cpa
2013-07-30 15:30 - 2000-01-01 02:00 - 02384896 _____ C:\Windows\system32\GfxRes.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 01758208 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 01040384 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00931840 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00861184 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00856576 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00745968 _____ (Intel Corporation) C:\Windows\system32\GfxUIHotKeyMenu.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00534000 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00529392 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00443904 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00443904 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00443392 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00443392 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00442368 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2013-07-30 15:30 - 2000-01-01 02:00 - 00442368 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00442368 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00442368 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00441856 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00441856 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00441856 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00441856 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00441840 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00441344 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00441344 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00440832 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00440832 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00440832 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00434176 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00434176 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00432640 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00430592 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00430080 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00407536 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00397808 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00357888 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00348160 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00345600 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00322560 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00288256 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00286720 _____ C:\Windows\system32\igdde64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00279024 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00258560 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00256973 _____ C:\Windows\system32\Gfxres.th-TH.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00250864 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00243062 _____ C:\Windows\system32\Gfxres.el-GR.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00240640 _____ C:\Windows\SysWOW64\igdde32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00225909 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00216064 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00192779 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00191488 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00189982 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00185840 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00184704 _____ C:\Windows\system32\Gfxres.he-IL.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00180224 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00173641 _____ C:\Windows\system32\Gfxres.it-IT.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00173255 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00171308 _____ C:\Windows\system32\Gfxres.es-ES.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00170949 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00170868 _____ C:\Windows\system32\Gfxres.de-DE.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00169419 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00168766 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00168624 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00168145 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00167827 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00167279 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00166207 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00166115 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00165888 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00165872 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00165805 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00165389 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00164428 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00161093 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00160055 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00159440 _____ C:\Windows\system32\Gfxres.da-DK.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00154905 _____ C:\Windows\system32\Gfxres.en-US.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00148171 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00146480 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00140288 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00124928 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2013-07-30 15:30 - 2000-01-01 02:00 - 00117760 _____ C:\Windows\system32\igdail64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00109056 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3071.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00103936 _____ C:\Windows\SysWOW64\igdail32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00064000 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00044025 _____ C:\Windows\system32\iglhxo64.vp
2013-07-30 15:30 - 2000-01-01 02:00 - 00043816 _____ C:\Windows\system32\iglhxc64_dev.vp
2013-07-30 15:30 - 2000-01-01 02:00 - 00043494 _____ C:\Windows\system32\iglhxc64.vp
2013-07-30 15:30 - 2000-01-01 02:00 - 00043298 _____ C:\Windows\system32\iglhxg64_dev.vp
2013-07-30 15:30 - 2000-01-01 02:00 - 00043256 _____ C:\Windows\system32\iglhxg64.vp
2013-07-30 15:30 - 2000-01-01 02:00 - 00042079 _____ C:\Windows\system32\iglhxo64_dev.vp
2013-07-30 15:30 - 2000-01-01 02:00 - 00029184 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00017502 _____ C:\Windows\system32\iglhxs64.vp
2013-07-30 15:30 - 2000-01-01 02:00 - 00015360 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00012288 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00001125 _____ C:\Windows\system32\iglhxa64.vp
2013-07-30 15:26 - 2013-07-30 15:26 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-07-30 15:26 - 2013-07-30 15:26 - 00000000 ____D C:\Users\Dirk\AppData\Local\SlimWare Utilities Inc
2013-07-30 14:58 - 2013-07-30 14:58 - 02526590 _____ C:\Users\Dirk\Documents\UX31AAS219.zip
2013-07-30 14:53 - 2013-07-30 14:53 - 00017408 ___SH C:\Users\Dirk\Documents\Thumbs.db
2013-07-30 14:52 - 2013-07-30 14:58 - 00000000 ____D C:\Users\Dirk\AppData\Local\Akamai
2013-07-30 14:01 - 2013-06-21 03:09 - 00505576 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\ImatDmk.sys
2013-07-30 14:01 - 2013-06-21 03:09 - 00307888 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\MfeEEFF.sys
2013-07-30 14:01 - 2013-06-21 03:09 - 00206424 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\ImatDs.sys
2013-07-30 14:01 - 2013-06-21 03:09 - 00067880 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\MfeEEFFV.sys
2013-07-30 14:01 - 2013-06-21 03:09 - 00016360 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\ImatDisk.sys
2013-07-30 14:00 - 2013-07-30 14:01 - 00000000 ____D C:\Users\Default\AppData\Roaming\IMAT
2013-07-30 14:00 - 2013-07-30 14:01 - 00000000 ____D C:\Users\Default User\AppData\Roaming\IMAT
2013-07-30 13:55 - 2013-07-30 14:00 - 00000000 ____D C:\Program Files\McAfeeAntiTheft
2013-07-30 13:55 - 2013-07-30 13:55 - 00000000 ____D C:\Program Files\Common Files\McAfeeAntiTheft
2013-07-29 20:22 - 2013-07-29 04:29 - 480515936 _____ C:\Users\Dirk\Downloads\Title.S06e07.HDTV.x264-2HD.mp4
2013-07-29 17:23 - 2013-07-29 17:23 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-29 17:23 - 2013-07-29 17:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-29 13:41 - 2013-07-30 17:24 - 00000000 ____D C:\Users\Dirk\Downloads\Systema - Val Riazanov - Ballistic Striking
2013-07-29 11:14 - 2013-07-29 11:14 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Should I Remove It
2013-07-29 11:14 - 2013-07-29 11:14 - 00000000 ____D C:\Program Files (x86)\Reason
2013-07-29 10:25 - 2013-07-29 11:14 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-07-28 21:57 - 2013-07-25 21:09 - 551114165 _____ C:\Users\Dirk\Downloads\True Blood S06e06.mp4
2013-07-28 21:47 - 2013-07-27 13:45 - 397154176 _____ C:\Users\Dirk\Downloads\luther.S03E04.mp4
2013-07-27 10:36 - 2013-07-27 10:43 - 00002234 _____ C:\ProgramData\lxebJSW.log
2013-07-27 00:31 - 2013-07-27 10:30 - 00000000 ____D C:\Users\Dirk\Downloads\Breaking Bad season 3
2013-07-23 09:50 - 2010-12-04 19:14 - 733900800 _____ C:\Users\Dirk\Downloads\Shaun das Schaaf - Die Schlammschlacht.avi
2013-07-23 09:45 - 2013-07-30 17:27 - 00000000 ____D C:\Users\Dirk\Downloads\wizard
2013-07-23 09:14 - 2013-07-28 16:31 - 00000000 ____D C:\Users\Dirk\Desktop\Bayreuth
2013-07-21 21:35 - 2013-07-30 17:29 - 00000000 ____D C:\Users\Dirk\Downloads\Homicide
2013-07-18 20:27 - 2013-07-18 20:50 - 1661405712 _____ C:\Users\Dirk\Downloads\the act of killing.m4v
2013-07-18 09:03 - 2013-07-18 09:03 - 00000000 ____D C:\Windows\system32\MRT
2013-07-17 19:54 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-07-17 19:54 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-07-17 19:54 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-07-17 19:54 - 2013-06-01 13:33 - 02233600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-17 19:54 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-07-17 19:54 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-07-17 19:54 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-17 19:54 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-07-17 19:54 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-07-17 19:54 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-17 19:54 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-07-17 19:54 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-07-17 19:54 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-07-17 19:54 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-07-17 19:54 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-07-17 19:54 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-07-17 19:54 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-17 19:54 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-17 19:54 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-07-17 19:54 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2013-07-17 19:54 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-07-17 19:54 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2013-07-17 19:54 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-07-17 19:54 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2013-07-17 19:54 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2013-07-17 19:54 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-07-17 19:54 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-07-17 19:54 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2013-07-17 19:54 - 2013-06-01 05:08 - 00117632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthA2DP.sys
2013-07-17 19:54 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-07-17 19:54 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-07-17 19:54 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-07-17 19:54 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-07-17 19:54 - 2013-05-20 02:08 - 00386642 _____ C:\Windows\system32\ApnDatabase.xml
2013-07-17 19:46 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-07-14 16:33 - 2013-07-14 17:15 - 00000141 _____ C:\Windows\spwdrp.INI
2013-07-14 16:33 - 2013-07-14 17:15 - 00000000 ____D C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery
2013-07-14 16:33 - 2012-12-06 11:27 - 06131200 _____ (Advanced Messaging Systems LLC) C:\Windows\SysWOW64\PhoenixDll.dll
2013-07-14 16:33 - 2012-12-04 21:29 - 00791680 _____ (Advanced Messaging Systems LLC) C:\Windows\SysWOW64\StellarProfile.dll
2013-07-14 14:48 - 2013-07-31 09:23 - 00412912 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-14 12:38 - 2013-07-14 12:38 - 00000000 ____D C:\ProgramData\Western Digital
2013-07-10 23:20 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 23:20 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 23:20 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 23:20 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 23:20 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 23:19 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 23:19 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 23:19 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 23:19 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 23:19 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 23:19 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 23:19 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 23:19 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 23:19 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 23:19 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 23:19 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 23:19 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 23:18 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 23:18 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 23:18 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 23:18 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 23:18 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 23:13 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 23:13 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-04 21:19 - 2013-07-31 10:40 - 01513323 _____ C:\Windows\WindowsUpdate.log
2013-07-04 20:28 - 2013-07-04 20:28 - 00000000 ____D C:\Users\Public\Anvisoft
2013-07-04 20:09 - 2013-07-07 17:04 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvisoft
2013-07-04 20:09 - 2013-07-07 17:04 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2013-07-04 09:42 - 2013-07-07 17:10 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-04 09:42 - 2013-07-07 17:10 - 00000000 ____D C:\Program Files\iTunes
2013-07-04 09:42 - 2013-07-07 17:10 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-07-04 09:42 - 2013-07-07 17:09 - 00000000 ____D C:\Program Files\iPod
==================== One Month Modified Files and Folders =======
2013-07-31 11:55 - 2013-07-31 11:55 - 01781589 _____ (Farbar) C:\Users\Dirk\Downloads\FRST64(1).exe
2013-07-31 11:47 - 2012-12-27 15:11 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\vlc
2013-07-31 11:19 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-07-31 11:18 - 2012-12-19 22:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-31 11:15 - 2013-03-04 18:37 - 00000000 ____D C:\Users\Dirk\Documents\Outlook-Dateien
2013-07-31 11:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-07-31 10:40 - 2013-07-04 21:19 - 01513323 _____ C:\Windows\WindowsUpdate.log
2013-07-31 10:20 - 2013-06-04 08:48 - 00005144 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for DIESCHMIEDE-Dirk DieSchmiede
2013-07-31 10:13 - 2012-08-03 01:02 - 00760560 _____ C:\Windows\system32\perfh007.dat
2013-07-31 10:13 - 2012-08-03 01:02 - 00158770 _____ C:\Windows\system32\perfc007.dat
2013-07-31 10:13 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-31 10:10 - 2013-04-08 16:01 - 00000000 ___RD C:\Users\Dirk\SkyDrive
2013-07-31 10:10 - 2012-12-19 22:39 - 00000000 ___RD C:\Users\Dirk\Dropbox
2013-07-31 10:10 - 2012-12-19 22:34 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Dropbox
2013-07-31 10:09 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-31 10:08 - 2013-07-31 10:08 - 00000000 ____D C:\FRST
2013-07-31 10:07 - 2013-07-31 10:07 - 01781589 _____ (Farbar) C:\Users\Dirk\Downloads\FRST64.exe
2013-07-31 09:43 - 2012-12-17 20:33 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-502259374-826088890-3482316187-1001
2013-07-31 09:35 - 2013-07-31 09:35 - 00175862 _____ C:\Users\Dirk\Downloads\OTL.Txt
2013-07-31 09:29 - 2013-07-31 08:34 - 00000470 _____ C:\Users\Dirk\Downloads\defogger_disable.log
2013-07-31 09:23 - 2013-07-31 09:23 - 821139852 _____ C:\Windows\MEMORY.DMP
2013-07-31 09:23 - 2013-07-31 09:23 - 00285840 _____ C:\Windows\Minidump\073113-8750-01.dmp
2013-07-31 09:23 - 2013-07-14 14:48 - 00412912 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-31 09:23 - 2012-12-17 21:42 - 00000000 ____D C:\Windows\Minidump
2013-07-31 08:37 - 2013-07-31 08:37 - 00290256 _____ C:\Windows\Minidump\073113-6312-01.dmp
2013-07-31 08:36 - 2013-07-31 08:36 - 00377856 _____ C:\Users\Dirk\Downloads\gmer_2.1.19163.exe
2013-07-31 08:34 - 2013-07-31 08:34 - 00602112 _____ (OldTimer Tools) C:\Users\Dirk\Downloads\OTL.exe
2013-07-31 08:34 - 2013-07-31 08:34 - 00000168 _____ C:\Users\Dirk\defogger_reenable
2013-07-31 08:34 - 2012-12-17 20:16 - 00000000 ____D C:\Users\Dirk
2013-07-31 08:33 - 2013-07-31 08:33 - 00050477 _____ C:\Users\Dirk\Downloads\Defogger.exe
2013-07-31 08:21 - 2013-07-31 08:21 - 00043714 _____ C:\Users\Dirk\Documents\cc_20130731_082047.reg
2013-07-31 08:18 - 2013-07-31 08:10 - 00001092 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-07-31 08:16 - 2013-07-31 08:16 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Avira
2013-07-31 08:16 - 2013-02-06 21:54 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\uTorrent
2013-07-31 08:16 - 2013-01-02 11:47 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\DAEMON Tools Lite
2013-07-31 08:10 - 2012-07-26 07:26 - 00524288 ___SH C:\Windows\system32\config\BBI
2013-07-31 08:08 - 2013-07-31 08:08 - 00000000 ____D C:\ProgramData\Avira
2013-07-31 08:08 - 2013-07-31 08:08 - 00000000 ____D C:\ProgramData\APN
2013-07-31 08:08 - 2013-07-31 08:08 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-31 08:07 - 2013-07-31 08:08 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-07-31 08:07 - 2013-07-31 08:08 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-07-31 08:07 - 2013-07-31 08:08 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-07-31 08:07 - 2013-07-31 08:08 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-07-31 08:04 - 2013-07-31 08:04 - 02092792 _____ C:\Users\Dirk\Downloads\avira_free_antivirus.exe
2013-07-30 22:23 - 2013-02-06 21:17 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\UseNeXT
2013-07-30 21:07 - 2013-07-30 21:07 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2013-07-30 21:07 - 2013-07-30 21:03 - 00000000 ____D C:\ProgramData\HitmanPro
2013-07-30 21:03 - 2013-07-30 21:03 - 09833328 _____ (SurfRight B.V.) C:\Users\Dirk\Downloads\HitmanPro_x64.exe
2013-07-30 17:29 - 2013-07-21 21:35 - 00000000 ____D C:\Users\Dirk\Downloads\Homicide
2013-07-30 17:28 - 2013-07-30 17:27 - 00000000 ____D C:\Users\Dirk\Downloads\Systema
2013-07-30 17:27 - 2013-07-23 09:45 - 00000000 ____D C:\Users\Dirk\Downloads\wizard
2013-07-30 17:26 - 2013-07-30 17:26 - 00000000 ____D C:\Users\Dirk\Downloads\Bleak House
2013-07-30 17:24 - 2013-07-29 13:41 - 00000000 ____D C:\Users\Dirk\Downloads\Systema - Val Riazanov - Ballistic Striking
2013-07-30 17:24 - 2013-02-15 15:20 - 00376320 ___SH C:\Users\Dirk\Downloads\Thumbs.db
2013-07-30 16:37 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-07-30 15:53 - 2013-07-30 15:53 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Malwarebytes
2013-07-30 15:53 - 2013-07-30 15:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-30 15:53 - 2013-07-30 15:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-30 15:40 - 2013-07-30 15:40 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-07-30 15:40 - 2012-11-17 13:23 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-30 15:39 - 2012-11-17 13:25 - 00016258 _____ C:\Windows\system32\results.xml
2013-07-30 15:38 - 2012-11-17 13:29 - 00000000 ____D C:\Windows\SysWOW64\sda
2013-07-30 15:38 - 2012-11-17 13:27 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-07-30 15:31 - 2013-07-30 15:31 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-07-30 15:31 - 2012-11-17 13:24 - 00000000 ____D C:\Program Files\Common Files\Intel
2013-07-30 15:31 - 2012-11-17 13:23 - 00000000 ____D C:\Program Files (x86)\Intel
2013-07-30 15:26 - 2013-07-30 15:26 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-07-30 15:26 - 2013-07-30 15:26 - 00000000 ____D C:\Users\Dirk\AppData\Local\SlimWare Utilities Inc
2013-07-30 14:58 - 2013-07-30 14:58 - 02526590 _____ C:\Users\Dirk\Documents\UX31AAS219.zip
2013-07-30 14:58 - 2013-07-30 14:52 - 00000000 ____D C:\Users\Dirk\AppData\Local\Akamai
2013-07-30 14:53 - 2013-07-30 14:53 - 00017408 ___SH C:\Users\Dirk\Documents\Thumbs.db
2013-07-30 14:53 - 2013-04-09 12:35 - 00000000 ____D C:\Users\Dirk\Documents\Dungeon_World
2013-07-30 14:35 - 2013-03-28 13:56 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-07-30 14:01 - 2013-07-30 14:00 - 00000000 ____D C:\Users\Default\AppData\Roaming\IMAT
2013-07-30 14:01 - 2013-07-30 14:00 - 00000000 ____D C:\Users\Default User\AppData\Roaming\IMAT
2013-07-30 14:01 - 2013-03-28 13:56 - 00000000 ____D C:\Program Files\McAfee
2013-07-30 14:00 - 2013-07-30 13:55 - 00000000 ____D C:\Program Files\McAfeeAntiTheft
2013-07-30 13:55 - 2013-07-30 13:55 - 00000000 ____D C:\Program Files\Common Files\McAfeeAntiTheft
2013-07-29 17:23 - 2013-07-29 17:23 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-29 17:23 - 2013-07-29 17:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-29 11:14 - 2013-07-29 11:14 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Should I Remove It
2013-07-29 11:14 - 2013-07-29 11:14 - 00000000 ____D C:\Program Files (x86)\Reason
2013-07-29 11:14 - 2013-07-29 10:25 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-07-29 04:29 - 2013-07-29 20:22 - 480515936 _____ C:\Users\Dirk\Downloads\Title.S06e07.HDTV.x264-2HD.mp4
2013-07-28 16:44 - 2012-12-25 10:26 - 00000000 ____D C:\Users\Dirk\AppData\Local\Adobe
2013-07-28 16:44 - 2012-12-19 22:02 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-28 16:43 - 2013-04-08 19:10 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-07-28 16:31 - 2013-07-23 09:14 - 00000000 ____D C:\Users\Dirk\Desktop\Bayreuth
2013-07-27 13:45 - 2013-07-28 21:47 - 397154176 _____ C:\Users\Dirk\Downloads\luther.S03E04.mp4
2013-07-27 11:12 - 2012-12-17 20:17 - 00000000 ____D C:\Users\Dirk\AppData\Local\Packages
2013-07-27 10:43 - 2013-07-27 10:36 - 00002234 _____ C:\ProgramData\lxebJSW.log
2013-07-27 10:36 - 2013-06-06 15:29 - 00000000 ____D C:\ProgramData\lx_Cats
2013-07-27 10:30 - 2013-07-27 00:31 - 00000000 ____D C:\Users\Dirk\Downloads\Breaking Bad season 3
2013-07-26 23:52 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-25 21:09 - 2013-07-28 21:57 - 551114165 _____ C:\Users\Dirk\Downloads\True Blood S06e06.mp4
2013-07-18 20:50 - 2013-07-18 20:27 - 1661405712 _____ C:\Users\Dirk\Downloads\the act of killing.m4v
2013-07-18 09:04 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-18 09:03 - 2013-07-18 09:03 - 00000000 ____D C:\Windows\system32\MRT
2013-07-14 17:15 - 2013-07-14 16:33 - 00000141 _____ C:\Windows\spwdrp.INI
2013-07-14 17:15 - 2013-07-14 16:33 - 00000000 ____D C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery
2013-07-14 12:38 - 2013-07-14 12:38 - 00000000 ____D C:\ProgramData\Western Digital
2013-07-11 12:26 - 2012-07-26 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-07 19:09 - 2013-04-16 10:26 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-07-07 19:07 - 2012-07-26 07:26 - 00000306 _____ C:\Windows\win.ini
2013-07-07 17:10 - 2013-07-04 09:42 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-07 17:10 - 2013-07-04 09:42 - 00000000 ____D C:\Program Files\iTunes
2013-07-07 17:10 - 2013-07-04 09:42 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-07-07 17:10 - 2013-06-28 22:44 - 00000000 ____D C:\Program Files (x86)\Desk 365
2013-07-07 17:10 - 2013-05-26 19:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-07 17:10 - 2013-01-28 12:18 - 00000000 ____D C:\Users\Administrator
2013-07-07 17:10 - 2013-01-02 21:01 - 00000000 ____D C:\Users\Dirk\Documents\WinFlash_Win8_64_Z2411
2013-07-07 17:10 - 2013-01-02 11:45 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-07-07 17:10 - 2012-12-26 17:30 - 00000000 ____D C:\Users\Dirk\AppData\Local\Studio_pomaranča_d.o.o__O
2013-07-07 17:10 - 2012-12-23 23:37 - 00000000 ____D C:\Users\Dirk\Documents\Writemonkey
2013-07-07 17:10 - 2012-12-19 11:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-07 17:10 - 2012-12-17 20:18 - 00000000 ___RD C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-07 17:10 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-07-07 17:10 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-07-07 17:10 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\registration
2013-07-07 17:10 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-07-07 17:10 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-07-07 17:10 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-07-07 17:10 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Sysprep
2013-07-07 17:10 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2013-07-07 17:10 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-07-07 17:09 - 2013-07-04 09:42 - 00000000 ____D C:\Program Files\iPod
2013-07-07 17:09 - 2013-06-26 21:27 - 00000000 ____D C:\Users\Dirk\Documents\OCTGN
2013-07-07 17:09 - 2013-04-16 08:43 - 00000000 __RHD C:\MSOCache
2013-07-07 17:09 - 2013-03-10 08:47 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-07 17:09 - 2012-12-19 11:01 - 00000000 ____D C:\Users\Dirk\AppData\Local\Mozilla
2013-07-07 17:04 - 2013-07-04 20:09 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvisoft
2013-07-07 17:04 - 2013-07-04 20:09 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2013-07-07 17:04 - 2013-06-16 21:07 - 00000000 ____D C:\Users\Dirk\AppData\Local\Google
2013-07-04 20:29 - 2012-08-03 00:24 - 00000000 ____D C:\Windows\Panther
2013-07-04 20:28 - 2013-07-04 20:28 - 00000000 ____D C:\Users\Public\Anvisoft
2013-07-02 10:26 - 2013-04-08 16:01 - 00002281 _____ C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-31 03:00
==================== End Of Log ============================
|
|
31.07.2013, 11:51
| #6 |
| /// the machine /// TB-Ausbilder | Seth Avazutracking.net Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Seth Avazutracking.net |
|
31.07.2013, 12:35
| #7 |
| | Seth Avazutracking.net Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.07.31.03 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16635 Dirk :: DIESCHMIEDE [limitiert] 31/07/2013 13:03:31 mbam-log-2013-07-31 (13-03-31).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 244047 Laufzeit: 2 Minute(n), 21 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\Dirk\AppData\Local\Temp\OuHJAjOt.exe.part (PUP.Optional.Solimba) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter # AdwCleaner v2.306 - Datei am 31/07/2013 um 13:15:31 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzer : Dirk - DIESCHMIEDE
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Dirk\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\Program Files (x86)\Desk 365
Ordner Gelöscht : C:\ProgramData\APN
Ordner Gelöscht : C:\Users\Dirk\AppData\Local\Temp\APN
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v22.0 (de)
Datei : C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\2acnq9pm.default\prefs.js
Gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
-\\ Google Chrome v [Version kann nicht ermittelt werden]
Datei : C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [37835 octets] - [28/06/2013 22:48:25]
AdwCleaner[S1].txt - [478 octets] - [28/06/2013 22:48:51]
AdwCleaner[S2].txt - [36963 octets] - [28/06/2013 23:10:13]
AdwCleaner[S3].txt - [1245 octets] - [31/07/2013 13:15:31]
########## EOF - C:\AdwCleaner[S3].txt - [1305 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.9 (07.30.2013:1)
OS: Windows 8 x64
Ran by Dirk on 31/07/2013 at 13:22:56.96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{a0b10ebe-4e51-4cae-949b-e6b9e7d68cea}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{bb975e58-e769-4e5a-ba12-b765bc559ff3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{fb684d26-01f4-4d9d-87cb-f486beba56dc}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6BEA9054-A753-42D6-820C-E98B0EEB4549}
~~~ Files
~~~ Folders
Failed to delete: [Folder] "C:\Windows\syswow64\ai_recyclebin"
~~~ FireFox
Successfully deleted the following from C:\Users\Dirk\AppData\Roaming\mozilla\firefox\profiles\2acnq9pm.default\prefs.js
user_pref("extensions.privitize.admin", false);
user_pref("extensions.privitize.aflt", "orgnl");
user_pref("extensions.privitize.appId", "{301966DF-A84B-4255-AAB9-574B5CE237E4}");
user_pref("extensions.privitize.autoRvrt", "false");
user_pref("extensions.privitize.dfltLng", "");
user_pref("extensions.privitize.dfltSrch", true);
user_pref("extensions.privitize.dnsErr", true);
user_pref("extensions.privitize.dspFFXOld", "Google");
user_pref("extensions.privitize.excTlbr", true);
user_pref("extensions.privitize.ffxUnstlRst", false);
user_pref("extensions.privitize.hmpg", true);
user_pref("extensions.privitize.hmpgUrl", "hxxp://searchou.com/?id=de4edb83000000000000c4850842806b");
user_pref("extensions.privitize.hpOld0", "hxxp://www.teamliquid.net/");
user_pref("extensions.privitize.id", "de4edb83000000000000c4850842806b");
user_pref("extensions.privitize.instlDay", "15872");
user_pref("extensions.privitize.instlRef", "");
user_pref("extensions.privitize.kw_url", "hxxp://searchou.com/?q={searchTerms}&id=de4edb83000000000000c4850842806b");
user_pref("extensions.privitize.lastB", "hxxp://searchou.com/?id=de4edb83000000000000c4850842806b");
user_pref("extensions.privitize.lastVrsnTs", "1.8.16.2221:06:38");
user_pref("extensions.privitize.newTab", true);
user_pref("extensions.privitize.newTabUrl", "hxxp://searchou.com/?id=de4edb83000000000000c4850842806b");
user_pref("extensions.privitize.prdct", "privitize");
user_pref("extensions.privitize.prtnrId", "privitize");
user_pref("extensions.privitize.rvrt", "false");
user_pref("extensions.privitize.smplGrp", "none");
user_pref("extensions.privitize.tlbrId", "base");
user_pref("extensions.privitize.tlbrSrchUrl", "hxxp://searchou.com/?id=de4edb83000000000000c4850842806b&q=");
user_pref("extensions.privitize.vrsn", "1.8.16.22");
user_pref("extensions.privitize.vrsnTs", "1.8.16.2221:06:38");
user_pref("extensions.privitize.vrsni", "1.8.16.22");
Emptied folder: C:\Users\Dirk\AppData\Roaming\mozilla\firefox\profiles\2acnq9pm.default\minidumps [13 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31/07/2013 at 13:25:38.44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-07-2013 03
Ran by Dirk (administrator) on 31-07-2013 13:33:50
Running from C:\Users\Dirk\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\system32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
() C:\Windows\system32\DptfPolicyConfigTDPService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
( ) C:\Windows\system32\lxebcoms.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\MfeFfCoreService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft) C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(McAfee, Inc.) c:\PROGRA~1\mcafee\msc\mcawfwk.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(McAfee, Inc.) C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\MfeFfCore.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Fieldston Software) C:\Program Files\Fieldston Software\gSyncit\gsyncit.exe
(Microsoft Corporation) C:\Users\Dirk\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Microsoft Corporation) C:\Windows\syswow64\wwahost.exe
(Farbar) C:\Users\Dirk\Downloads\FRST64(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [DptfPolicyLpmServiceHelper] - C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [21888 2012-07-30] ()
HKLM\...\Run: [ASUSQuickGesture(x86)] - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [20352 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUSTPLoader(x64)] - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe [169856 2012-09-11] (AsusTek)
HKLM\...\Run: [ASUSQuickGesture(x64)] - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe [22400 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp [x]
HKLM\...\Run: [MfeFfCore] - C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\MfeFfCore.exe [399176 2012-02-13] (McAfee, Inc.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2000-01-01] (Realtek Semiconductor)
HKLM\...\InprocServer32: [Default-cscui] <==== ATTENTION!
HKCU\...\Run: [DriverBoost] - C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe [3537336 2012-11-12] (PC Drivers Headquarters)
HKCU\...\Run: [Driver Detective] - C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe [3537336 2012-11-12] (PC Drivers Headquarters)
HKCU\...\Run: [gSyncit] - C:\Program Files\Fieldston Software\gSyncit\gsyncit.exe [166592 2013-04-08] (Fieldston Software)
HKCU\...\Run: [SkyDrive] - C:\Users\Dirk\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-07-02] (Microsoft Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Dirk\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
MountPoints2: {4a2d34d9-5135-11e2-be75-b92e64a0587f} - "D:\KoDP.exe" autorun
MountPoints2: {ac1082d3-c4c0-11e2-be8f-972169402560} - "E:\LaunchU3.exe" -a
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [299648 2012-10-07] (McAfee, Inc.)
HKLM-x32\...\Run: [ATUninstallIcon] - C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe [511232 2013-04-23] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [MetroTileShortcut] - C:\Program Files\McAfeeAntiTheft\2.2.279.5\McATUIHost.exe [1120992 2013-07-04] (McAfee, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-31] (Avira Operations GmbH & Co. KG)
AppInit_DLLs: C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\ImatSup.dll [61688 2013-06-21] ()
Startup: C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ASUS Browser Extension x64 - {78234974-0C4B-4111-BDEB-D9A104418772} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {0C9F4179-A319-4c6a-A3E5-67FF3592A12E} - No File
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ASUS Browser Extension x86 - {78234974-0C4B-4111-BDEB-D9A104418771} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll (ASUSTeK Computer Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab
Handler: ipp - No CLSID Value -
Handler: msdaipp - No CLSID Value -
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: ipp - No CLSID Value -
Handler-x32: msdaipp - No CLSID Value -
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\2acnq9pm.default
FF NewTab: user_pref("browser.newtab.url", "");
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.teamliquid.net/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\2acnq9pm.default\Extensions\protectme@protectme.com
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Dirk\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll No File
CHR Extension: (Docs) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Gmail) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-31] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [331776 2012-07-26] (Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [29056 2012-07-30] ()
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [30592 2012-07-30] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-30] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 lxeb_device; C:\Windows\system32\lxebcoms.exe [1052328 2010-04-14] ( )
R2 McATScheduler; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 MfeFfCoreService; C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\MfeFfCoreService.exe [205128 2012-02-13] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-09] (Microsoft Corporation)
R2 Time; C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe [10752 2013-07-04] (Microsoft)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [56704 2012-09-11] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-07-31] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130016 2013-07-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-07-31] (Avira Operations GmbH & Co. KG)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [115400 2013-06-24] (ASIX Electronics Corp.)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [117632 2013-06-01] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [30720 2013-02-02] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-07-13] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-07-13] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-07-13] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [96064 2012-07-13] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [228672 2012-07-13] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [361792 2012-07-13] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-05-04] (DT Soft Ltd)
R1 ImatDisk; C:\Windows\system32\DRIVERS\ImatDisk.sys [16360 2013-06-21] (McAfee, Inc.)
R1 ImatDmk; C:\Windows\System32\DRIVERS\ImatDmk.sys [505576 2013-06-21] (McAfee, Inc.)
R1 ImatDs; C:\Windows\System32\DRIVERS\ImatDs.sys [206424 2013-06-21] (McAfee, Inc.)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-30] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R1 MfeEEFF; C:\Windows\System32\DRIVERS\MfeEEFF.sys [307888 2013-06-21] (McAfee, Inc.)
R1 MfeEEFFV; C:\Windows\System32\DRIVERS\MfeEEFFV.sys [67880 2013-06-21] (McAfee, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4293672 2012-09-13] (Intel Corporation)
R0 rtcrfilt64; C:\Windows\System32\DRIVERS\rtcrfilt64.sys [19600 2000-01-01] (Realtek Semiconductor Corp.)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 cpuz135; \??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
U0 msahci;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-31 13:25 - 2013-07-31 13:25 - 00003585 _____ C:\Users\Dirk\Desktop\JRT.txt
2013-07-31 13:22 - 2013-07-31 13:22 - 00000000 ____D C:\Windows\ERUNT
2013-07-31 13:21 - 2013-07-31 13:21 - 00562430 _____ (Oleg N. Scherbakov) C:\Users\Dirk\Downloads\JRT.exe
2013-07-31 13:18 - 2013-07-31 13:18 - 00000344 _____ C:\Windows\PFRO.log
2013-07-31 13:15 - 2013-07-31 13:17 - 00001374 _____ C:\AdwCleaner[S3].txt
2013-07-31 13:14 - 2013-07-31 13:14 - 00666633 _____ C:\Users\Dirk\Downloads\adwcleaner.exe
2013-07-31 11:56 - 2013-07-31 11:56 - 00021515 _____ C:\Users\Dirk\Downloads\Addition.txt
2013-07-31 11:55 - 2013-07-31 11:55 - 01781589 _____ (Farbar) C:\Users\Dirk\Downloads\FRST64(1).exe
2013-07-31 10:08 - 2013-07-31 10:08 - 00000000 ____D C:\FRST
2013-07-31 09:35 - 2013-07-31 09:35 - 00175862 _____ C:\Users\Dirk\Downloads\OTL.Txt
2013-07-31 09:23 - 2013-07-31 09:23 - 821139852 _____ C:\Windows\MEMORY.DMP
2013-07-31 09:23 - 2013-07-31 09:23 - 00285840 _____ C:\Windows\Minidump\073113-8750-01.dmp
2013-07-31 08:37 - 2013-07-31 08:37 - 00290256 _____ C:\Windows\Minidump\073113-6312-01.dmp
2013-07-31 08:36 - 2013-07-31 08:36 - 00377856 _____ C:\Users\Dirk\Downloads\gmer_2.1.19163.exe
2013-07-31 08:34 - 2013-07-31 09:29 - 00000470 _____ C:\Users\Dirk\Downloads\defogger_disable.log
2013-07-31 08:34 - 2013-07-31 08:34 - 00602112 _____ (OldTimer Tools) C:\Users\Dirk\Downloads\OTL.exe
2013-07-31 08:34 - 2013-07-31 08:34 - 00000168 _____ C:\Users\Dirk\defogger_reenable
2013-07-31 08:33 - 2013-07-31 08:33 - 00050477 _____ C:\Users\Dirk\Downloads\Defogger.exe
2013-07-31 08:21 - 2013-07-31 08:21 - 00043714 _____ C:\Users\Dirk\Documents\cc_20130731_082047.reg
2013-07-31 08:16 - 2013-07-31 08:16 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Avira
2013-07-31 08:10 - 2013-07-31 08:18 - 00001092 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-07-31 08:08 - 2013-07-31 08:08 - 00000000 ____D C:\ProgramData\Avira
2013-07-31 08:08 - 2013-07-31 08:08 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-31 08:08 - 2013-07-31 08:07 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-07-31 08:08 - 2013-07-31 08:07 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-07-31 08:08 - 2013-07-31 08:07 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-07-31 08:08 - 2013-07-31 08:07 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-07-31 08:04 - 2013-07-31 08:04 - 02092792 _____ C:\Users\Dirk\Downloads\avira_free_antivirus.exe
2013-07-30 21:07 - 2013-07-30 21:07 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2013-07-30 21:03 - 2013-07-30 21:07 - 00000000 ____D C:\ProgramData\HitmanPro
2013-07-30 21:03 - 2013-07-30 21:03 - 09833328 _____ (SurfRight B.V.) C:\Users\Dirk\Downloads\HitmanPro_x64.exe
2013-07-30 17:27 - 2013-07-30 17:28 - 00000000 ____D C:\Users\Dirk\Downloads\Systema
2013-07-30 17:26 - 2013-07-30 17:26 - 00000000 ____D C:\Users\Dirk\Downloads\Bleak House
2013-07-30 15:53 - 2013-07-30 15:53 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Malwarebytes
2013-07-30 15:53 - 2013-07-30 15:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-30 15:53 - 2013-07-30 15:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-30 15:53 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-30 15:40 - 2013-07-30 15:40 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-07-30 15:40 - 2000-01-01 02:00 - 22429696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2013-07-30 15:40 - 2000-01-01 02:00 - 14021912 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 09123608 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 04816664 _____ (ASUSTeKcomputer.Inc) C:\Windows\system32\RTKSMlfx.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 03693128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 03355336 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-07-30 15:40 - 2000-01-01 02:00 - 03180912 _____ C:\Windows\system32\Drivers\rtvienna.dat
2013-07-30 15:40 - 2000-01-01 02:00 - 02802760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 02734624 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 02102040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 02032408 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 01900312 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 01659464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-07-30 15:40 - 2000-01-01 02:00 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 01003080 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00912432 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00910104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00858032 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00834328 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00746840 _____ (A-Volute) C:\Windows\system32\RTKSMSettingsIPC.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00719640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00635160 _____ (SRS Labs, Inc.) C:\Windows\system32\sltech64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00613448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00612728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00569256 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00528152 _____ (SRS Labs, Inc.) C:\Windows\system32\sl3apo64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00465645 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-07-30 15:40 - 2000-01-01 02:00 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00395208 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00215320 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00148912 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00138824 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2013-07-30 15:38 - 2000-01-01 02:00 - 00019600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtcrfilt64.sys
2013-07-30 15:38 - 2000-01-01 02:00 - 00014480 _____ C:\Windows\system32\rtcrco.dll
2013-07-30 15:32 - 2013-02-25 07:22 - 00024576 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-07-30 15:31 - 2013-07-30 15:31 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-07-30 15:30 - 2000-01-01 02:00 - 24283136 _____ C:\Windows\system32\igdfcl64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 09802240 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 09362944 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 08647680 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 07861760 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 07558640 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 07093248 _____ (Intel Corporation) C:\Windows\system32\ig7icd64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 05528576 _____ (Intel Corporation) C:\Windows\SysWOW64\ig7icd32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 04534784 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2013-07-30 15:30 - 2000-01-01 02:00 - 04359168 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 03988480 _____ (Microsoft) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 03511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 03401728 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 03121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 02813952 _____ C:\Windows\system32\iglhxa64.cpa
2013-07-30 15:30 - 2000-01-01 02:00 - 02384896 _____ C:\Windows\system32\GfxRes.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 01758208 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 01040384 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00931840 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00861184 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00856576 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00745968 _____ (Intel Corporation) C:\Windows\system32\GfxUIHotKeyMenu.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00534000 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00529392 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00443904 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00443904 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00443392 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00443392 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00442368 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2013-07-30 15:30 - 2000-01-01 02:00 - 00442368 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00442368 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00442368 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00441856 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00441856 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00441856 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00441856 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00441840 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00441344 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00441344 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00440832 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00440832 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00440832 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00434176 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00434176 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00432640 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00430592 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00430080 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00407536 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00397808 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00357888 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00348160 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00345600 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00322560 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00288256 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00286720 _____ C:\Windows\system32\igdde64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00279024 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00258560 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00256973 _____ C:\Windows\system32\Gfxres.th-TH.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00250864 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00243062 _____ C:\Windows\system32\Gfxres.el-GR.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00240640 _____ C:\Windows\SysWOW64\igdde32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00225909 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00216064 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00192779 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00191488 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00189982 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00185840 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00184704 _____ C:\Windows\system32\Gfxres.he-IL.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00180224 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00173641 _____ C:\Windows\system32\Gfxres.it-IT.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00173255 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00171308 _____ C:\Windows\system32\Gfxres.es-ES.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00170949 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00170868 _____ C:\Windows\system32\Gfxres.de-DE.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00169419 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00168766 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00168624 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00168145 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00167827 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00167279 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00166207 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00166115 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00165888 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00165872 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00165805 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00165389 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00164428 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00161093 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00160055 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00159440 _____ C:\Windows\system32\Gfxres.da-DK.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00154905 _____ C:\Windows\system32\Gfxres.en-US.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00148171 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00146480 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00140288 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00124928 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2013-07-30 15:30 - 2000-01-01 02:00 - 00117760 _____ C:\Windows\system32\igdail64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00109056 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3071.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00103936 _____ C:\Windows\SysWOW64\igdail32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00064000 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00044025 _____ C:\Windows\system32\iglhxo64.vp
2013-07-30 15:30 - 2000-01-01 02:00 - 00043816 _____ C:\Windows\system32\iglhxc64_dev.vp
2013-07-30 15:30 - 2000-01-01 02:00 - 00043494 _____ C:\Windows\system32\iglhxc64.vp
2013-07-30 15:30 - 2000-01-01 02:00 - 00043298 _____ C:\Windows\system32\iglhxg64_dev.vp
2013-07-30 15:30 - 2000-01-01 02:00 - 00043256 _____ C:\Windows\system32\iglhxg64.vp
2013-07-30 15:30 - 2000-01-01 02:00 - 00042079 _____ C:\Windows\system32\iglhxo64_dev.vp
2013-07-30 15:30 - 2000-01-01 02:00 - 00029184 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00017502 _____ C:\Windows\system32\iglhxs64.vp
2013-07-30 15:30 - 2000-01-01 02:00 - 00015360 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00012288 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00001125 _____ C:\Windows\system32\iglhxa64.vp
2013-07-30 15:26 - 2013-07-30 15:26 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-07-30 15:26 - 2013-07-30 15:26 - 00000000 ____D C:\Users\Dirk\AppData\Local\SlimWare Utilities Inc
2013-07-30 14:58 - 2013-07-30 14:58 - 02526590 _____ C:\Users\Dirk\Documents\UX31AAS219.zip
2013-07-30 14:53 - 2013-07-30 14:53 - 00017408 ___SH C:\Users\Dirk\Documents\Thumbs.db
2013-07-30 14:52 - 2013-07-30 14:58 - 00000000 ____D C:\Users\Dirk\AppData\Local\Akamai
2013-07-30 14:01 - 2013-06-21 03:09 - 00505576 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\ImatDmk.sys
2013-07-30 14:01 - 2013-06-21 03:09 - 00307888 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\MfeEEFF.sys
2013-07-30 14:01 - 2013-06-21 03:09 - 00206424 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\ImatDs.sys
2013-07-30 14:01 - 2013-06-21 03:09 - 00067880 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\MfeEEFFV.sys
2013-07-30 14:01 - 2013-06-21 03:09 - 00016360 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\ImatDisk.sys
2013-07-30 14:00 - 2013-07-30 14:01 - 00000000 ____D C:\Users\Default\AppData\Roaming\IMAT
2013-07-30 14:00 - 2013-07-30 14:01 - 00000000 ____D C:\Users\Default User\AppData\Roaming\IMAT
2013-07-30 13:55 - 2013-07-30 14:00 - 00000000 ____D C:\Program Files\McAfeeAntiTheft
2013-07-30 13:55 - 2013-07-30 13:55 - 00000000 ____D C:\Program Files\Common Files\McAfeeAntiTheft
2013-07-29 20:22 - 2013-07-29 04:29 - 480515936 _____ C:\Users\Dirk\Downloads\Title.S06e07.HDTV.x264-2HD.mp4
2013-07-29 17:23 - 2013-07-29 17:23 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-29 17:23 - 2013-07-29 17:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-29 13:41 - 2013-07-30 17:24 - 00000000 ____D C:\Users\Dirk\Downloads\Systema - Val Riazanov - Ballistic Striking
2013-07-29 11:14 - 2013-07-29 11:14 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Should I Remove It
2013-07-29 11:14 - 2013-07-29 11:14 - 00000000 ____D C:\Program Files (x86)\Reason
2013-07-29 10:25 - 2013-07-29 11:14 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-07-28 21:57 - 2013-07-25 21:09 - 551114165 _____ C:\Users\Dirk\Downloads\True Blood S06e06.mp4
2013-07-28 21:47 - 2013-07-27 13:45 - 397154176 _____ C:\Users\Dirk\Downloads\luther.S03E04.mp4
2013-07-27 10:36 - 2013-07-27 10:43 - 00002234 _____ C:\ProgramData\lxebJSW.log
2013-07-27 00:31 - 2013-07-27 10:30 - 00000000 ____D C:\Users\Dirk\Downloads\Breaking Bad season 3
2013-07-23 09:50 - 2010-12-04 19:14 - 733900800 _____ C:\Users\Dirk\Downloads\Shaun das Schaaf - Die Schlammschlacht.avi
2013-07-23 09:45 - 2013-07-30 17:27 - 00000000 ____D C:\Users\Dirk\Downloads\wizard
2013-07-23 09:14 - 2013-07-28 16:31 - 00000000 ____D C:\Users\Dirk\Desktop\Bayreuth
2013-07-21 21:35 - 2013-07-30 17:29 - 00000000 ____D C:\Users\Dirk\Downloads\Homicide
2013-07-18 20:27 - 2013-07-18 20:50 - 1661405712 _____ C:\Users\Dirk\Downloads\the act of killing.m4v
2013-07-18 09:03 - 2013-07-18 09:03 - 00000000 ____D C:\Windows\system32\MRT
2013-07-17 19:54 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-07-17 19:54 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-07-17 19:54 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-07-17 19:54 - 2013-06-01 13:33 - 02233600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-17 19:54 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-07-17 19:54 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-07-17 19:54 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-17 19:54 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-07-17 19:54 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-07-17 19:54 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-17 19:54 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-07-17 19:54 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-07-17 19:54 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-07-17 19:54 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-07-17 19:54 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-07-17 19:54 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-07-17 19:54 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-17 19:54 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-17 19:54 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-07-17 19:54 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2013-07-17 19:54 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-07-17 19:54 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2013-07-17 19:54 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-07-17 19:54 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2013-07-17 19:54 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2013-07-17 19:54 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-07-17 19:54 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-07-17 19:54 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2013-07-17 19:54 - 2013-06-01 05:08 - 00117632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthA2DP.sys
2013-07-17 19:54 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-07-17 19:54 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-07-17 19:54 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-07-17 19:54 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-07-17 19:54 - 2013-05-20 02:08 - 00386642 _____ C:\Windows\system32\ApnDatabase.xml
2013-07-17 19:46 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-07-14 16:33 - 2013-07-14 17:15 - 00000141 _____ C:\Windows\spwdrp.INI
2013-07-14 16:33 - 2013-07-14 17:15 - 00000000 ____D C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery
2013-07-14 16:33 - 2012-12-06 11:27 - 06131200 _____ (Advanced Messaging Systems LLC) C:\Windows\SysWOW64\PhoenixDll.dll
2013-07-14 16:33 - 2012-12-04 21:29 - 00791680 _____ (Advanced Messaging Systems LLC) C:\Windows\SysWOW64\StellarProfile.dll
2013-07-14 14:48 - 2013-07-31 09:23 - 00412912 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-14 12:38 - 2013-07-14 12:38 - 00000000 ____D C:\ProgramData\Western Digital
2013-07-10 23:20 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 23:20 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 23:20 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 23:20 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 23:20 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 23:19 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 23:19 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 23:19 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 23:19 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 23:19 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 23:19 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 23:19 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 23:19 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 23:19 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 23:19 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 23:19 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 23:19 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 23:18 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 23:18 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 23:18 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 23:18 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 23:18 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 23:13 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 23:13 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-04 21:19 - 2013-07-31 13:29 - 01567215 _____ C:\Windows\WindowsUpdate.log
2013-07-04 20:28 - 2013-07-04 20:28 - 00000000 ____D C:\Users\Public\Anvisoft
2013-07-04 20:09 - 2013-07-07 17:04 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvisoft
2013-07-04 20:09 - 2013-07-07 17:04 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2013-07-04 09:42 - 2013-07-07 17:10 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-04 09:42 - 2013-07-07 17:10 - 00000000 ____D C:\Program Files\iTunes
2013-07-04 09:42 - 2013-07-07 17:10 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-07-04 09:42 - 2013-07-07 17:09 - 00000000 ____D C:\Program Files\iPod
==================== One Month Modified Files and Folders =======
2013-07-31 13:29 - 2013-07-04 21:19 - 01567215 _____ C:\Windows\WindowsUpdate.log
2013-07-31 13:29 - 2013-06-04 08:48 - 00005144 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for DIESCHMIEDE-Dirk DieSchmiede
2013-07-31 13:26 - 2012-08-03 01:02 - 00760560 _____ C:\Windows\system32\perfh007.dat
2013-07-31 13:26 - 2012-08-03 01:02 - 00158770 _____ C:\Windows\system32\perfc007.dat
2013-07-31 13:26 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-31 13:25 - 2013-07-31 13:25 - 00003585 _____ C:\Users\Dirk\Desktop\JRT.txt
2013-07-31 13:22 - 2013-07-31 13:22 - 00000000 ____D C:\Windows\ERUNT
2013-07-31 13:21 - 2013-07-31 13:21 - 00562430 _____ (Oleg N. Scherbakov) C:\Users\Dirk\Downloads\JRT.exe
2013-07-31 13:19 - 2013-04-08 16:01 - 00000000 ___RD C:\Users\Dirk\SkyDrive
2013-07-31 13:18 - 2013-07-31 13:18 - 00000344 _____ C:\Windows\PFRO.log
2013-07-31 13:18 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-31 13:17 - 2013-07-31 13:15 - 00001374 _____ C:\AdwCleaner[S3].txt
2013-07-31 13:16 - 2013-03-04 18:37 - 00000000 ____D C:\Users\Dirk\Documents\Outlook-Dateien
2013-07-31 13:14 - 2013-07-31 13:14 - 00666633 _____ C:\Users\Dirk\Downloads\adwcleaner.exe
2013-07-31 13:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-07-31 12:31 - 2012-12-19 22:34 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Dropbox
2013-07-31 12:18 - 2012-12-19 22:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-31 11:56 - 2013-07-31 11:56 - 00021515 _____ C:\Users\Dirk\Downloads\Addition.txt
2013-07-31 11:55 - 2013-07-31 11:55 - 01781589 _____ (Farbar) C:\Users\Dirk\Downloads\FRST64(1).exe
2013-07-31 11:47 - 2012-12-27 15:11 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\vlc
2013-07-31 11:19 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-07-31 10:10 - 2012-12-19 22:39 - 00000000 ___RD C:\Users\Dirk\Dropbox
2013-07-31 10:08 - 2013-07-31 10:08 - 00000000 ____D C:\FRST
2013-07-31 09:43 - 2012-12-17 20:33 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-502259374-826088890-3482316187-1001
2013-07-31 09:35 - 2013-07-31 09:35 - 00175862 _____ C:\Users\Dirk\Downloads\OTL.Txt
2013-07-31 09:29 - 2013-07-31 08:34 - 00000470 _____ C:\Users\Dirk\Downloads\defogger_disable.log
2013-07-31 09:23 - 2013-07-31 09:23 - 821139852 _____ C:\Windows\MEMORY.DMP
2013-07-31 09:23 - 2013-07-31 09:23 - 00285840 _____ C:\Windows\Minidump\073113-8750-01.dmp
2013-07-31 09:23 - 2013-07-14 14:48 - 00412912 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-31 09:23 - 2012-12-17 21:42 - 00000000 ____D C:\Windows\Minidump
2013-07-31 08:37 - 2013-07-31 08:37 - 00290256 _____ C:\Windows\Minidump\073113-6312-01.dmp
2013-07-31 08:36 - 2013-07-31 08:36 - 00377856 _____ C:\Users\Dirk\Downloads\gmer_2.1.19163.exe
2013-07-31 08:34 - 2013-07-31 08:34 - 00602112 _____ (OldTimer Tools) C:\Users\Dirk\Downloads\OTL.exe
2013-07-31 08:34 - 2013-07-31 08:34 - 00000168 _____ C:\Users\Dirk\defogger_reenable
2013-07-31 08:34 - 2012-12-17 20:16 - 00000000 ____D C:\Users\Dirk
2013-07-31 08:33 - 2013-07-31 08:33 - 00050477 _____ C:\Users\Dirk\Downloads\Defogger.exe
2013-07-31 08:21 - 2013-07-31 08:21 - 00043714 _____ C:\Users\Dirk\Documents\cc_20130731_082047.reg
2013-07-31 08:18 - 2013-07-31 08:10 - 00001092 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-07-31 08:16 - 2013-07-31 08:16 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Avira
2013-07-31 08:16 - 2013-02-06 21:54 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\uTorrent
2013-07-31 08:16 - 2013-01-02 11:47 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\DAEMON Tools Lite
2013-07-31 08:10 - 2012-07-26 07:26 - 00524288 ___SH C:\Windows\system32\config\BBI
2013-07-31 08:08 - 2013-07-31 08:08 - 00000000 ____D C:\ProgramData\Avira
2013-07-31 08:08 - 2013-07-31 08:08 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-31 08:07 - 2013-07-31 08:08 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-07-31 08:07 - 2013-07-31 08:08 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-07-31 08:07 - 2013-07-31 08:08 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-07-31 08:07 - 2013-07-31 08:08 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-07-31 08:04 - 2013-07-31 08:04 - 02092792 _____ C:\Users\Dirk\Downloads\avira_free_antivirus.exe
2013-07-30 22:23 - 2013-02-06 21:17 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\UseNeXT
2013-07-30 21:07 - 2013-07-30 21:07 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2013-07-30 21:07 - 2013-07-30 21:03 - 00000000 ____D C:\ProgramData\HitmanPro
2013-07-30 21:03 - 2013-07-30 21:03 - 09833328 _____ (SurfRight B.V.) C:\Users\Dirk\Downloads\HitmanPro_x64.exe
2013-07-30 17:29 - 2013-07-21 21:35 - 00000000 ____D C:\Users\Dirk\Downloads\Homicide
2013-07-30 17:28 - 2013-07-30 17:27 - 00000000 ____D C:\Users\Dirk\Downloads\Systema
2013-07-30 17:27 - 2013-07-23 09:45 - 00000000 ____D C:\Users\Dirk\Downloads\wizard
2013-07-30 17:26 - 2013-07-30 17:26 - 00000000 ____D C:\Users\Dirk\Downloads\Bleak House
2013-07-30 17:24 - 2013-07-29 13:41 - 00000000 ____D C:\Users\Dirk\Downloads\Systema - Val Riazanov - Ballistic Striking
2013-07-30 17:24 - 2013-02-15 15:20 - 00376320 ___SH C:\Users\Dirk\Downloads\Thumbs.db
2013-07-30 16:37 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-07-30 15:53 - 2013-07-30 15:53 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Malwarebytes
2013-07-30 15:53 - 2013-07-30 15:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-30 15:53 - 2013-07-30 15:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-30 15:40 - 2013-07-30 15:40 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-07-30 15:40 - 2012-11-17 13:23 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-30 15:39 - 2012-11-17 13:25 - 00016258 _____ C:\Windows\system32\results.xml
2013-07-30 15:38 - 2012-11-17 13:29 - 00000000 ____D C:\Windows\SysWOW64\sda
2013-07-30 15:38 - 2012-11-17 13:27 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-07-30 15:31 - 2013-07-30 15:31 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-07-30 15:31 - 2012-11-17 13:24 - 00000000 ____D C:\Program Files\Common Files\Intel
2013-07-30 15:31 - 2012-11-17 13:23 - 00000000 ____D C:\Program Files (x86)\Intel
2013-07-30 15:26 - 2013-07-30 15:26 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-07-30 15:26 - 2013-07-30 15:26 - 00000000 ____D C:\Users\Dirk\AppData\Local\SlimWare Utilities Inc
2013-07-30 14:58 - 2013-07-30 14:58 - 02526590 _____ C:\Users\Dirk\Documents\UX31AAS219.zip
2013-07-30 14:58 - 2013-07-30 14:52 - 00000000 ____D C:\Users\Dirk\AppData\Local\Akamai
2013-07-30 14:53 - 2013-07-30 14:53 - 00017408 ___SH C:\Users\Dirk\Documents\Thumbs.db
2013-07-30 14:53 - 2013-04-09 12:35 - 00000000 ____D C:\Users\Dirk\Documents\Dungeon_World
2013-07-30 14:35 - 2013-03-28 13:56 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-07-30 14:01 - 2013-07-30 14:00 - 00000000 ____D C:\Users\Default\AppData\Roaming\IMAT
2013-07-30 14:01 - 2013-07-30 14:00 - 00000000 ____D C:\Users\Default User\AppData\Roaming\IMAT
2013-07-30 14:01 - 2013-03-28 13:56 - 00000000 ____D C:\Program Files\McAfee
2013-07-30 14:00 - 2013-07-30 13:55 - 00000000 ____D C:\Program Files\McAfeeAntiTheft
2013-07-30 13:55 - 2013-07-30 13:55 - 00000000 ____D C:\Program Files\Common Files\McAfeeAntiTheft
2013-07-29 17:23 - 2013-07-29 17:23 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-29 17:23 - 2013-07-29 17:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-29 11:14 - 2013-07-29 11:14 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Should I Remove It
2013-07-29 11:14 - 2013-07-29 11:14 - 00000000 ____D C:\Program Files (x86)\Reason
2013-07-29 11:14 - 2013-07-29 10:25 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-07-29 04:29 - 2013-07-29 20:22 - 480515936 _____ C:\Users\Dirk\Downloads\Title.S06e07.HDTV.x264-2HD.mp4
2013-07-28 16:44 - 2012-12-25 10:26 - 00000000 ____D C:\Users\Dirk\AppData\Local\Adobe
2013-07-28 16:44 - 2012-12-19 22:02 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-28 16:43 - 2013-04-08 19:10 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-07-28 16:31 - 2013-07-23 09:14 - 00000000 ____D C:\Users\Dirk\Desktop\Bayreuth
2013-07-27 13:45 - 2013-07-28 21:47 - 397154176 _____ C:\Users\Dirk\Downloads\luther.S03E04.mp4
2013-07-27 11:12 - 2012-12-17 20:17 - 00000000 ____D C:\Users\Dirk\AppData\Local\Packages
2013-07-27 10:43 - 2013-07-27 10:36 - 00002234 _____ C:\ProgramData\lxebJSW.log
2013-07-27 10:36 - 2013-06-06 15:29 - 00000000 ____D C:\ProgramData\lx_Cats
2013-07-27 10:30 - 2013-07-27 00:31 - 00000000 ____D C:\Users\Dirk\Downloads\Breaking Bad season 3
2013-07-26 23:52 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-25 21:09 - 2013-07-28 21:57 - 551114165 _____ C:\Users\Dirk\Downloads\True Blood S06e06.mp4
2013-07-18 20:50 - 2013-07-18 20:27 - 1661405712 _____ C:\Users\Dirk\Downloads\the act of killing.m4v
2013-07-18 09:04 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-18 09:03 - 2013-07-18 09:03 - 00000000 ____D C:\Windows\system32\MRT
2013-07-14 17:15 - 2013-07-14 16:33 - 00000141 _____ C:\Windows\spwdrp.INI
2013-07-14 17:15 - 2013-07-14 16:33 - 00000000 ____D C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery
2013-07-14 12:38 - 2013-07-14 12:38 - 00000000 ____D C:\ProgramData\Western Digital
2013-07-11 12:26 - 2012-07-26 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-07 19:09 - 2013-04-16 10:26 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-07-07 19:07 - 2012-07-26 07:26 - 00000306 _____ C:\Windows\win.ini
2013-07-07 17:10 - 2013-07-04 09:42 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-07 17:10 - 2013-07-04 09:42 - 00000000 ____D C:\Program Files\iTunes
2013-07-07 17:10 - 2013-07-04 09:42 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-07-07 17:10 - 2013-05-26 19:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-07 17:10 - 2013-01-28 12:18 - 00000000 ____D C:\Users\Administrator
2013-07-07 17:10 - 2013-01-02 21:01 - 00000000 ____D C:\Users\Dirk\Documents\WinFlash_Win8_64_Z2411
2013-07-07 17:10 - 2013-01-02 11:45 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-07-07 17:10 - 2012-12-26 17:30 - 00000000 ____D C:\Users\Dirk\AppData\Local\Studio_pomaranča_d.o.o__O
2013-07-07 17:10 - 2012-12-23 23:37 - 00000000 ____D C:\Users\Dirk\Documents\Writemonkey
2013-07-07 17:10 - 2012-12-19 11:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-07 17:10 - 2012-12-17 20:18 - 00000000 ___RD C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-07 17:10 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-07-07 17:10 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-07-07 17:10 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\registration
2013-07-07 17:10 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-07-07 17:10 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-07-07 17:10 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-07-07 17:10 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Sysprep
2013-07-07 17:10 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2013-07-07 17:10 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-07-07 17:09 - 2013-07-04 09:42 - 00000000 ____D C:\Program Files\iPod
2013-07-07 17:09 - 2013-06-26 21:27 - 00000000 ____D C:\Users\Dirk\Documents\OCTGN
2013-07-07 17:09 - 2013-04-16 08:43 - 00000000 __RHD C:\MSOCache
2013-07-07 17:09 - 2013-03-10 08:47 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-07 17:09 - 2012-12-19 11:01 - 00000000 ____D C:\Users\Dirk\AppData\Local\Mozilla
2013-07-07 17:04 - 2013-07-04 20:09 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvisoft
2013-07-07 17:04 - 2013-07-04 20:09 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2013-07-07 17:04 - 2013-06-16 21:07 - 00000000 ____D C:\Users\Dirk\AppData\Local\Google
2013-07-04 20:29 - 2012-08-03 00:24 - 00000000 ____D C:\Windows\Panther
2013-07-04 20:28 - 2013-07-04 20:28 - 00000000 ____D C:\Users\Public\Anvisoft
2013-07-02 10:26 - 2013-04-08 16:01 - 00002281 _____ C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-31 03:00
==================== End Of Log ============================
--- --- --- |
|
31.07.2013, 15:30
| #8 |
| /// the machine /// TB-Ausbilder | Seth Avazutracking.netESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.07.2013, 19:00
| #9 |
| | Seth Avazutracking.netCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=2cb93697db51ac4b847915a055d65b19
# engine=14602
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-31 05:34:39
# local_time=2013-07-31 07:34:39 (+0100, Mitteleuropäische Sommerzeit)
# country="United Kingdom"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=1799 16775165 100 94 19119 41370 11907 0
# compatibility_mode=5893 16776574 100 94 41181 15881178 0 0
# scanned=220265
# found=0
# cleaned=0
# scan_time=2585
Code:
ATTFilter Results of screen317's Security Check version 0.99.71 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender Avira Desktop Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Adobe Flash Player 11.8.800.94 Adobe Reader XI Mozilla Firefox (22.0) Google Chrome 27.0.1453.116 ````````Process Check: objlist.exe by Laurent```````` Avira Antivir avgnt.exe Avira Antivir avguard.exe Dirk Downloads Virus FRST64(1).exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-07-2013 03
Ran by Dirk (administrator) on 31-07-2013 19:46:55
Running from C:\Users\Dirk\Downloads\Virus
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\system32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
() C:\Windows\system32\DptfPolicyConfigTDPService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
( ) C:\Windows\system32\lxebcoms.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\MfeFfCoreService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft) C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(McAfee, Inc.) c:\PROGRA~1\mcafee\msc\mcawfwk.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16613_none_6273bd8950d6cae2\TiWorker.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(McAfee, Inc.) C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\MfeFfCore.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Fieldston Software) C:\Program Files\Fieldston Software\gSyncit\gsyncit.exe
(Microsoft Corporation) C:\Users\Dirk\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Dropbox, Inc.) C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Microsoft Corporation) C:\Windows\system32\PrintIsolationHost.exe
(Farbar) C:\Users\Dirk\Downloads\Virus\FRST64(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [DptfPolicyLpmServiceHelper] - C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [21888 2012-07-30] ()
HKLM\...\Run: [ASUSQuickGesture(x86)] - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [20352 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUSTPLoader(x64)] - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe [169856 2012-09-11] (AsusTek)
HKLM\...\Run: [ASUSQuickGesture(x64)] - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe [22400 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp [x]
HKLM\...\Run: [MfeFfCore] - C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\MfeFfCore.exe [399176 2012-02-13] (McAfee, Inc.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2000-01-01] (Realtek Semiconductor)
HKLM\...\InprocServer32: [Default-cscui] <==== ATTENTION!
HKCU\...\Run: [DriverBoost] - C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe [3537336 2012-11-12] (PC Drivers Headquarters)
HKCU\...\Run: [Driver Detective] - C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe [3537336 2012-11-12] (PC Drivers Headquarters)
HKCU\...\Run: [gSyncit] - C:\Program Files\Fieldston Software\gSyncit\gsyncit.exe [166592 2013-04-08] (Fieldston Software)
HKCU\...\Run: [SkyDrive] - C:\Users\Dirk\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-07-02] (Microsoft Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Dirk\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
MountPoints2: {4a2d34d9-5135-11e2-be75-b92e64a0587f} - "D:\KoDP.exe" autorun
MountPoints2: {ac1082d3-c4c0-11e2-be8f-972169402560} - "E:\LaunchU3.exe" -a
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [299648 2012-10-07] (McAfee, Inc.)
HKLM-x32\...\Run: [ATUninstallIcon] - C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe [511232 2013-04-23] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [MetroTileShortcut] - C:\Program Files\McAfeeAntiTheft\2.2.279.5\McATUIHost.exe [1120992 2013-07-04] (McAfee, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-31] (Avira Operations GmbH & Co. KG)
AppInit_DLLs: C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\ImatSup.dll [61688 2013-06-21] ()
Startup: C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ASUS Browser Extension x64 - {78234974-0C4B-4111-BDEB-D9A104418772} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {0C9F4179-A319-4c6a-A3E5-67FF3592A12E} - No File
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ASUS Browser Extension x86 - {78234974-0C4B-4111-BDEB-D9A104418771} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll (ASUSTeK Computer Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab
Handler: ipp - No CLSID Value -
Handler: msdaipp - No CLSID Value -
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: ipp - No CLSID Value -
Handler-x32: msdaipp - No CLSID Value -
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\2acnq9pm.default
FF NewTab: user_pref("browser.newtab.url", "");
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.teamliquid.net/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\2acnq9pm.default\Extensions\protectme@protectme.com
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Dirk\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll No File
CHR Extension: (Docs) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Gmail) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-31] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [331776 2012-07-26] (Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [29056 2012-07-30] ()
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [30592 2012-07-30] ()
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-30] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 lxeb_device; C:\Windows\system32\lxebcoms.exe [1052328 2010-04-14] ( )
S2 McATScheduler; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 MfeFfCoreService; C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\MfeFfCoreService.exe [205128 2012-02-13] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-09] (Microsoft Corporation)
R2 Time; C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe [10752 2013-07-04] (Microsoft)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [56704 2012-09-11] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-07-31] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130016 2013-07-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-07-31] (Avira Operations GmbH & Co. KG)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [115400 2013-06-24] (ASIX Electronics Corp.)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [117632 2013-06-01] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [30720 2013-02-02] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-07-13] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-07-13] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-07-13] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [96064 2012-07-13] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [228672 2012-07-13] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [361792 2012-07-13] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-05-04] (DT Soft Ltd)
R1 ImatDisk; C:\Windows\system32\DRIVERS\ImatDisk.sys [16360 2013-06-21] (McAfee, Inc.)
R1 ImatDmk; C:\Windows\System32\DRIVERS\ImatDmk.sys [505576 2013-06-21] (McAfee, Inc.)
R1 ImatDs; C:\Windows\System32\DRIVERS\ImatDs.sys [206424 2013-06-21] (McAfee, Inc.)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-30] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R1 MfeEEFF; C:\Windows\System32\DRIVERS\MfeEEFF.sys [307888 2013-06-21] (McAfee, Inc.)
R1 MfeEEFFV; C:\Windows\System32\DRIVERS\MfeEEFFV.sys [67880 2013-06-21] (McAfee, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4293672 2012-09-13] (Intel Corporation)
R0 rtcrfilt64; C:\Windows\System32\DRIVERS\rtcrfilt64.sys [19600 2000-01-01] (Realtek Semiconductor Corp.)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 cpuz135; \??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
U0 msahci;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-31 19:43 - 2013-07-31 19:43 - 00891098 _____ C:\Users\Dirk\Downloads\SecurityCheck.exe
2013-07-31 18:47 - 2013-07-31 18:47 - 02347384 _____ (ESET) C:\Users\Dirk\Downloads\esetsmartinstaller_enu.exe
2013-07-31 14:37 - 2013-07-31 19:08 - 00000000 ____D C:\Users\Dirk\Downloads\Virus
2013-07-31 14:22 - 2013-07-31 15:07 - 2312284357 _____ C:\Users\Dirk\Downloads\ballisticstrikes.zip
2013-07-31 13:22 - 2013-07-31 13:22 - 00000000 ____D C:\Windows\ERUNT
2013-07-31 13:18 - 2013-07-31 19:45 - 00001178 _____ C:\Windows\PFRO.log
2013-07-31 13:15 - 2013-07-31 13:17 - 00001374 _____ C:\AdwCleaner[S3].txt
2013-07-31 10:08 - 2013-07-31 10:08 - 00000000 ____D C:\FRST
2013-07-31 09:23 - 2013-07-31 09:23 - 821139852 _____ C:\Windows\MEMORY.DMP
2013-07-31 09:23 - 2013-07-31 09:23 - 00285840 _____ C:\Windows\Minidump\073113-8750-01.dmp
2013-07-31 08:37 - 2013-07-31 08:37 - 00290256 _____ C:\Windows\Minidump\073113-6312-01.dmp
2013-07-31 08:34 - 2013-07-31 08:34 - 00000168 _____ C:\Users\Dirk\defogger_reenable
2013-07-31 08:21 - 2013-07-31 08:21 - 00043714 _____ C:\Users\Dirk\Documents\cc_20130731_082047.reg
2013-07-31 08:16 - 2013-07-31 08:16 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Avira
2013-07-31 08:10 - 2013-07-31 08:18 - 00001092 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-07-31 08:08 - 2013-07-31 08:08 - 00000000 ____D C:\ProgramData\Avira
2013-07-31 08:08 - 2013-07-31 08:08 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-31 08:08 - 2013-07-31 08:07 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-07-31 08:08 - 2013-07-31 08:07 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-07-31 08:08 - 2013-07-31 08:07 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-07-31 08:08 - 2013-07-31 08:07 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-07-30 21:07 - 2013-07-30 21:07 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2013-07-30 21:03 - 2013-07-30 21:07 - 00000000 ____D C:\ProgramData\HitmanPro
2013-07-30 17:27 - 2013-07-31 18:42 - 00000000 ____D C:\Users\Dirk\Downloads\Systema
2013-07-30 17:26 - 2013-07-31 18:14 - 00000000 ____D C:\Users\Dirk\Downloads\Bleak House
2013-07-30 15:53 - 2013-07-30 15:53 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Malwarebytes
2013-07-30 15:53 - 2013-07-30 15:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-30 15:53 - 2013-07-30 15:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-30 15:53 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-30 15:40 - 2013-07-30 15:40 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-07-30 15:40 - 2000-01-01 02:00 - 22429696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2013-07-30 15:40 - 2000-01-01 02:00 - 14021912 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 09123608 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 04816664 _____ (ASUSTeKcomputer.Inc) C:\Windows\system32\RTKSMlfx.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 03693128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 03355336 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-07-30 15:40 - 2000-01-01 02:00 - 03180912 _____ C:\Windows\system32\Drivers\rtvienna.dat
2013-07-30 15:40 - 2000-01-01 02:00 - 02802760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 02734624 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 02102040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 02032408 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 01900312 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 01659464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-07-30 15:40 - 2000-01-01 02:00 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 01003080 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00912432 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00910104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00858032 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00834328 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00746840 _____ (A-Volute) C:\Windows\system32\RTKSMSettingsIPC.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00719640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00635160 _____ (SRS Labs, Inc.) C:\Windows\system32\sltech64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00613448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00612728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00569256 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00528152 _____ (SRS Labs, Inc.) C:\Windows\system32\sl3apo64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00465645 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-07-30 15:40 - 2000-01-01 02:00 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00395208 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00215320 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00148912 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00138824 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2013-07-30 15:40 - 2000-01-01 02:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2013-07-30 15:38 - 2000-01-01 02:00 - 00019600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtcrfilt64.sys
2013-07-30 15:38 - 2000-01-01 02:00 - 00014480 _____ C:\Windows\system32\rtcrco.dll
2013-07-30 15:32 - 2013-02-25 07:22 - 00024576 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-07-30 15:31 - 2013-07-30 15:31 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-07-30 15:30 - 2000-01-01 02:00 - 24283136 _____ C:\Windows\system32\igdfcl64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 09802240 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 09362944 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 08647680 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 07861760 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 07558640 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 07093248 _____ (Intel Corporation) C:\Windows\system32\ig7icd64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 05528576 _____ (Intel Corporation) C:\Windows\SysWOW64\ig7icd32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 04534784 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2013-07-30 15:30 - 2000-01-01 02:00 - 04359168 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 03988480 _____ (Microsoft) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 03511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 03401728 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 03121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 02813952 _____ C:\Windows\system32\iglhxa64.cpa
2013-07-30 15:30 - 2000-01-01 02:00 - 02384896 _____ C:\Windows\system32\GfxRes.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 01758208 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 01040384 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00931840 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00861184 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00856576 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00745968 _____ (Intel Corporation) C:\Windows\system32\GfxUIHotKeyMenu.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00534000 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00529392 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00443904 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00443904 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00443392 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00443392 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00442368 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2013-07-30 15:30 - 2000-01-01 02:00 - 00442368 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00442368 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00442368 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00441856 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00441856 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00441856 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00441856 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00441840 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00441344 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00441344 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00440832 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00440832 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00440832 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00434176 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00434176 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00432640 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00430592 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00430080 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00407536 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00397808 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00357888 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00348160 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00345600 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00322560 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00288256 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2013-07-30 15:30 - 2000-01-01 02:00 - 00286720 _____ C:\Windows\system32\igdde64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00279024 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00258560 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00256973 _____ C:\Windows\system32\Gfxres.th-TH.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00250864 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00243062 _____ C:\Windows\system32\Gfxres.el-GR.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00240640 _____ C:\Windows\SysWOW64\igdde32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00225909 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00216064 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00192779 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00191488 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00189982 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00185840 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00184704 _____ C:\Windows\system32\Gfxres.he-IL.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00180224 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00173641 _____ C:\Windows\system32\Gfxres.it-IT.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00173255 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00171308 _____ C:\Windows\system32\Gfxres.es-ES.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00170949 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00170868 _____ C:\Windows\system32\Gfxres.de-DE.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00169419 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00168766 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00168624 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00168145 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00167827 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00167279 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00166207 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00166115 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00165888 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00165872 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2013-07-30 15:30 - 2000-01-01 02:00 - 00165805 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00165389 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00164428 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00161093 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00160055 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00159440 _____ C:\Windows\system32\Gfxres.da-DK.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00154905 _____ C:\Windows\system32\Gfxres.en-US.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00148171 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00146480 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2013-07-30 15:30 - 2000-01-01 02:00 - 00140288 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00124928 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2013-07-30 15:30 - 2000-01-01 02:00 - 00117760 _____ C:\Windows\system32\igdail64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00109056 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3071.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00103936 _____ C:\Windows\SysWOW64\igdail32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00064000 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00044025 _____ C:\Windows\system32\iglhxo64.vp
2013-07-30 15:30 - 2000-01-01 02:00 - 00043816 _____ C:\Windows\system32\iglhxc64_dev.vp
2013-07-30 15:30 - 2000-01-01 02:00 - 00043494 _____ C:\Windows\system32\iglhxc64.vp
2013-07-30 15:30 - 2000-01-01 02:00 - 00043298 _____ C:\Windows\system32\iglhxg64_dev.vp
2013-07-30 15:30 - 2000-01-01 02:00 - 00043256 _____ C:\Windows\system32\iglhxg64.vp
2013-07-30 15:30 - 2000-01-01 02:00 - 00042079 _____ C:\Windows\system32\iglhxo64_dev.vp
2013-07-30 15:30 - 2000-01-01 02:00 - 00029184 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00017502 _____ C:\Windows\system32\iglhxs64.vp
2013-07-30 15:30 - 2000-01-01 02:00 - 00015360 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00012288 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2013-07-30 15:30 - 2000-01-01 02:00 - 00001125 _____ C:\Windows\system32\iglhxa64.vp
2013-07-30 15:26 - 2013-07-30 15:26 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-07-30 15:26 - 2013-07-30 15:26 - 00000000 ____D C:\Users\Dirk\AppData\Local\SlimWare Utilities Inc
2013-07-30 14:58 - 2013-07-30 14:58 - 02526590 _____ C:\Users\Dirk\Documents\UX31AAS219.zip
2013-07-30 14:53 - 2013-07-30 14:53 - 00017408 ___SH C:\Users\Dirk\Documents\Thumbs.db
2013-07-30 14:52 - 2013-07-30 14:58 - 00000000 ____D C:\Users\Dirk\AppData\Local\Akamai
2013-07-30 14:01 - 2013-06-21 03:09 - 00505576 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\ImatDmk.sys
2013-07-30 14:01 - 2013-06-21 03:09 - 00307888 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\MfeEEFF.sys
2013-07-30 14:01 - 2013-06-21 03:09 - 00206424 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\ImatDs.sys
2013-07-30 14:01 - 2013-06-21 03:09 - 00067880 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\MfeEEFFV.sys
2013-07-30 14:01 - 2013-06-21 03:09 - 00016360 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\ImatDisk.sys
2013-07-30 14:00 - 2013-07-31 16:20 - 00000000 ____D C:\Users\Default\AppData\Roaming\IMAT
2013-07-30 14:00 - 2013-07-31 16:20 - 00000000 ____D C:\Users\Default User\AppData\Roaming\IMAT
2013-07-30 13:55 - 2013-07-31 16:20 - 00000000 ____D C:\Program Files\McAfeeAntiTheft
2013-07-30 13:55 - 2013-07-30 13:55 - 00000000 ____D C:\Program Files\Common Files\McAfeeAntiTheft
2013-07-29 20:22 - 2013-07-29 04:29 - 480515936 _____ C:\Users\Dirk\Downloads\Title.S06e07.HDTV.x264-2HD.mp4
2013-07-29 17:23 - 2013-07-29 17:23 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-29 17:23 - 2013-07-29 17:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-29 11:14 - 2013-07-29 11:14 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Should I Remove It
2013-07-29 11:14 - 2013-07-29 11:14 - 00000000 ____D C:\Program Files (x86)\Reason
2013-07-29 10:25 - 2013-07-29 11:14 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-07-28 21:57 - 2013-07-25 21:09 - 551114165 _____ C:\Users\Dirk\Downloads\True Blood S06e06.mp4
2013-07-28 21:47 - 2013-07-27 13:45 - 397154176 _____ C:\Users\Dirk\Downloads\luther.S03E04.mp4
2013-07-27 10:36 - 2013-07-27 10:43 - 00002234 _____ C:\ProgramData\lxebJSW.log
2013-07-27 00:31 - 2013-07-27 10:30 - 00000000 ____D C:\Users\Dirk\Downloads\Breaking Bad season 3
2013-07-23 09:50 - 2010-12-04 19:14 - 733900800 _____ C:\Users\Dirk\Downloads\Shaun das Schaaf - Die Schlammschlacht.avi
2013-07-23 09:45 - 2013-07-31 14:39 - 00000000 ____D C:\Users\Dirk\Downloads\wizard
2013-07-23 09:14 - 2013-07-28 16:31 - 00000000 ____D C:\Users\Dirk\Desktop\Bayreuth
2013-07-21 21:35 - 2013-07-30 17:29 - 00000000 ____D C:\Users\Dirk\Downloads\Homicide
2013-07-18 20:27 - 2013-07-18 20:50 - 1661405712 _____ C:\Users\Dirk\Downloads\the act of killing.m4v
2013-07-18 09:03 - 2013-07-18 09:03 - 00000000 ____D C:\Windows\system32\MRT
2013-07-17 19:54 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-07-17 19:54 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-07-17 19:54 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-07-17 19:54 - 2013-06-01 13:33 - 02233600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-17 19:54 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-07-17 19:54 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-07-17 19:54 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-17 19:54 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-07-17 19:54 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-07-17 19:54 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-17 19:54 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-07-17 19:54 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-07-17 19:54 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-07-17 19:54 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-07-17 19:54 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-07-17 19:54 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-07-17 19:54 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-17 19:54 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-17 19:54 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-07-17 19:54 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2013-07-17 19:54 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-07-17 19:54 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2013-07-17 19:54 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-07-17 19:54 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2013-07-17 19:54 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2013-07-17 19:54 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-07-17 19:54 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-07-17 19:54 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2013-07-17 19:54 - 2013-06-01 05:08 - 00117632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthA2DP.sys
2013-07-17 19:54 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-07-17 19:54 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-07-17 19:54 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-07-17 19:54 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-07-17 19:54 - 2013-05-20 02:08 - 00386642 _____ C:\Windows\system32\ApnDatabase.xml
2013-07-17 19:46 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-07-14 16:33 - 2013-07-14 17:15 - 00000141 _____ C:\Windows\spwdrp.INI
2013-07-14 16:33 - 2013-07-14 17:15 - 00000000 ____D C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery
2013-07-14 16:33 - 2012-12-06 11:27 - 06131200 _____ (Advanced Messaging Systems LLC) C:\Windows\SysWOW64\PhoenixDll.dll
2013-07-14 16:33 - 2012-12-04 21:29 - 00791680 _____ (Advanced Messaging Systems LLC) C:\Windows\SysWOW64\StellarProfile.dll
2013-07-14 14:48 - 2013-07-31 09:23 - 00412912 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-14 12:38 - 2013-07-14 12:38 - 00000000 ____D C:\ProgramData\Western Digital
2013-07-10 23:20 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 23:20 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 23:20 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 23:20 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 23:20 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 23:19 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 23:19 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 23:19 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 23:19 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 23:19 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 23:19 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 23:19 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 23:19 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 23:19 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 23:19 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 23:19 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 23:19 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 23:18 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 23:18 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 23:18 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 23:18 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 23:18 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 23:13 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 23:13 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-04 21:19 - 2013-07-31 19:30 - 01831814 _____ C:\Windows\WindowsUpdate.log
2013-07-04 20:28 - 2013-07-04 20:28 - 00000000 ____D C:\Users\Public\Anvisoft
2013-07-04 20:09 - 2013-07-07 17:04 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvisoft
2013-07-04 20:09 - 2013-07-07 17:04 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2013-07-04 09:42 - 2013-07-07 17:10 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-04 09:42 - 2013-07-07 17:10 - 00000000 ____D C:\Program Files\iTunes
2013-07-04 09:42 - 2013-07-07 17:10 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-07-04 09:42 - 2013-07-07 17:09 - 00000000 ____D C:\Program Files\iPod
==================== One Month Modified Files and Folders =======
2013-07-31 19:46 - 2013-07-04 21:19 - 01831814 _____ C:\Windows\WindowsUpdate.log
2013-07-31 19:46 - 2013-06-04 08:48 - 00005144 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for DIESCHMIEDE-Dirk DieSchmiede
2013-07-31 19:46 - 2013-04-08 16:01 - 00000000 ___RD C:\Users\Dirk\SkyDrive
2013-07-31 19:46 - 2012-12-19 22:39 - 00000000 ___RD C:\Users\Dirk\Dropbox
2013-07-31 19:46 - 2012-12-19 22:34 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Dropbox
2013-07-31 19:45 - 2013-07-31 13:18 - 00001178 _____ C:\Windows\PFRO.log
2013-07-31 19:45 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-31 19:45 - 2012-07-26 07:26 - 00524288 ___SH C:\Windows\system32\config\BBI
2013-07-31 19:43 - 2013-07-31 19:43 - 00891098 _____ C:\Users\Dirk\Downloads\SecurityCheck.exe
2013-07-31 19:25 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-31 19:18 - 2012-12-19 22:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-31 19:18 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-07-31 19:08 - 2013-07-31 14:37 - 00000000 ____D C:\Users\Dirk\Downloads\Virus
2013-07-31 19:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-07-31 18:54 - 2012-12-27 15:11 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\vlc
2013-07-31 18:54 - 2012-08-03 01:02 - 00760560 _____ C:\Windows\system32\perfh007.dat
2013-07-31 18:54 - 2012-08-03 01:02 - 00158770 _____ C:\Windows\system32\perfc007.dat
2013-07-31 18:54 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-31 18:47 - 2013-07-31 18:47 - 02347384 _____ (ESET) C:\Users\Dirk\Downloads\esetsmartinstaller_enu.exe
2013-07-31 18:42 - 2013-07-30 17:27 - 00000000 ____D C:\Users\Dirk\Downloads\Systema
2013-07-31 18:42 - 2013-03-04 18:37 - 00000000 ____D C:\Users\Dirk\Documents\Outlook-Dateien
2013-07-31 18:14 - 2013-07-30 17:26 - 00000000 ____D C:\Users\Dirk\Downloads\Bleak House
2013-07-31 16:20 - 2013-07-30 14:00 - 00000000 ____D C:\Users\Default\AppData\Roaming\IMAT
2013-07-31 16:20 - 2013-07-30 14:00 - 00000000 ____D C:\Users\Default User\AppData\Roaming\IMAT
2013-07-31 16:20 - 2013-07-30 13:55 - 00000000 ____D C:\Program Files\McAfeeAntiTheft
2013-07-31 15:07 - 2013-07-31 14:22 - 2312284357 _____ C:\Users\Dirk\Downloads\ballisticstrikes.zip
2013-07-31 14:39 - 2013-07-23 09:45 - 00000000 ____D C:\Users\Dirk\Downloads\wizard
2013-07-31 14:38 - 2013-02-06 21:17 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\UseNeXT
2013-07-31 13:22 - 2013-07-31 13:22 - 00000000 ____D C:\Windows\ERUNT
2013-07-31 13:17 - 2013-07-31 13:15 - 00001374 _____ C:\AdwCleaner[S3].txt
2013-07-31 10:08 - 2013-07-31 10:08 - 00000000 ____D C:\FRST
2013-07-31 09:43 - 2012-12-17 20:33 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-502259374-826088890-3482316187-1001
2013-07-31 09:23 - 2013-07-31 09:23 - 821139852 _____ C:\Windows\MEMORY.DMP
2013-07-31 09:23 - 2013-07-31 09:23 - 00285840 _____ C:\Windows\Minidump\073113-8750-01.dmp
2013-07-31 09:23 - 2013-07-14 14:48 - 00412912 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-31 09:23 - 2012-12-17 21:42 - 00000000 ____D C:\Windows\Minidump
2013-07-31 08:37 - 2013-07-31 08:37 - 00290256 _____ C:\Windows\Minidump\073113-6312-01.dmp
2013-07-31 08:34 - 2013-07-31 08:34 - 00000168 _____ C:\Users\Dirk\defogger_reenable
2013-07-31 08:34 - 2012-12-17 20:16 - 00000000 ____D C:\Users\Dirk
2013-07-31 08:21 - 2013-07-31 08:21 - 00043714 _____ C:\Users\Dirk\Documents\cc_20130731_082047.reg
2013-07-31 08:18 - 2013-07-31 08:10 - 00001092 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-07-31 08:16 - 2013-07-31 08:16 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Avira
2013-07-31 08:16 - 2013-02-06 21:54 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\uTorrent
2013-07-31 08:16 - 2013-01-02 11:47 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\DAEMON Tools Lite
2013-07-31 08:08 - 2013-07-31 08:08 - 00000000 ____D C:\ProgramData\Avira
2013-07-31 08:08 - 2013-07-31 08:08 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-31 08:07 - 2013-07-31 08:08 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-07-31 08:07 - 2013-07-31 08:08 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-07-31 08:07 - 2013-07-31 08:08 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-07-31 08:07 - 2013-07-31 08:08 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-07-30 21:07 - 2013-07-30 21:07 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2013-07-30 21:07 - 2013-07-30 21:03 - 00000000 ____D C:\ProgramData\HitmanPro
2013-07-30 17:29 - 2013-07-21 21:35 - 00000000 ____D C:\Users\Dirk\Downloads\Homicide
2013-07-30 17:24 - 2013-02-15 15:20 - 00376320 ___SH C:\Users\Dirk\Downloads\Thumbs.db
2013-07-30 16:37 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-07-30 15:53 - 2013-07-30 15:53 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Malwarebytes
2013-07-30 15:53 - 2013-07-30 15:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-30 15:53 - 2013-07-30 15:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-30 15:40 - 2013-07-30 15:40 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-07-30 15:40 - 2012-11-17 13:23 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-30 15:39 - 2012-11-17 13:25 - 00016258 _____ C:\Windows\system32\results.xml
2013-07-30 15:38 - 2012-11-17 13:29 - 00000000 ____D C:\Windows\SysWOW64\sda
2013-07-30 15:38 - 2012-11-17 13:27 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-07-30 15:31 - 2013-07-30 15:31 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-07-30 15:31 - 2012-11-17 13:24 - 00000000 ____D C:\Program Files\Common Files\Intel
2013-07-30 15:31 - 2012-11-17 13:23 - 00000000 ____D C:\Program Files (x86)\Intel
2013-07-30 15:26 - 2013-07-30 15:26 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-07-30 15:26 - 2013-07-30 15:26 - 00000000 ____D C:\Users\Dirk\AppData\Local\SlimWare Utilities Inc
2013-07-30 14:58 - 2013-07-30 14:58 - 02526590 _____ C:\Users\Dirk\Documents\UX31AAS219.zip
2013-07-30 14:58 - 2013-07-30 14:52 - 00000000 ____D C:\Users\Dirk\AppData\Local\Akamai
2013-07-30 14:53 - 2013-07-30 14:53 - 00017408 ___SH C:\Users\Dirk\Documents\Thumbs.db
2013-07-30 14:53 - 2013-04-09 12:35 - 00000000 ____D C:\Users\Dirk\Documents\Dungeon_World
2013-07-30 14:35 - 2013-03-28 13:56 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-07-30 14:01 - 2013-03-28 13:56 - 00000000 ____D C:\Program Files\McAfee
2013-07-30 13:55 - 2013-07-30 13:55 - 00000000 ____D C:\Program Files\Common Files\McAfeeAntiTheft
2013-07-29 17:23 - 2013-07-29 17:23 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-29 17:23 - 2013-07-29 17:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-29 11:14 - 2013-07-29 11:14 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Should I Remove It
2013-07-29 11:14 - 2013-07-29 11:14 - 00000000 ____D C:\Program Files (x86)\Reason
2013-07-29 11:14 - 2013-07-29 10:25 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-07-29 04:29 - 2013-07-29 20:22 - 480515936 _____ C:\Users\Dirk\Downloads\Title.S06e07.HDTV.x264-2HD.mp4
2013-07-28 16:44 - 2012-12-25 10:26 - 00000000 ____D C:\Users\Dirk\AppData\Local\Adobe
2013-07-28 16:44 - 2012-12-19 22:02 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-28 16:43 - 2013-04-08 19:10 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-07-28 16:31 - 2013-07-23 09:14 - 00000000 ____D C:\Users\Dirk\Desktop\Bayreuth
2013-07-27 13:45 - 2013-07-28 21:47 - 397154176 _____ C:\Users\Dirk\Downloads\luther.S03E04.mp4
2013-07-27 11:12 - 2012-12-17 20:17 - 00000000 ____D C:\Users\Dirk\AppData\Local\Packages
2013-07-27 10:43 - 2013-07-27 10:36 - 00002234 _____ C:\ProgramData\lxebJSW.log
2013-07-27 10:36 - 2013-06-06 15:29 - 00000000 ____D C:\ProgramData\lx_Cats
2013-07-27 10:30 - 2013-07-27 00:31 - 00000000 ____D C:\Users\Dirk\Downloads\Breaking Bad season 3
2013-07-25 21:09 - 2013-07-28 21:57 - 551114165 _____ C:\Users\Dirk\Downloads\True Blood S06e06.mp4
2013-07-18 20:50 - 2013-07-18 20:27 - 1661405712 _____ C:\Users\Dirk\Downloads\the act of killing.m4v
2013-07-18 09:04 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-18 09:03 - 2013-07-18 09:03 - 00000000 ____D C:\Windows\system32\MRT
2013-07-14 17:15 - 2013-07-14 16:33 - 00000141 _____ C:\Windows\spwdrp.INI
2013-07-14 17:15 - 2013-07-14 16:33 - 00000000 ____D C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery
2013-07-14 12:38 - 2013-07-14 12:38 - 00000000 ____D C:\ProgramData\Western Digital
2013-07-11 12:26 - 2012-07-26 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-07 19:09 - 2013-04-16 10:26 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-07-07 19:07 - 2012-07-26 07:26 - 00000306 _____ C:\Windows\win.ini
2013-07-07 17:10 - 2013-07-04 09:42 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-07 17:10 - 2013-07-04 09:42 - 00000000 ____D C:\Program Files\iTunes
2013-07-07 17:10 - 2013-07-04 09:42 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-07-07 17:10 - 2013-05-26 19:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-07 17:10 - 2013-01-28 12:18 - 00000000 ____D C:\Users\Administrator
2013-07-07 17:10 - 2013-01-02 21:01 - 00000000 ____D C:\Users\Dirk\Documents\WinFlash_Win8_64_Z2411
2013-07-07 17:10 - 2013-01-02 11:45 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-07-07 17:10 - 2012-12-26 17:30 - 00000000 ____D C:\Users\Dirk\AppData\Local\Studio_pomaranča_d.o.o__O
2013-07-07 17:10 - 2012-12-23 23:37 - 00000000 ____D C:\Users\Dirk\Documents\Writemonkey
2013-07-07 17:10 - 2012-12-19 11:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-07 17:10 - 2012-12-17 20:18 - 00000000 ___RD C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-07 17:10 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-07-07 17:10 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-07-07 17:10 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\registration
2013-07-07 17:10 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-07-07 17:10 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-07-07 17:10 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-07-07 17:10 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Sysprep
2013-07-07 17:10 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2013-07-07 17:10 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-07-07 17:09 - 2013-07-04 09:42 - 00000000 ____D C:\Program Files\iPod
2013-07-07 17:09 - 2013-06-26 21:27 - 00000000 ____D C:\Users\Dirk\Documents\OCTGN
2013-07-07 17:09 - 2013-04-16 08:43 - 00000000 __RHD C:\MSOCache
2013-07-07 17:09 - 2013-03-10 08:47 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-07 17:09 - 2012-12-19 11:01 - 00000000 ____D C:\Users\Dirk\AppData\Local\Mozilla
2013-07-07 17:04 - 2013-07-04 20:09 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvisoft
2013-07-07 17:04 - 2013-07-04 20:09 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2013-07-07 17:04 - 2013-06-16 21:07 - 00000000 ____D C:\Users\Dirk\AppData\Local\Google
2013-07-04 20:29 - 2012-08-03 00:24 - 00000000 ____D C:\Windows\Panther
2013-07-04 20:28 - 2013-07-04 20:28 - 00000000 ____D C:\Users\Public\Anvisoft
2013-07-02 10:26 - 2013-04-08 16:01 - 00002281 _____ C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-31 03:00
==================== End Of Log ============================
--- --- --- --- --- --- Bis jetzt zeigen sich die Symptome nicht mehr! Ich kann nur hoffen, dass unsere Prozedur erfolgreich war - ich denke, dass sie es ist! Daher, vielen Dank Sir Schrauber! |
|
31.07.2013, 20:02
| #10 |
| /// the machine /// TB-Ausbilder | Seth Avazutracking.net Fertig Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.08.2013, 10:19
| #11 |
| | Seth Avazutracking.net Danke nochmals, doch leider zeigte sich der wiederborstige Seth a... gerade wieder!!! Welche Waffen haben wir noch zur Verfügung? |
|
01.08.2013, 11:48
| #12 |
| /// the machine /// TB-Ausbilder | Seth Avazutracking.net wo genau?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.08.2013, 07:45
| #13 |
| | Seth Avazutracking.net Im Firefox. Ich habe das Gefuhl, dass es öfters eintritt, wenn ich die Pfeiltasten benutze. Kann aber auch nur Zufall sein. öfters werde ich auf eine Seite weitergeleitet - ohne, dass vorher der Weg über seth a... läuft, die: hxxp://funnygamel.com/javade/index.html heißt. Ist das etwas anderes als der a...? Das hatte ich im übrigen schon genauso lang wie den a. Guten Morgen! Noch ein paar Hinweise: mein Mauszeiger flimmert während ich im Firefox bin, außerdem stockt das Scrollen aller 2 sec kurz. Im IE habe ich bisher, nach 1h Testen, keines der bisher genannten Syndrome. |
|
02.08.2013, 11:26
| #14 |
| /// the machine /// TB-Ausbilder | Seth Avazutracking.net Firefox deinstallieren, keine Daten behalten, neu installieren. Testen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Seth Avazutracking.net |
| akamai, antivir, avira, bho, bluescreen, bonjour, browser, defender, desktop, error, excel, fehlermeldung, firefox, flash player, focus, format, helper, langsamkeit, logfile, monitor, mozilla, office 2013, preferences, realtek, reghunter, registry, scan, seth avazutracking.net, software, starten, tablet, windows |
Linear-Darstellung
