![]() |
Log-Analyse und Auswertung: Befall von Maleware nach Download (u.a. Serach.New.Tab). GMER meldet RootkitWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() |
![]() | #1 |
![]() ![]() | ![]() Befall von Maleware nach Download (u.a. Serach.New.Tab). GMER meldet Rootkit vHi Ich habe einen Android Stick für meinen Fernseher den ich mit einer neuen Firmware flashen musste. Die Firmware wurde auf folgender Seite hochgeladen: hxxp://uploading.com/ Da es eine sehr bekannte Seite war (geekbuying) habe ich auch nicht besonders aufgepasst beim download. Leider falsch gedacht. Denn beim entpacken der files wurde ein Downloader von der o.g. Seite installiert. Dabei Wurden einige Sachen mit installiert (darunter Plugins für Google Chrome etc.). Sofort habe ich Malewarebytes ausgeführt und habe die Befunde gelöscht. Allerdings ist mein PC deutlicher langsamer als vorher. Z.B. werden nach dem Windows Start die Symbole auf dem Desktop erst nach einigen Sekunden geladen was vorher nicht der Fall war. Hier die Logfiles: Zunächst Malewarebytes: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Datenbank Version: v2013.10.27.04 Windows 8 x64 NTFS Internet Explorer 11.0.9600.16384 H :: MASTER [Administrator] 27.10.2013 18:05:03 mbam-log-2013-10-27 (18-05-03).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 222142 Laufzeit: 1 Minute(n), 11 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 11 HKCR\CLSID\{9F226218-5466-D8A0-4F3F-1133D14647E2} (PUP.Optional.Multiplug) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9F226218-5466-D8A0-4F3F-1133D14647E2} (PUP.Optional.Multiplug) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9F226218-5466-D8A0-4F3F-1133D14647E2} (PUP.Optional.Multiplug) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{EF69CF22-6CA6-FF4C-C308-75DAF04ABD5E} (PUP.Optional.Multiplug) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF69CF22-6CA6-FF4C-C308-75DAF04ABD5E} (PUP.Optional.Multiplug) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF69CF22-6CA6-FF4C-C308-75DAF04ABD5E} (PUP.Optional.Multiplug) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} (PUP.Optional.Multiplug) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} (PUP.Optional.Multiplug) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C1A27135-69EB-8D44-7358-34727DD7B820} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A649E1FD-B445-B4EC-DDA4-AF7411013830} (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 1 C:\ProgramData\SearchNewTab (PUP.Optional.SearchNewTab) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 8 C:\Program Files (x86)\Diownloada keeoPearr\E87V4tQ5.dll (PUP.Optional.Multiplug) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\SearchNewTab\OU62zf.dll (PUP.Optional.Multiplug) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\Diownloada keeoPearr\ignvpsNVp.exe (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\InstallMate\{1E495E23-F7D1-4940-ABAB-BFF3C5AA7CD5}\Setup.exe (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\InstallMate\{1E495E23-F7D1-4940-ABAB-BFF3C5AA7CD5}\TsuDll.dll (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\SearchNewTab\jmhRPeg.exe (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\H\Downloads\flash tool 1.5.rar.exe (PUP.Optional.Installrex) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\H\Downloads\RockusbDriver.rar.exe (PUP.Optional.Installrex) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Gmer: Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net Rootkit scan 2013-10-28 15:25:16 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000029 M4-CT128M4SSD2 rev.000F 119,24GB Running: pwsjf110.exe; Driver: C:\Users\H\AppData\Local\Temp\ufldypow.sys ---- Kernel code sections - GMER 2.1 ---- .text C:\Windows\System32\win32k.sys!W32pServiceTable fffff960000e8e00 15 bytes [00, 9F, 0F, 02, 40, BA, 6F, ...] .text C:\Windows\System32\win32k.sys!W32pServiceTable + 16 fffff960000e8e10 11 bytes [00, E6, FB, FF, 80, 7E, D2, ...] ---- User code sections - GMER 2.1 ---- .text C:\Windows\system32\wininit.exe[656] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\system32\services.exe[704] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\system32\lsass.exe[712] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\system32\svchost.exe[792] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\system32\svchost.exe[836] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\system32\winlogon.exe[904] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\system32\dwm.exe[976] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\system32\atiesrxx.exe[1008] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\system32\atiesrxx.exe[1008] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff83ae5169a 4 bytes [E5, 3A, F8, 7F] .text C:\Windows\system32\atiesrxx.exe[1008] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff83ae516a2 4 bytes [E5, 3A, F8, 7F] .text C:\Windows\system32\atiesrxx.exe[1008] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff83ae5181a 4 bytes [E5, 3A, F8, 7F] .text C:\Windows\system32\atiesrxx.exe[1008] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff83ae51832 4 bytes [E5, 3A, F8, 7F] .text C:\Windows\System32\svchost.exe[328] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\System32\svchost.exe[376] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\system32\svchost.exe[528] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\system32\svchost.exe[532] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\system32\atieclxx.exe[964] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\system32\atieclxx.exe[964] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff83ae5169a 4 bytes [E5, 3A, F8, 7F] .text C:\Windows\system32\atieclxx.exe[964] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff83ae516a2 4 bytes [E5, 3A, F8, 7F] .text C:\Windows\system32\atieclxx.exe[964] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff83ae5181a 4 bytes [E5, 3A, F8, 7F] .text C:\Windows\system32\atieclxx.exe[964] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff83ae51832 4 bytes [E5, 3A, F8, 7F] .text C:\Windows\system32\svchost.exe[1236] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\System32\spoolsv.exe[1432] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\system32\taskhostex.exe[1472] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\system32\svchost.exe[1508] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\System32\rundll32.exe[1728] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\Explorer.EXE[1832] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\system32\dashost.exe[1928] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe[2004] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe[2004] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ff832041f6a 4 bytes [04, 32, F8, 7F] .text C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe[2004] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ff832041f82 4 bytes [04, 32, F8, 7F] .text C:\Program Files\PostgreSQL\9.0\bin\postgres.exe[1112] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Program Files\PostgreSQL\9.0\bin\postgres.exe[1112] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ff832041f6a 4 bytes [04, 32, F8, 7F] .text C:\Program Files\PostgreSQL\9.0\bin\postgres.exe[1112] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ff832041f82 4 bytes [04, 32, F8, 7F] .text C:\Windows\system32\conhost.exe[1060] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Program Files\PostgreSQL\9.0\bin\postgres.exe[1612] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Program Files\PostgreSQL\9.0\bin\postgres.exe[1612] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ff832041f6a 4 bytes [04, 32, F8, 7F] .text C:\Program Files\PostgreSQL\9.0\bin\postgres.exe[1612] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ff832041f82 4 bytes [04, 32, F8, 7F] .text C:\Program Files\PostgreSQL\9.0\bin\postgres.exe[2056] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Program Files\PostgreSQL\9.0\bin\postgres.exe[2056] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ff832041f6a 4 bytes [04, 32, F8, 7F] .text C:\Program Files\PostgreSQL\9.0\bin\postgres.exe[2056] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ff832041f82 4 bytes [04, 32, F8, 7F] .text C:\Program Files\PostgreSQL\9.0\bin\postgres.exe[2064] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Program Files\PostgreSQL\9.0\bin\postgres.exe[2064] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ff832041f6a 4 bytes [04, 32, F8, 7F] .text C:\Program Files\PostgreSQL\9.0\bin\postgres.exe[2064] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ff832041f82 4 bytes [04, 32, F8, 7F] .text C:\Program Files\PostgreSQL\9.0\bin\postgres.exe[2072] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Program Files\PostgreSQL\9.0\bin\postgres.exe[2072] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ff832041f6a 4 bytes [04, 32, F8, 7F] .text C:\Program Files\PostgreSQL\9.0\bin\postgres.exe[2072] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ff832041f82 4 bytes [04, 32, F8, 7F] .text C:\Program Files\PostgreSQL\9.0\bin\postgres.exe[2084] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Program Files\PostgreSQL\9.0\bin\postgres.exe[2084] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ff832041f6a 4 bytes [04, 32, F8, 7F] .text C:\Program Files\PostgreSQL\9.0\bin\postgres.exe[2084] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ff832041f82 4 bytes [04, 32, F8, 7F] .text C:\Windows\system32\svchost.exe[2644] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\system32\svchost.exe[3364] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\system32\SearchIndexer.exe[3736] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\System32\WUDFHost.exe[3788] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\System32\svchost.exe[3804] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\System32\SettingSyncHost.exe[3892] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\System32\skydrive.exe[1944] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\system32\DllHost.exe[4396] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Program Files\Windows Media Player\wmpnetwk.exe[5400] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Program Files\Windows Media Player\wmpnetwk.exe[5400] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ff832041f6a 4 bytes [04, 32, F8, 7F] .text C:\Program Files\Windows Media Player\wmpnetwk.exe[5400] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ff832041f82 4 bytes [04, 32, F8, 7F] .text C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe[5532] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] .text C:\Windows\system32\AUDIODG.EXE[2400] C:\Windows\SYSTEM32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff83ad1978d 1 byte [62] ---- Threads - GMER 2.1 ---- Thread C:\Windows\system32\csrss.exe [664:744] fffff9600082c4d0 Thread C:\Windows\system32\csrss.exe [664:884] fffff9600082c4d0 Thread C:\Windows\System32\SettingSyncHost.exe [3892:4064] 00007ff82b4064f4 ---- Services - GMER 2.1 ---- Service C:\Windows\system32\drivers\aswFsBlk.sys (*** hidden *** ) [AUTO] aswFsBlk <-- ROOTKIT !!! Service C:\Windows\system32\drivers\aswMonFlt.sys (*** hidden *** ) [AUTO] aswMonFlt <-- ROOTKIT !!! Service C:\Windows\system32\drivers\aswRdr2.sys (*** hidden *** ) [SYSTEM] aswRdr <-- ROOTKIT !!! Service C:\Windows\system32\drivers\aswRvrt.sys (*** hidden *** ) [BOOT] aswRvrt <-- ROOTKIT !!! Service C:\Windows\system32\drivers\aswSnx.sys (*** hidden *** ) [SYSTEM] aswSnx <-- ROOTKIT !!! Service C:\Windows\system32\drivers\aswSP.sys (*** hidden *** ) [SYSTEM] aswSP <-- ROOTKIT !!! Service C:\Windows\system32\drivers\aswVmm.sys (*** hidden *** ) [BOOT] aswVmm <-- ROOTKIT !!! Service C:\Program Files\Avast\AvastSvc.exe (*** hidden *** ) [AUTO] avast! Antivirus <-- ROOTKIT !!! ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemStartTime 0x26 0x8B 0x99 0x79 ... Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemLastStartTime 0xA0 0x4C 0xB3 0x80 ... Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFStartTime 0x26 0x8B 0x99 0x79 ... Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFLastStartTime 0x4F 0xD6 0xBC 0x80 ... Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData\BootLanguages@de-DE 21 Reg HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\SAM08DC808531508_19_07DC_86+GSM000116843009_01_07DB_7F^EF0990BD5691FE309DEE504B12CDE523@Timestamp 0x2D 0x96 0xBA 0x7A ... Reg HKLM\SYSTEM\CurrentControlSet\Control\Lsa@LsaPid 708 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager@PendingFileRenameOperations \??\C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.old?? Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Executive@UuidSequenceNumber 3900001 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed 1301613241 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BootId 24 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BaseTime 395104980 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@POSTTime 5507 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@FwPOSTTime 5102 Reg HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@InstanceID a60bb14f-83eb-4e81-9dea-8d6113a Reg HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\WdiContextLog@FileCounter 3 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswFsBlk@Type 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswFsBlk@Start 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswFsBlk@ErrorControl 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswFsBlk@Tag 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswFsBlk@ImagePath \??\C:\Windows\system32\drivers\aswFsBlk.sys Reg HKLM\SYSTEM\CurrentControlSet\Services\aswFsBlk@DisplayName aswFsBlk Reg HKLM\SYSTEM\CurrentControlSet\Services\aswFsBlk@Group FSFilter Activity Monitor Reg HKLM\SYSTEM\CurrentControlSet\Services\aswFsBlk@DependOnService FltMgr? Reg HKLM\SYSTEM\CurrentControlSet\Services\aswFsBlk@Description Avast! Mini-filter Driver Reg HKLM\SYSTEM\CurrentControlSet\Services\aswFsBlk\Instances Reg HKLM\SYSTEM\CurrentControlSet\Services\aswFsBlk\Instances@DefaultInstance aswFsBlk Instance Reg HKLM\SYSTEM\CurrentControlSet\Services\aswFsBlk\Instances\aswFsBlk Instance Reg HKLM\SYSTEM\CurrentControlSet\Services\aswFsBlk\Instances\aswFsBlk Instance@Altitude 388400 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswFsBlk\Instances\aswFsBlk Instance@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswFsBlk Reg HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt@Type 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt@Start 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt@ErrorControl 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt@ImagePath \??\C:\Windows\system32\drivers\aswMonFlt.sys Reg HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt@DisplayName aswMonFlt Reg HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt@Group FSFilter Anti-Virus Reg HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt@DependOnService FltMgr? Reg HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt@Description avast! mini-filter driver (aswMonFlt) Reg HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt\Instances Reg HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt\Instances@DefaultInstance aswMonFlt Instance Reg HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt\Instances\aswMonFlt Instance Reg HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt\Instances\aswMonFlt Instance@Altitude 320700 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt\Instances\aswMonFlt Instance@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRdr@Type 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRdr@Start 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRdr@ErrorControl 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRdr@ImagePath \??\C:\Windows\system32\drivers\aswRdr2.sys Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRdr@DisplayName aswRdr Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRdr@Group PNP_TDI Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRdr@DependOnService tcpip? Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRdr@Description avast! WFP Redirect driver Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRdr\Parameters Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRdr\Parameters@MSIgnoreLSPDefault Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRdr\Parameters@WSIgnoreLSPDefault nl_lsp.dll,imon.dll,xfire_lsp.dll,mslsp.dll,mssplsp.dll,cwhook.dll,spi.dll,bmnet.dll,winsflt.dll Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRdr Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt@Type 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt@Start 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt@ErrorControl 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt@DisplayName avast! Revert Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters@SystemRoot \Device\HarddiskVolume2\Windows Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters@BootCounter 18 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters@TickCounter 182833 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\1382447432 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\1382447432@ Commited Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\1382447432@BootTimeout 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\1382447432@TickTimeout 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\1382447432@CreationTime 0xDC 0x68 0xF1 0x16 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\1382447432@SetupOperations MoveFile("\??\c:\program files\avast\ashwebsv.dll.1382447432","\??\c:\program files\avast\ashwebsv.dll",TRUE)?MoveFile("\??\c:\program files\avast\ashwebsv.dll.sum.1382447432","\??\c:\program files\avast\ashwebsv.dll.sum",TRUE)?MoveFile("\??\c:\program files\avast\avastui.exe.1382447432","\??\c:\program files\avast\avastui.exe",TRUE)?MoveFile("\??\c:\program files\avast\avastui.exe.sum.1382447432","\??\c:\program files\avast\avastui.exe.sum",TRUE)? Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\1382447432@StartBootCounter 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\1382447432@StartTickCounter 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSnx@Type 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSnx@Start 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSnx@ErrorControl 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSnx@ImagePath \??\C:\Windows\system32\drivers\aswSnx.sys Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSnx@DisplayName aswSnx Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSnx@Group FSFilter Virtualization Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSnx@DependOnService FltMgr? Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSnx@Description avast! virtualization driver (aswSnx) Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSnx\Instances Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSnx\Instances@DefaultInstance aswSnx Instance Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSnx\Instances\aswSnx Instance Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSnx\Instances\aswSnx Instance@Altitude 137600 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSnx\Instances\aswSnx Instance@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSnx\Parameters Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSnx\Parameters@ProgramFolder \??\C:\Program Files\Avast Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSnx\Parameters@DataFolder \??\C:\ProgramData\AVAST Software\Avast Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSnx Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSP@Type 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSP@Start 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSP@ErrorControl 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSP@ImagePath \??\C:\Windows\system32\drivers\aswSP.sys Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSP@DisplayName aswSP Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSP@Description avast! Self Protection Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSP\Parameters Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSP\Parameters@BehavShield 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSP\Parameters@ProgramFolder \??\C:\Program Files\Avast Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSP\Parameters@DataFolder \??\C:\ProgramData\AVAST Software\Avast Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSP\Parameters@ProgramFilesFolder \??\C:\Program Files Reg HKLM\SYSTEM\CurrentControlSet\Services\aswSP Reg HKLM\SYSTEM\CurrentControlSet\Services\aswVmm@Type 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswVmm@Start 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswVmm@ErrorControl 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswVmm@DisplayName avast! VM Monitor Reg HKLM\SYSTEM\CurrentControlSet\Services\aswVmm@Description avast! VM Monitor Reg HKLM\SYSTEM\CurrentControlSet\Services\aswVmm\Parameters Reg HKLM\SYSTEM\CurrentControlSet\Services\aswVmm Reg HKLM\SYSTEM\CurrentControlSet\Services\avast! Antivirus@Type 288 Reg HKLM\SYSTEM\CurrentControlSet\Services\avast! Antivirus@Start 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\avast! Antivirus@ErrorControl 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\avast! Antivirus@ImagePath "C:\Program Files\Avast\AvastSvc.exe" Reg HKLM\SYSTEM\CurrentControlSet\Services\avast! Antivirus@DisplayName avast! Antivirus Reg HKLM\SYSTEM\CurrentControlSet\Services\avast! Antivirus@Group ShellSvcGroup Reg HKLM\SYSTEM\CurrentControlSet\Services\avast! Antivirus@DependOnService aswMonFlt?RpcSS? Reg HKLM\SYSTEM\CurrentControlSet\Services\avast! Antivirus@WOW64 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\avast! Antivirus@ObjectName LocalSystem Reg HKLM\SYSTEM\CurrentControlSet\Services\avast! Antivirus@ServiceSidType 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\avast! Antivirus@Description Verwaltet und implementiert die avast! Antivirus Dienste auf diesem Computer. Dies beinhaltet den Echtzeit-Schutz, den Virus Container sowie die Zeitplan. Reg HKLM\SYSTEM\CurrentControlSet\Services\avast! Antivirus\Parameters Reg HKLM\SYSTEM\CurrentControlSet\Services\avast! Antivirus Reg HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\Probe\{45a9a108-73e2-4f73-8ce2-b9e9442c3928}@LastProbeTime 1382898309 Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\7c-4f-b5-01-ec-12@AddressCreationTimestamp 0x1F 0x8D 0x7D 0x08 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\7c-4f-b5-01-ec-12@TeredoAddress 2001:0:9d38:6ab8:b5:2845:b002:7a89 Reg HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Parameters@LastBootPlanUserTime ?So?, ?Okt ?27 ?13, 06:26:31??????9???????9???????????????9???? Reg HKLM\SYSTEM\CurrentControlSet\Services\SDScannerService@ServiceWebPortFileScannerActive 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\SDScannerService@ServiceWebPortFirewallActive 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\SDUpdateService@ServiceWebPortActive 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 913 Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 80 Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|LPort=3587|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=p2psvc|Name=@%systemroot%\system32\provsvc.dll,-200|Desc=@%systemroot%\system32\provsvc.dll,-201|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202| Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|RPort=3587|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=p2psvc|Name=@%systemroot%\system32\provsvc.dll,-203|Desc=@%systemroot%\system32\provsvc.dll,-204|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202| Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|LPort=3540|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=pnrpsvc|Name=@%systemroot%\system32\provsvc.dll,-205|Desc=@%systemroot%\system32\provsvc.dll,-206|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202| Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Private|RPort=3540|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=pnrpsvc|Name=@%systemroot%\system32\provsvc.dll,-207|Desc=@%systemroot%\system32\provsvc.dll,-208|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202| Reg HKLM\SYSTEM\CurrentControlSet\Services\srvnet\Parameters@MajorSequence 22 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{78558A3B-E6C3-437F-9FEF-5CB06B197674}@LeaseObtainedTime 1382894709 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{78558A3B-E6C3-437F-9FEF-5CB06B197674}@T1 1383801909 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{78558A3B-E6C3-437F-9FEF-5CB06B197674}@T2 1384482309 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{78558A3B-E6C3-437F-9FEF-5CB06B197674}@LeaseTerminatesTime 1384709109 Reg HKLM\SYSTEM\CurrentControlSet\Services\Winmgmt\Parameters@ServiceDllUnloadOnStop 0 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer@GlobalAssocChangedCounter 27 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shutdown@CleanShutdown 1 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012013102720131028 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012013102720131028@CachePrefix :2013102720131028: Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012013102720131028@CachePath %USERPROFILE%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012013102720131028 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012013102720131028@CacheOptions 11 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012013102720131028@CacheRepair 0 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012013102720131028@CacheLimit 1 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@PolicyDocumentLastRefresh 0xEB 0x11 0xBC 0x98 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsBandwidthBucketDrainTime 0x85 0xF9 0x43 0x99 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsRequestBucketDrainTime 0xEB 0x9C 0x97 0xFE ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsLargeBandwidthBucketDrainTime 0x3B 0x6E 0x91 0xC4 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsLargeRequestBucketDrainTime 0xEB 0x9C 0x97 0xFE ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastOtherBandwidthBucketDrainTime 0x85 0xF9 0x43 0x99 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastOtherRequestBucketDrainTime 0xEB 0x9C 0x97 0xFE ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastGlobalRequestBucketDrainTime 0xEB 0x9C 0x97 0xFE ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@RoamingSyncToken LM%3d63518127161420%3bID%3d2873DADDC9BEF5FF!104%3bLR%3d63518492151217%3bEP%3d4%3bTD%3dTrue Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\RegistrarData@LastRenewCollectionsInterest 0xE0 0xAE 0x80 0xB1 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\RegistrarData@LastDownloadCollectionInterest 0x0F 0x60 0xB8 0x4A ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData@PendingOperations 6 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Store@LastTileRefresh 0x8C 0x1B 0x25 0xE8 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Store\RefreshBannedAppList@BannedAppsLastModified 0x80 0x6E 0x7D 0xA1 ... ---- EOF - GMER 2.1 ---- Könnt ihr mir helfen? Findet ihr etwas? Vielen Dank im Voraus. Geändert von hotte83 (28.10.2013 um 16:11 Uhr) |
![]() | #2 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Befall von Maleware nach Download (u.a. Serach.New.Tab). GMER meldet Rootkit Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. ![]() Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
![]() | #3 |
![]() ![]() | ![]() Befall von Maleware nach Download (u.a. Serach.New.Tab). GMER meldet Rootkit Bekomme den Code von FRST nicht in einen Post. bekomme immer die Fehlermeldung wegen der Länge. Deswegen habe ich die Files gezippt.
__________________Addition von FRST Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-10-2013 Ran by H at 2013-10-28 15:07:49 Running from C:\Users\H\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== 7-Zip 9.20 (x64 edition) (Version: Adobe AIR (x32 Version: Adobe Shockwave Player 12.0 (x32 Version: AMD Accelerated Video Transcoding (Version: AMD Catalyst Control Center (x32 Version: 2013.0926.1629.27759) AMD Catalyst Install Manager (Version: 8.0.915.0) Asmedia ASM106x SATA Host Controller Driver (x32 Version: avast! Free Antivirus (x32 Version: 9.0.2006) Biet-O-Matic v2.14.12 (x32 Version: 2.14.12) calibre 64bit (Version: 1.7.0) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0926.1629.27759) Catalyst Control Center InstallProxy (x32 Version: 2013.0926.1629.27759) Catalyst Control Center Localization All (x32 Version: 2013.0926.1629.27759) CCC Help Chinese Standard (x32 Version: 2013.0926.1628.27759) CCC Help Chinese Traditional (x32 Version: 2013.0926.1628.27759) CCC Help Czech (x32 Version: 2013.0926.1628.27759) CCC Help Danish (x32 Version: 2013.0926.1628.27759) CCC Help Dutch (x32 Version: 2013.0926.1628.27759) CCC Help English (x32 Version: 2013.0926.1628.27759) CCC Help Finnish (x32 Version: 2013.0926.1628.27759) CCC Help French (x32 Version: 2013.0926.1628.27759) CCC Help German (x32 Version: 2013.0926.1628.27759) CCC Help Greek (x32 Version: 2013.0926.1628.27759) CCC Help Hungarian (x32 Version: 2013.0926.1628.27759) CCC Help Italian (x32 Version: 2013.0926.1628.27759) CCC Help Japanese (x32 Version: 2013.0926.1628.27759) CCC Help Korean (x32 Version: 2013.0926.1628.27759) CCC Help Norwegian (x32 Version: 2013.0926.1628.27759) CCC Help Polish (x32 Version: 2013.0926.1628.27759) CCC Help Portuguese (x32 Version: 2013.0926.1628.27759) CCC Help Russian (x32 Version: 2013.0926.1628.27759) CCC Help Spanish (x32 Version: 2013.0926.1628.27759) CCC Help Swedish (x32 Version: 2013.0926.1628.27759) CCC Help Thai (x32 Version: 2013.0926.1628.27759) CCC Help Turkish (x32 Version: 2013.0926.1628.27759) ccc-utility64 (Version: 2013.0926.1629.27759) CCleaner (Version: 4.06) CDBurnerXP (x32 Version: DHTML Editing Component (x32 Version: 6.02.0001) Dropbox (HKCU Version: 2.4.3) ffdshow x64 v1.3.4500 [2013-01-06] (Version: 1.3.4500.0) Full Tilt Poker.Eu (x32 Version: 4.65.0.WIN.FullTilt.EU) Google Chrome (x32 Version: 30.0.1599.101) Google Earth (x32 Version: Google Update Helper (x32 Version: Haali Media Splitter (x32) HL-2130 (x32 Version: Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565) Image Resizer for Windows (x32 Version: 3.0.4802.35565) Intel(R) Processor Graphics (x32 Version: Java 7 Update 45 (64-bit) (Version: 7.0.450) Java 7 Update 45 (x32 Version: 7.0.450) Java Auto Updater (x32 Version: JDownloader 2 (Version: 2.0) KeePass Password Safe 2.23 (x32) Malwarebytes Anti-Malware Version (x32 Version: Microsoft Silverlight (Version: 5.1.20913.0) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727) MPC-HC 1.7.0 (64-bit) (Version: OpenOffice 4.0.1 (x32 Version: 4.01.9714) partypoker (x32) PDF-Viewer (Version: Poker 770 (HKCU) PokerStars.eu (x32) PokerTracker 4 (remove only) (x32) PostgreSQL 9.0 (Version: 9.0) Realtek Ethernet Controller Driver (x32 Version: 8.3.730.2012) Realtek High Definition Audio Driver (x32 Version: Skype™ 6.9 (x32 Version: 6.9.106) Spybot - Search & Destroy (x32 Version: 2.2.25) swMSM (x32 Version: TeamViewer 8 (x32 Version: 8.0.22298) Turbo Lister 2 (x32 Version: 2.00.0000) Veetle TV (x32 Version: 0.9.19) William Hill Poker (HKCU) Winamp (x32 Version: 5.65 ) Winner Poker (HKCU) XBMC (HKCU) ==================== Restore Points ========================= 22-10-2013 12:04:32 Windows Modules Installer 23-10-2013 12:48:08 TuneUp Utilities 2014 wird installiert 26-10-2013 19:46:20 DirectX wurde installiert ==================== Hosts content: ========================== 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {3791B1D3-C4F2-4929-9982-D32B61E6CDAD} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\Windows\System32\AppXDeploymentClient.dll [2013-09-19] (Microsoft Corporation) Task: {9AE96E79-C779-4B16-B25B-71DEC86B06D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd) Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {A7BD4900-FA67-4DF1-8956-EFF6279E1B3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-22] (Google Inc.) Task: {AB435D73-14E9-4C95-B480-33B052CD2E1C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-22] (Google Inc.) Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-10-28 15:02 - 2013-10-28 12:25 - 02136576 _____ () C:\Program Files\Avast\defs\13102800\algo.dll 2013-10-22 14:29 - 2013-05-16 09:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2013-10-22 14:29 - 2013-05-16 09:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2013-10-22 14:29 - 2013-05-16 09:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2013-10-22 14:29 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2013-10-22 14:29 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2013-10-22 14:10 - 2013-10-22 14:10 - 19336120 _____ () C:\Program Files\Avast\libcef.dll 2013-10-22 13:12 - 2013-10-09 01:01 - 00698832 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll 2013-10-22 13:12 - 2013-10-09 01:01 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll 2013-10-22 13:12 - 2013-10-09 01:02 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll 2013-10-22 13:12 - 2013-10-09 01:02 - 00415184 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll 2013-10-22 13:12 - 2013-10-09 01:01 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\H\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker => ""="Service" ==================== Faulty Device Manager Devices ============= Name: Intel(R) HD Graphics Description: Intel(R) HD Graphics Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Corporation Service: AMDKMDAP Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Multimediacontroller Description: Multimediacontroller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (10/26/2013 08:46:21 PM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (10/23/2013 01:59:39 PM) (Source: ATIeRecord) (User: ) Description: ATI EEU PnP start/stop failed Error: (10/23/2013 01:59:37 PM) (Source: ATIeRecord) (User: ) Description: ATI EEU PnP start/stop failed Error: (10/23/2013 01:48:09 PM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (10/22/2013 05:35:18 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: StarsHelper.exe, Version:, Zeitstempel: 0x526344a8 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.16408, Zeitstempel: 0x523d4548 Ausnahmecode: 0xe0434352 Fehleroffset: 0x00012eec ID des fehlerhaften Prozesses: 0xcc0 Startzeit der fehlerhaften Anwendung: 0xStarsHelper.exe0 Pfad der fehlerhaften Anwendung: StarsHelper.exe1 Pfad des fehlerhaften Moduls: StarsHelper.exe2 Berichtskennung: StarsHelper.exe3 Vollständiger Name des fehlerhaften Pakets: StarsHelper.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: StarsHelper.exe5 Error: (10/22/2013 05:35:18 PM) (Source: .NET Runtime) (User: ) Description: Anwendung: StarsHelper.exe Frameworkversion: v4.0.30319 Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet. Ausnahmeinformationen: StarsHelper.Code.Helpers.Win32Exception Stapel: bei StarsHelper.Code.Monitor.ClientWin32.ReadFromMemory(Byte[], UInt32) bei StarsHelper.Code.Monitor.ClientWin32.ReadMemDWord(UInt32, UInt32 ByRef) bei StarsHelper.Code.Monitor.BridgeS.ErrorMonitorWorker() bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object) bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) bei System.Threading.ThreadHelper.ThreadStart() Error: (10/22/2013 03:18:21 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: pprekop.exe, Version:, Zeitstempel: 0xole32.dll Name des fehlerhaften Moduls: 5.1.2600.2182, Version: 10017bed, Zeitstempel: 0x%6 Ausnahmecode: 0x%7 Fehleroffset: 0x%8 ID des fehlerhaften Prozesses: 0x%9 Startzeit der fehlerhaften Anwendung: 0xpprekop.exe0 Pfad der fehlerhaften Anwendung: pprekop.exe1 Pfad des fehlerhaften Moduls: pprekop.exe2 Berichtskennung: pprekop.exe3 Vollständiger Name des fehlerhaften Pakets: pprekop.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pprekop.exe5 Error: (10/22/2013 03:08:34 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.16408, Zeitstempel: 0x523d251b Name des fehlerhaften Moduls: DropboxExt64.22.dll, Version:, Zeitstempel: 0x522fb12c Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000008e77 ID des fehlerhaften Prozesses: 0xe64 Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0 Pfad der fehlerhaften Anwendung: Explorer.EXE1 Pfad des fehlerhaften Moduls: Explorer.EXE2 Berichtskennung: Explorer.EXE3 Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5 Error: (10/22/2013 02:06:35 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (10/22/2013 01:35:55 PM) (Source: Software Protection Platform Service) (User: ) Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode: hr=0x8007232B Befehlszeilenargumente: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable System errors: ============= Error: (10/28/2013 03:02:46 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (10/28/2013 03:02:46 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht. Error: (10/27/2013 06:24:47 PM) (Source: DCOM) (User: MASTER) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (10/27/2013 06:24:47 PM) (Source: DCOM) (User: MASTER) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (10/27/2013 06:24:47 PM) (Source: DCOM) (User: MASTER) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (10/27/2013 06:24:47 PM) (Source: DCOM) (User: MASTER) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (10/27/2013 00:42:13 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (10/27/2013 00:42:13 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht. Error: (10/23/2013 01:59:30 PM) (Source: volmgr) (User: ) Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen. Error: (10/23/2013 00:27:01 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: %%1062 Microsoft Office Sessions: ========================= Error: (10/26/2013 08:46:21 PM) (Source: Microsoft-Windows-CAPI2)(User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert Error: (10/23/2013 01:59:39 PM) (Source: ATIeRecord)(User: ) Description: Error: (10/23/2013 01:59:37 PM) (Source: ATIeRecord)(User: ) Description: Error: (10/23/2013 01:48:09 PM) (Source: Microsoft-Windows-CAPI2)(User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert Error: (10/22/2013 05:35:18 PM) (Source: Application Error)(User: ) Description: StarsHelper.exe1.0.0.84526344a8KERNELBASE.dll6.3.9600.16408523d4548e043435200012eeccc001cecf44640ca077C:\Users\H\Desktop\StarsHelper\StarsHelper.exeC:\Windows\SYSTEM32\KERNELBASE.dllef5f9854-3b37-11e3-8255-bc5ff42c75b4 Error: (10/22/2013 05:35:18 PM) (Source: .NET Runtime)(User: ) Description: Anwendung: StarsHelper.exe Frameworkversion: v4.0.30319 Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet. Ausnahmeinformationen: StarsHelper.Code.Helpers.Win32Exception Stapel: bei StarsHelper.Code.Monitor.ClientWin32.ReadFromMemory(Byte[], UInt32) bei StarsHelper.Code.Monitor.ClientWin32.ReadMemDWord(UInt32, UInt32 ByRef) bei StarsHelper.Code.Monitor.BridgeS.ErrorMonitorWorker() bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object) bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) bei System.Threading.ThreadHelper.ThreadStart() Error: (10/22/2013 03:18:21 PM) (Source: Application Error)(User: ) Description: pprekop.exe4.2.0.172ole32.dll5.1.2600.218210017bed Error: (10/22/2013 03:08:34 PM) (Source: Application Error)(User: ) Description: Explorer.EXE6.3.9600.16408523d251bDropboxExt64.22.dll1.0.0.22522fb12cc00000050000000000008e77e6401cecf2c24603b13C:\Windows\Explorer.EXEC:\Users\H\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll6f9675fa-3b23-11e3-8250-bc5ff42c75b4 Error: (10/22/2013 02:06:35 PM) (Source: SideBySide)(User: ) Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files (x86)\eBay\Turbo Lister2\Tl.exe Error: (10/22/2013 01:35:55 PM) (Source: Software Protection Platform Service)(User: ) Description: hr=0x8007232BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable ==================== Memory info =========================== Percentage of memory in use: 22% Total physical RAM: 8079.56 MB Available physical RAM: 6283.43 MB Total Pagefile: 9999.56 MB Available Pagefile: 6201.51 MB Total Virtual: 131072 MB Available Virtual: 131071.79 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:118.9 GB) (Free:81.71 GB) NTFS Drive d: (Speicher) (Fixed) (Total:1863.01 GB) (Free:353.69 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 3F122403) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 8E05A398) Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS) ==================== End Of Log ============================ Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-10-2013 Ran by H (administrator) on MASTER on 28-10-2013 15:07:07 Running from C:\Users\H\Downloads Windows 8.1 Pro (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (AVAST Software) C:\Program Files\Avast\AvastSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Windows\system32\dashost.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20279_x64__8wekyb3d8bbwe\LiveComm.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\skydrive.exe (AVAST Software) C:\Program Files\Avast\avastui.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\WinStore\WSHost.exe (Microsoft Corporation) C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16384_none_fa1dc1539b4180d8\TiWorker.exe (Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor) HKLM\...\Run: [HotKeysCmds] - "C:\Windows\system32\hkcmd.exe" Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20473504 2013-10-02] (Skype Technologies S.A.) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-26] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\Avast\avastui.exe [3567800 2013-10-22] (AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.) Startup: C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\H\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4D5B2BCB1FCFCE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.5 SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE.dll (AVAST Software) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] Chrome: ======= CHR Extension: (Google Docs) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (Turn Off the Lights) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\ CHR Extension: (YouTube) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\ CHR Extension: (Yet another flags) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmchcmgddbhmbkakammmklpoonoiiomk\ CHR Extension: (Video Downloader professional) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil\1.97.37_0 CHR Extension: (AdBlock) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.10_0 CHR Extension: (avast! Online Security) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0 CHR Extension: (BugMeNot Lite) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\0.3.10_0 CHR Extension: (YouTube To MP3) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjjhpfeabmdlgllokffpjgbijpkpfdp\1.1_0 CHR Extension: (Premiumize.me) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\lojbjecfjcnaledoelddkcjlifhhfebm\0.0.16_0 CHR Extension: (Google Dictionary (by Google)) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.19_0 CHR Extension: (Google Mail Checker) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\ CHR Extension: (Gmail) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Avast\WebRep\Chrome\aswWebRepChrome.crx ==================== Services (Whitelisted) ================= S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [533504 2013-09-14] (Microsoft Corporation) R3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [1302016 2013-09-24] (Microsoft Corporation) R2 avast! Antivirus; C:\Program Files\Avast\AvastSvc.exe [50344 2013-10-22] (AVAST Software) S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2013-08-22] (Microsoft Corporation) S3 lfsvc; C:\Windows\System32\GeofenceMonitorService.dll [491520 2013-08-31] (Microsoft Corporation) S4 MsKeyboardFilter; C:\Windows\System32\KeyboardFilterSvc.dll [90464 2013-08-23] (Microsoft Corporation) R3 NcbService; C:\Windows\System32\ncbservice.dll [151040 2013-08-22] (Microsoft Corporation) S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [130560 2013-08-22] (Microsoft Corporation) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.) S3 smphost; C:\Windows\System32\smphost.dll [13312 2013-08-22] (Microsoft Corporation) S3 vmicguestinterface; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [24576 2013-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1581568 2013-09-19] (Microsoft Corporation) R2 postgresql-x64-9.0; C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-x64-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w [x] ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [76800 2013-08-22] (Microsoft Corporation) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-22] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-22] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-22] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-22] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-22] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-10-22] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-22] () R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-09-19] (Microsoft Corporation) S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-08-23] (Microsoft Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [56672 2013-08-22] (Microsoft Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== NETSVC: lfsvc -> C:\Windows\System32\GeofenceMonitorService.dll (Microsoft Corporation) NETSVC: MsKeyboardFilter -> C:\Windows\System32\KeyboardFilterSvc.dll (Microsoft Corporation) ==================== One Month Created Files and Folders ======== 2013-10-28 15:07 - 2013-10-28 15:07 - 00000000 ____D C:\FRST 2013-10-28 15:06 - 2013-10-28 15:06 - 01956538 _____ (Farbar) C:\Users\H\Downloads\FRST64.exe 2013-10-28 15:05 - 2013-10-28 15:05 - 00377856 _____ C:\Users\H\Downloads\pwsjf110.exe 2013-10-27 18:28 - 2013-10-28 15:06 - 00034365 _____ C:\Windows\WindowsUpdate.log 2013-10-27 18:25 - 2013-10-27 18:25 - 00002982 _____ C:\Windows\PFRO.log 2013-10-27 18:22 - 2013-10-27 18:22 - 00000000 ____D C:\Users\H\Downloads\Rockchip_Batch_Tool_v1.7 2013-10-27 18:04 - 2013-10-27 18:04 - 00000000 ____D C:\ProgramData\WinterSoft 2013-10-27 18:03 - 2013-10-27 18:09 - 00000000 ____D C:\Users\H\Downloads\treiber 2013-10-27 18:03 - 2013-10-27 18:06 - 00000000 ____D C:\ProgramData\Diownloada keeoPearr 2013-10-27 18:03 - 2013-10-27 18:06 - 00000000 ____D C:\ProgramData\88e5f17f07f338ab 2013-10-27 18:02 - 2013-10-27 18:04 - 00000000 ____D C:\ProgramData\InstallMate 2013-10-27 17:44 - 2013-10-27 17:44 - 00000000 ____D C:\Users\H\Downloads\update_release03 2013-10-27 17:26 - 2013-10-27 17:44 - 283612513 _____ C:\Users\H\Downloads\update_release03.zip 2013-10-27 16:56 - 2013-10-27 16:56 - 40344091 _____ C:\Users\H\Downloads\mk808_mod.wmv 2013-10-27 16:09 - 2013-10-27 17:41 - 283608132 _____ C:\Users\H\Downloads\beta_JB_04.zip 2013-10-26 20:55 - 2013-10-26 20:55 - 00171522 _____ C:\Program Files (x86)\plugin.video.istream.ws (1).zip 2013-10-26 20:52 - 2013-10-26 20:52 - 00003998 _____ C:\Users\H\Desktop\XBMC.exe - Verknüpfung.lnk 2013-10-26 20:46 - 2013-10-26 20:57 - 00000000 ____D C:\Users\H\AppData\Roaming\XBMC 2013-10-26 20:46 - 2013-10-26 20:46 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC 2013-10-26 20:46 - 2013-10-26 20:46 - 00000000 ____D C:\Program Files (x86)\XBMC 2013-10-26 20:46 - 2010-05-26 10:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2013-10-26 20:46 - 2010-05-26 10:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2013-10-26 20:43 - 2013-10-26 20:44 - 51965718 _____ C:\Users\H\Downloads\xbmc-12.2.exe 2013-10-24 19:32 - 2013-10-26 00:03 - 00000000 ____D C:\Users\H\Desktop\GesundheitsÖko 2013-10-24 12:03 - 2013-10-24 12:03 - 08354171 _____ C:\Users\H\Downloads\Frauentausch mit bvb fan uwe Video - Protofex - MyVideo.flv 2013-10-23 13:51 - 2013-10-23 13:51 - 00003704 _____ C:\Windows\System32\Tasks\Java Update Scheduler 2013-10-23 13:48 - 2013-10-23 13:48 - 00000000 ____D C:\Users\H\AppData\Roaming\TuneUp Software 2013-10-23 13:47 - 2013-10-23 13:48 - 00000000 ____D C:\ProgramData\TuneUp Software 2013-10-23 13:29 - 2013-10-23 13:50 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2013-10-23 13:21 - 2013-10-23 13:21 - 00000000 ____D C:\Windows\LastGood.Tmp 2013-10-22 23:18 - 2013-10-22 23:18 - 00015435 _____ C:\Users\H\Downloads\psid_2007_comp_meth.zip 2013-10-22 23:12 - 2013-10-22 23:12 - 00027978 _____ C:\Users\H\Downloads\GLUCKSY.zip 2013-10-22 17:20 - 2013-10-22 17:20 - 00000890 _____ C:\Users\H\Desktop\Downloads - Verknüpfung.lnk 2013-10-22 16:42 - 2013-10-22 16:42 - 00001058 _____ C:\Users\H\Desktop\StarsHelper.lnk 2013-10-22 16:39 - 2013-10-27 18:24 - 00000000 ____D C:\Users\H\AppData\Roaming\KeePass 2013-10-22 16:37 - 2013-10-22 16:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-10-22 16:31 - 2013-10-22 16:31 - 00000000 ____D C:\Program Files (x86)\Browny02 2013-10-22 16:31 - 2013-10-22 16:31 - 00000000 ____D C:\Program Files (x86)\Brother 2013-10-22 16:31 - 2013-10-22 16:31 - 00000000 ____D C:\Brother 2013-10-22 16:31 - 2012-06-05 07:59 - 00025299 _____ (Brother Industries, Ltd) C:\Windows\SysWOW64\BRLM03A.DLL 2013-10-22 16:31 - 2010-05-10 09:45 - 00103736 _____ (Brother Industries Ltd) C:\Windows\SysWOW64\BRRBTOOL.EXE 2013-10-22 16:31 - 2010-02-05 03:42 - 00180224 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BROSNMP.DLL 2013-10-22 16:31 - 2005-01-17 08:10 - 00045056 _____ C:\Windows\SysWOW64\BRTCPCON.DLL 2013-10-22 16:31 - 2004-08-09 08:00 - 00000114 _____ C:\Windows\SysWOW64\BRLMW03A.INI 2013-10-22 16:31 - 2004-08-09 07:42 - 00077824 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BRLMW03A.DLL 2013-10-22 16:31 - 1999-10-26 17:00 - 00000050 _____ C:\Windows\system32\BRADM10A.DAT 2013-10-22 16:30 - 2013-10-22 16:31 - 00000000 ____D C:\ProgramData\Brother 2013-10-22 16:30 - 2013-10-22 16:30 - 00000000 ____D C:\Users\H\AppData\Roaming\InstallShield 2013-10-22 16:22 - 2013-10-22 16:22 - 00000000 ____D C:\ProgramData\Canneverbe Limited 2013-10-22 16:21 - 2013-10-22 16:21 - 00000000 ____D C:\Users\H\AppData\Roaming\OpenOffice 2013-10-22 16:19 - 2013-10-22 16:19 - 00000000 ____D C:\Program Files\7-Zip 2013-10-22 16:14 - 2013-10-22 16:15 - 00000000 ____D C:\Users\H\Documents\Calibre-Bibliothek 2013-10-22 16:14 - 2013-10-22 16:15 - 00000000 ____D C:\Users\H\AppData\Roaming\calibre 2013-10-22 16:14 - 2013-10-22 16:14 - 00000000 ____D C:\Users\H\AppData\Local\calibre-cache 2013-10-22 16:11 - 2013-10-27 18:07 - 00000000 ____D C:\Users\H\AppData\Roaming\Media Player Classic 2013-10-22 15:57 - 2013-10-22 15:57 - 00000000 ____D C:\Users\H\AppData\Local\StarsHelper 2013-10-22 15:55 - 2013-10-22 15:55 - 00000956 _____ C:\Users\H\Desktop\Audio Converter.lnk 2013-10-22 15:55 - 2013-10-22 15:55 - 00000000 ____D C:\Program Files (x86)\Tools 2013-10-22 15:53 - 2013-10-22 15:55 - 30100565 _____ C:\Program Files (x86)\AudioConverterTools.ZIP 2013-10-22 15:33 - 2013-10-23 13:59 - 00000000 ____D C:\Users\postgres 2013-10-22 15:33 - 2013-10-22 16:42 - 00000000 ____D C:\Users\H\Desktop\StarsHelper 2013-10-22 15:33 - 2013-10-22 15:33 - 00000020 ___SH C:\Users\postgres\ntuser.ini 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Vorlagen 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Startmenü 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Netzwerkumgebung 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Lokale Einstellungen 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Eigene Dateien 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Druckumgebung 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Documents\Eigene Musik 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Documents\Eigene Bilder 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\AppData\Local\Verlauf 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\AppData\Local\Anwendungsdaten 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Anwendungsdaten 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Users\H\Desktop\Uni 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Users\H\Desktop\Txt 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Users\H\Desktop\Musik 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Program Files\PostgreSQL 2013-10-22 15:33 - 2013-10-22 14:05 - 00000000 ____D C:\Users\postgres\AppData\Roaming\Macromedia 2013-10-22 15:33 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-10-22 15:33 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-10-22 15:33 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2013-10-22 15:33 - 2013-08-22 16:36 - 00000000 ____D C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-10-22 15:32 - 2013-10-22 23:50 - 00000138 _____ C:\Users\H\Desktop\Amazon Gutscheine.txt 2013-10-22 15:32 - 2012-11-07 00:13 - 04983296 _____ C:\Program Files (x86)\AudioConverter.exe 2013-10-22 15:31 - 2013-10-27 18:25 - 00036352 ___SH C:\Users\H\Desktop\Thumbs.db 2013-10-22 15:31 - 2013-10-22 11:47 - 00006094 _____ C:\Program Files (x86)\Keepass.kdbx 2013-10-22 15:31 - 2013-10-21 21:31 - 00000147 _____ C:\Users\H\Desktop\Neues Textdokument.txt 2013-10-22 15:31 - 2013-10-18 17:43 - 00014741 _____ C:\Users\H\Desktop\Bankgebühren.odt 2013-10-22 15:31 - 2013-10-16 12:39 - 00000112 _____ C:\Users\H\Desktop\Neues Textdokument (2).txt 2013-10-22 15:31 - 2012-10-28 12:22 - 00001346 _____ C:\Users\H\Desktop\Herunterfahren.lnk 2013-10-22 15:28 - 2013-10-22 15:49 - 00000000 ____D C:\Users\H\AppData\Local\PokerTracker 4 2013-10-22 15:28 - 2013-10-22 15:28 - 00005002 _____ C:\ProgramData\flwjycbm.bab 2013-10-22 15:28 - 2013-10-22 15:28 - 00001090 _____ C:\Users\H\Desktop\PokerTracker 4.lnk 2013-10-22 15:28 - 2013-10-22 15:28 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4 2013-10-22 15:27 - 2013-10-26 18:10 - 00000000 ____D C:\Program Files (x86)\PokerTracker 4 2013-10-22 15:23 - 2013-10-22 15:23 - 00000814 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\William Hill Poker.lnk 2013-10-22 15:23 - 2013-10-22 15:23 - 00000784 _____ C:\Users\H\Desktop\William Hill Poker.lnk 2013-10-22 15:22 - 2013-10-22 15:49 - 00000000 ____D C:\Users\H\AppData\Local\FullTiltPoker.eu 2013-10-22 15:22 - 2013-10-22 15:22 - 00000000 ____D C:\Users\H\AppData\Local\cache 2013-10-22 15:21 - 2013-10-22 17:38 - 00000000 ____D C:\Program Files (x86)\Full Tilt Poker.Eu 2013-10-22 15:21 - 2013-10-22 15:21 - 00001094 _____ C:\Users\Public\Desktop\Full Tilt Poker.Eu.lnk 2013-10-22 15:20 - 2013-10-22 15:20 - 00000751 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Poker 770.lnk 2013-10-22 15:20 - 2013-10-22 15:20 - 00000721 _____ C:\Users\H\Desktop\Poker 770.lnk 2013-10-22 15:19 - 2013-10-26 22:58 - 00000000 ____D C:\Users\H\AppData\Local\PokerStars.EU 2013-10-22 15:19 - 2013-10-22 16:22 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU 2013-10-22 15:19 - 2013-10-22 15:19 - 00001100 _____ C:\Users\Public\Desktop\PokerStars.eu.lnk 2013-10-22 15:18 - 2013-10-22 15:23 - 00000000 ____D C:\Poker 2013-10-22 15:18 - 2013-10-22 15:21 - 00000772 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winner Poker.lnk 2013-10-22 15:18 - 2013-10-22 15:21 - 00000742 _____ C:\Users\H\Desktop\Winner Poker.lnk 2013-10-22 15:18 - 2013-10-22 15:18 - 00001713 _____ C:\Users\H\Desktop\partypoker.lnk 2013-10-22 15:18 - 2013-10-22 15:18 - 00000000 ____D C:\Users\H\AppData\Roaming\Party 2013-10-22 15:18 - 2013-10-22 15:18 - 00000000 ____D C:\Users\H\AppData\Roaming\cef-cache 2013-10-22 15:17 - 2013-10-22 15:17 - 00000000 ____D C:\Program Files (x86)\Partypoker 2013-10-22 14:53 - 2013-10-22 14:53 - 00000000 ____D C:\Program Files\ffdshow 2013-10-22 14:52 - 2013-10-24 17:18 - 00000000 ____D C:\Users\H\AppData\Local\JDownloader 2.0 2013-10-22 14:52 - 2013-10-22 14:52 - 00002099 _____ C:\Users\H\Desktop\JDownloader 2.lnk 2013-10-22 14:52 - 2013-10-22 14:52 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader 2013-10-22 14:46 - 2013-10-22 14:46 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2013-10-22 14:45 - 2013-10-22 14:45 - 00000000 ____D C:\Users\H\Documents\ProcAlyzer Dumps 2013-10-22 14:43 - 2013-10-22 14:43 - 00005900 _____ C:\Users\H\Desktop\install.txt 2013-10-22 14:38 - 2013-10-22 14:39 - 00000000 ___RD C:\Windows\BrowserChoice 2013-10-22 14:38 - 2013-10-22 14:38 - 00000000 ____D C:\Program Files\Intel 2013-10-22 14:31 - 2013-10-22 14:31 - 00001132 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk 2013-10-22 14:31 - 2013-10-22 14:31 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4 2013-10-22 14:30 - 2013-10-22 14:30 - 00000000 ____D C:\Program Files (x86)\Biet-O-Matic 2013-10-22 14:30 - 2003-01-07 01:22 - 00015873 _____ C:\Windows\SysWOW64\Inetde.dll 2013-10-22 14:30 - 2000-12-05 22:00 - 00109248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mswinsck.ocx 2013-10-22 14:30 - 2000-10-01 22:00 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb6de.dll 2013-10-22 14:30 - 2000-05-22 14:58 - 00115920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx 2013-10-22 14:30 - 2000-05-21 22:00 - 01066176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mscomctl.ocx 2013-10-22 14:30 - 2000-04-03 18:06 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winskde.dll 2013-10-22 14:30 - 2000-04-03 18:05 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstdfmt.dll 2013-10-22 14:30 - 1999-07-14 12:07 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stdftde.dll 2013-10-22 14:30 - 1998-07-05 22:00 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mscmcde.dll 2013-10-22 14:30 - 1998-07-05 22:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctde.dll 2013-10-22 14:30 - 1998-06-23 22:00 - 00209192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctl32.ocx 2013-10-22 14:29 - 2013-10-22 17:40 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2013-10-22 14:29 - 2013-09-20 09:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2013-10-22 14:28 - 2013-10-22 14:46 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-10-22 14:26 - 2013-10-22 14:26 - 00000000 ____D C:\Program Files\Tracker Software 2013-10-22 14:24 - 2013-10-22 14:39 - 00000000 ____D C:\Users\H\AppData\Roaming\Skype 2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ____D C:\ProgramData\Skype 2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2013-10-22 14:23 - 2013-10-22 14:23 - 00000000 ____D C:\Program Files (x86)\Veetle 2013-10-22 14:22 - 2013-10-22 17:19 - 00000000 ____D C:\Users\H\AppData\Roaming\Winamp 2013-10-22 14:22 - 2013-10-22 14:22 - 00000995 _____ C:\Users\Public\Desktop\Winamp.lnk 2013-10-22 14:22 - 2013-10-22 14:22 - 00000000 ____D C:\Program Files (x86)\Winamp 2013-10-22 14:21 - 2013-10-22 14:21 - 00002764 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2013-10-22 14:21 - 2013-10-22 14:21 - 00000000 ____D C:\Program Files\CCleaner 2013-10-22 14:19 - 2013-10-22 14:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-10-22 14:19 - 2013-10-22 14:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-10-22 14:19 - 2013-10-22 14:19 - 00000000 ____D C:\Users\H\AppData\Roaming\Malwarebytes 2013-10-22 14:18 - 2013-10-22 14:18 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-10-22 14:18 - 2013-10-22 14:18 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-22 14:18 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-10-22 14:17 - 2013-10-22 14:17 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2 2013-10-22 14:16 - 2013-10-22 14:16 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-10-22 14:16 - 2013-10-22 14:16 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-10-22 14:16 - 2013-10-22 14:16 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-10-22 14:16 - 2013-10-22 14:16 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-22 14:16 - 2013-10-22 14:16 - 00000000 ____D C:\ProgramData\Sun 2013-10-22 14:16 - 2013-10-22 14:16 - 00000000 ____D C:\Program Files (x86)\Java 2013-10-22 14:15 - 2013-10-22 14:16 - 00000000 ____D C:\ProgramData\Oracle 2013-10-22 14:15 - 2013-10-22 14:15 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2013-10-22 14:15 - 2013-10-22 14:15 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2013-10-22 14:15 - 2013-10-22 14:15 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2013-10-22 14:15 - 2013-10-22 14:15 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2013-10-22 14:15 - 2013-10-22 14:15 - 00000000 ____D C:\Program Files\Java 2013-10-22 14:15 - 2013-10-22 14:15 - 00000000 ____D C:\Program Files\Image Resizer for Windows 2013-10-22 14:15 - 2013-10-22 14:15 - 00000000 ____D C:\Program Files (x86)\Image Resizer for Windows 2013-10-22 14:14 - 2013-10-22 14:14 - 00001714 _____ C:\Users\H\Desktop\MPC-HC x64.lnk 2013-10-22 14:14 - 2013-10-22 14:14 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2013-10-22 14:14 - 2013-10-22 14:14 - 00000000 ____D C:\Program Files\MPC-HC 2013-10-22 14:14 - 2013-10-22 14:14 - 00000000 ____D C:\Program Files (x86)\Haali 2013-10-22 14:13 - 2013-10-22 14:13 - 00002232 _____ C:\Users\Public\Desktop\Google Earth.lnk 2013-10-22 14:11 - 2013-10-22 14:39 - 00000000 ____D C:\Users\H\AppData\Roaming\Dropbox 2013-10-22 14:11 - 2013-10-22 14:11 - 00001965 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk 2013-10-22 14:11 - 2013-10-22 14:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2013-10-22 14:11 - 2013-10-22 14:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Canneverbe Limited 2013-10-22 14:11 - 2013-10-22 14:11 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP 2013-10-22 14:10 - 2013-10-22 14:39 - 00000000 ____D C:\Program Files\Avast 2013-10-22 14:10 - 2013-10-22 14:10 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2013-10-22 14:10 - 2013-10-22 14:10 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2013-10-22 14:10 - 2013-10-22 14:10 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00000000 ____D C:\Users\H\AppData\Roaming\AVAST Software 2013-10-22 14:10 - 2013-10-22 14:10 - 00000000 ____D C:\Program Files\Calibre2 2013-10-22 14:09 - 2013-10-22 14:09 - 00000000 ____D C:\ProgramData\AVAST Software 2013-10-22 14:06 - 2013-10-22 14:06 - 00000394 _____ C:\InstallHelper.log 2013-10-22 14:06 - 2013-10-22 14:06 - 00000000 ____D C:\Windows\SysWOW64\Adobe 2013-10-22 14:06 - 2013-10-22 14:06 - 00000000 ____D C:\ProgramData\eBay 2013-10-22 14:06 - 2013-10-22 14:06 - 00000000 ____D C:\Program Files (x86)\eBay 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Users\H\AppData\Local\Adobe 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\ProgramData\Adobe 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-10-22 13:59 - 2013-10-22 14:42 - 00000000 ____D C:\Windows\Panther 2013-10-22 13:44 - 2013-09-26 13:08 - 00707560 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll 2013-10-22 13:44 - 2013-09-26 12:21 - 23213568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-10-22 13:44 - 2013-09-26 11:09 - 17143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-10-22 13:44 - 2013-09-26 10:37 - 02763776 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-10-22 13:44 - 2013-09-26 10:20 - 00556032 _____ (Microsoft Corporation) C:\Windows\system32\recimg.exe 2013-10-22 13:44 - 2013-09-26 09:46 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-10-22 13:44 - 2013-09-26 09:35 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-10-22 13:44 - 2013-09-26 09:24 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-10-22 13:44 - 2013-09-26 09:23 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-10-22 13:44 - 2013-09-26 08:58 - 12996096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-10-22 13:44 - 2013-09-26 08:42 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-10-22 13:44 - 2013-09-26 08:39 - 13172736 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2013-10-22 13:44 - 2013-09-26 08:37 - 11670528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2013-10-22 13:44 - 2013-09-26 08:32 - 00638464 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll 2013-10-22 13:44 - 2013-09-26 08:21 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-10-22 13:44 - 2013-09-26 08:14 - 00528896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll 2013-10-22 13:44 - 2013-09-26 08:03 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe 2013-10-22 13:44 - 2013-09-26 07:54 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-10-22 13:44 - 2013-09-26 07:52 - 00476672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe 2013-10-22 13:44 - 2013-09-26 07:51 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll 2013-10-22 13:44 - 2013-09-26 07:47 - 04079104 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll 2013-10-22 13:44 - 2013-09-26 07:47 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-10-22 13:44 - 2013-09-26 07:40 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-10-22 13:44 - 2013-09-26 07:37 - 02616832 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-10-22 13:44 - 2013-09-26 07:36 - 00867840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll 2013-10-22 13:44 - 2013-09-26 07:35 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll 2013-10-22 13:44 - 2013-09-26 07:34 - 02295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-10-22 13:44 - 2013-09-26 07:34 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\MrmIndexer.dll 2013-10-22 13:44 - 2013-09-26 07:34 - 00515072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmIndexer.dll 2013-10-22 13:44 - 2013-09-26 07:32 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll 2013-10-22 13:44 - 2013-09-26 07:30 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll 2013-10-22 13:44 - 2013-09-26 07:25 - 00560128 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe 2013-10-22 13:44 - 2013-09-25 11:25 - 00783504 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll 2013-10-22 13:44 - 2013-09-25 09:58 - 00648648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll 2013-10-22 13:44 - 2013-09-25 08:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll 2013-10-22 13:44 - 2013-09-25 06:40 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\windows.immersiveshell.serviceprovider.dll 2013-10-22 13:44 - 2013-09-24 11:12 - 00258904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys 2013-10-22 13:44 - 2013-09-24 07:55 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe 2013-10-22 13:44 - 2013-09-24 06:59 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe 2013-10-22 13:44 - 2013-09-24 06:54 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll 2013-10-22 13:44 - 2013-09-24 06:10 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll 2013-10-22 13:44 - 2013-09-24 06:05 - 01245696 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2013-10-22 13:44 - 2013-09-24 06:05 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll 2013-10-22 13:44 - 2013-09-24 06:00 - 01147904 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll 2013-10-22 13:44 - 2013-09-24 05:35 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll 2013-10-22 13:44 - 2013-09-24 05:27 - 00919552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll 2013-10-22 13:44 - 2013-09-24 04:56 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll 2013-10-22 13:44 - 2013-09-24 04:50 - 01302016 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2013-10-22 13:44 - 2013-09-23 08:58 - 21195128 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2013-10-22 13:44 - 2013-09-23 07:13 - 18640456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-10-22 13:44 - 2013-09-23 03:39 - 02800640 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2013-10-22 13:44 - 2013-09-23 03:25 - 01019392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2013-10-22 13:44 - 2013-09-23 02:46 - 00409088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-10-22 13:44 - 2013-09-23 02:42 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll 2013-10-22 13:44 - 2013-09-21 13:10 - 00579416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys 2013-10-22 13:44 - 2013-09-21 13:10 - 00236376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2013-10-22 13:44 - 2013-09-21 13:10 - 00151384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys 2013-10-22 13:44 - 2013-09-21 12:50 - 01286552 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2013-10-22 13:44 - 2013-09-21 12:50 - 00528048 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2013-10-22 13:44 - 2013-09-21 12:48 - 00700352 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2013-10-22 13:44 - 2013-09-21 12:48 - 00534048 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2013-10-22 13:44 - 2013-09-21 12:48 - 00358384 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll 2013-10-22 13:44 - 2013-09-21 12:48 - 00123480 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll 2013-10-22 13:44 - 2013-09-21 12:18 - 01109936 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2013-10-22 13:44 - 2013-09-21 12:05 - 00136536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2013-10-22 13:44 - 2013-09-21 12:04 - 00419160 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2013-10-22 13:44 - 2013-09-21 12:04 - 00086872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys 2013-10-22 13:44 - 2013-09-21 11:56 - 02555224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-10-22 13:44 - 2013-09-21 11:56 - 01119576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2013-10-22 13:44 - 2013-09-21 11:56 - 00101208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-10-22 13:44 - 2013-09-21 11:54 - 02328328 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2013-10-22 13:44 - 2013-09-21 11:53 - 02131120 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2013-10-22 13:44 - 2013-09-21 11:53 - 01928656 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll 2013-10-22 13:44 - 2013-09-21 11:53 - 01534504 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2013-10-22 13:44 - 2013-09-21 11:53 - 00996320 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll 2013-10-22 13:44 - 2013-09-21 11:53 - 00934856 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll 2013-10-22 13:44 - 2013-09-21 11:53 - 00482456 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2013-10-22 13:44 - 2013-09-21 11:53 - 00366688 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll 2013-10-22 13:44 - 2013-09-21 11:53 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2013-10-22 13:44 - 2013-09-21 11:51 - 01720552 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-10-22 13:44 - 2013-09-21 11:45 - 00171968 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-10-22 13:44 - 2013-09-21 10:37 - 02065960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2013-10-22 13:44 - 2013-09-21 10:23 - 00578952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2013-10-22 13:44 - 2013-09-21 10:23 - 00427096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2013-10-22 13:44 - 2013-09-21 10:23 - 00098104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll 2013-10-22 13:44 - 2013-09-21 10:12 - 01370800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll 2013-10-22 13:44 - 2013-09-21 10:12 - 01092896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2013-10-22 13:44 - 2013-09-21 10:09 - 02142424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2013-10-22 13:44 - 2013-09-21 10:09 - 01472048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-10-22 13:44 - 2013-09-21 10:09 - 00796928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll 2013-10-22 13:44 - 2013-09-21 10:09 - 00382224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2013-10-22 13:44 - 2013-09-21 10:09 - 00312936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll 2013-10-22 13:44 - 2013-09-21 09:01 - 04191744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-10-22 13:44 - 2013-09-21 08:58 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2013-10-22 13:44 - 2013-09-21 08:57 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2013-10-22 13:44 - 2013-09-21 08:56 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2013-10-22 13:44 - 2013-09-21 08:55 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys 2013-10-22 13:44 - 2013-09-21 08:50 - 00240128 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2013-10-22 13:44 - 2013-09-21 08:38 - 18576896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2013-10-22 13:44 - 2013-09-21 08:17 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe 2013-10-22 13:44 - 2013-09-21 08:06 - 13925888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2013-10-22 13:44 - 2013-09-21 08:05 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2013-10-22 13:44 - 2013-09-21 07:57 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2013-10-22 13:44 - 2013-09-21 07:55 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2013-10-22 13:44 - 2013-09-21 07:33 - 11366912 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll 2013-10-22 13:44 - 2013-09-21 07:27 - 00911872 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll 2013-10-22 13:44 - 2013-09-21 07:06 - 01415168 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-10-22 13:44 - 2013-09-21 07:01 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll 2013-10-22 13:44 - 2013-09-21 07:00 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2013-10-22 13:44 - 2013-09-21 06:59 - 00940544 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2013-10-22 13:44 - 2013-09-21 06:58 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2013-10-22 13:44 - 2013-09-21 06:57 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\livessp.dll 2013-10-22 13:44 - 2013-09-21 06:56 - 08712704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll 2013-10-22 13:44 - 2013-09-21 06:50 - 00767488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll 2013-10-22 13:44 - 2013-09-21 06:45 - 01102336 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-10-22 13:44 - 2013-09-21 06:43 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll 2013-10-22 13:44 - 2013-09-21 06:38 - 00365568 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2013-10-22 13:44 - 2013-09-21 06:37 - 00101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-10-22 13:44 - 2013-09-21 06:36 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll 2013-10-22 13:44 - 2013-09-21 06:34 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll 2013-10-22 13:44 - 2013-09-21 06:31 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2013-10-22 13:44 - 2013-09-21 06:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll 2013-10-22 13:44 - 2013-09-21 06:25 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll 2013-10-22 13:44 - 2013-09-21 06:20 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll 2013-10-22 13:44 - 2013-09-21 06:16 - 01503232 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2013-10-22 13:44 - 2013-09-21 06:13 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll 2013-10-22 13:44 - 2013-09-21 06:10 - 12028416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2013-10-22 13:44 - 2013-09-21 06:09 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll 2013-10-22 13:44 - 2013-09-21 06:08 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll 2013-10-22 13:44 - 2013-09-21 06:05 - 08875008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2013-10-22 13:44 - 2013-09-21 06:02 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll 2013-10-22 13:44 - 2013-09-21 05:58 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll 2013-10-22 13:44 - 2013-09-21 05:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll 2013-10-22 13:44 - 2013-09-21 05:49 - 04975104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll 2013-10-22 13:44 - 2013-09-21 05:48 - 07544320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll 2013-10-22 13:44 - 2013-09-21 05:45 - 02569728 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll 2013-10-22 13:44 - 2013-09-21 05:45 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll 2013-10-22 13:44 - 2013-09-21 05:44 - 01662464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll 2013-10-22 13:44 - 2013-09-21 05:42 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll 2013-10-22 13:44 - 2013-09-21 05:39 - 01455616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll 2013-10-22 13:44 - 2013-09-21 05:38 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll 2013-10-22 13:44 - 2013-09-21 05:38 - 00102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll 2013-10-22 13:44 - 2013-09-21 05:37 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll 2013-10-22 13:44 - 2013-09-21 05:36 - 01185280 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll 2013-10-22 13:44 - 2013-09-19 16:25 - 00039768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys 2013-10-22 13:44 - 2013-09-19 08:19 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersRes.dll 2013-10-22 13:44 - 2013-09-19 07:39 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll 2013-10-22 13:44 - 2013-09-19 07:27 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe 2013-10-22 13:44 - 2013-09-19 07:23 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WorkFoldersRes.dll 2013-10-22 13:44 - 2013-09-19 07:17 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx 2013-10-22 13:44 - 2013-09-19 06:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.dll 2013-10-22 13:44 - 2013-09-19 06:43 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll 2013-10-22 13:44 - 2013-09-19 06:30 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll 2013-10-22 13:44 - 2013-09-19 06:29 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx 2013-10-22 13:44 - 2013-09-19 06:08 - 01150976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2013-10-22 13:44 - 2013-09-19 06:01 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll 2013-10-22 13:44 - 2013-09-19 05:49 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll 2013-10-22 13:44 - 2013-09-19 05:37 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll 2013-10-22 13:44 - 2013-09-19 05:32 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll 2013-10-22 13:44 - 2013-09-19 05:27 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll 2013-10-22 13:44 - 2013-09-19 05:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll 2013-10-22 13:44 - 2013-09-19 05:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll 2013-10-22 13:44 - 2013-09-19 05:25 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2013-10-22 13:44 - 2013-09-19 05:11 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll 2013-10-22 13:44 - 2013-09-19 05:10 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll 2013-10-22 13:44 - 2013-09-19 04:59 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll 2013-10-22 13:44 - 2013-09-19 04:55 - 00552448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll 2013-10-22 13:44 - 2013-09-19 04:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2013-10-22 13:44 - 2013-09-19 04:32 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll 2013-10-22 13:44 - 2013-09-19 04:29 - 01581568 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll 2013-10-22 13:44 - 2013-09-17 10:18 - 00467800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS 2013-10-22 13:44 - 2013-09-17 07:58 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2013-10-22 13:44 - 2013-09-17 06:26 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2013-10-22 13:44 - 2013-09-17 06:15 - 01225728 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll 2013-10-22 13:44 - 2013-09-17 06:00 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll 2013-10-22 13:44 - 2013-09-17 05:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll 2013-10-22 13:44 - 2013-09-17 05:08 - 00738304 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll 2013-10-22 13:44 - 2013-09-17 04:28 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll 2013-10-22 13:44 - 2013-09-14 15:06 - 07401304 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-10-22 13:44 - 2013-09-14 15:06 - 00175960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VerifierExt.sys 2013-10-22 13:44 - 2013-09-14 15:06 - 00066904 _____ (Microsoft Corporation) C:\Windows\system32\PSHED.DLL 2013-10-22 13:44 - 2013-09-14 12:39 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2013-10-22 13:44 - 2013-09-14 12:38 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys 2013-10-22 13:44 - 2013-09-14 09:35 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll 2013-10-22 13:44 - 2013-09-13 13:24 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2013-10-22 13:44 - 2013-09-13 13:14 - 00872328 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2013-10-22 13:44 - 2013-09-13 11:52 - 00698232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2013-10-22 13:44 - 2013-09-13 10:52 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\SensorsClassExtension.dll 2013-10-22 13:44 - 2013-09-13 09:54 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll 2013-10-22 13:44 - 2013-09-13 09:10 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll 2013-10-22 13:44 - 2013-09-13 08:55 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll 2013-10-22 13:44 - 2013-09-13 08:30 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2013-10-22 13:44 - 2013-09-13 08:28 - 03524096 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2013-10-22 13:44 - 2013-09-12 13:33 - 06353952 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2013-10-22 13:44 - 2013-09-12 08:37 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll 2013-10-22 13:44 - 2013-09-11 13:46 - 00371032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys 2013-10-22 13:44 - 2013-09-11 10:31 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys 2013-10-22 13:44 - 2013-09-11 10:31 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2013-10-22 13:44 - 2013-09-11 08:41 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll 2013-10-22 13:44 - 2013-09-11 08:09 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll 2013-10-22 13:44 - 2013-09-10 04:39 - 06639104 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2013-10-22 13:44 - 2013-09-10 04:39 - 05769728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2013-10-22 13:44 - 2013-09-07 17:12 - 00458616 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2013-10-22 13:44 - 2013-09-07 17:12 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2013-10-22 13:44 - 2013-09-07 15:45 - 00408480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2013-10-22 13:44 - 2013-09-07 15:45 - 00368736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll 2013-10-22 13:44 - 2013-09-07 13:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\fdprint.dll 2013-10-22 13:44 - 2013-09-07 13:29 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll 2013-10-22 13:44 - 2013-09-07 13:00 - 00256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdprint.dll 2013-10-22 13:44 - 2013-09-07 12:50 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll 2013-10-22 13:44 - 2013-09-07 12:45 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll 2013-10-22 13:44 - 2013-09-07 12:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll 2013-10-22 13:44 - 2013-09-07 12:25 - 01160704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll 2013-10-22 13:44 - 2013-09-07 12:22 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll 2013-10-22 13:44 - 2013-09-07 12:13 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll 2013-10-22 13:44 - 2013-09-07 12:11 - 00762368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll 2013-10-22 13:44 - 2013-09-07 12:07 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\TetheringMgr.dll 2013-10-22 13:44 - 2013-09-07 11:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll 2013-10-22 13:44 - 2013-09-07 11:51 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll 2013-10-22 13:44 - 2013-09-05 08:39 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys 2013-10-22 13:44 - 2013-09-05 07:42 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe 2013-10-22 13:44 - 2013-09-05 06:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Utilman.exe 2013-10-22 13:44 - 2013-09-05 05:58 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll 2013-10-22 13:44 - 2013-09-05 05:39 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll 2013-10-22 13:44 - 2013-09-04 08:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll 2013-10-22 13:44 - 2013-09-04 07:16 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll 2013-10-22 13:44 - 2013-09-04 06:47 - 00492032 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll 2013-10-22 13:44 - 2013-09-04 06:45 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\miutils.dll 2013-10-22 13:44 - 2013-09-04 06:12 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\DscCoreConfProv.dll 2013-10-22 13:44 - 2013-09-04 06:04 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\miutils.dll 2013-10-22 13:44 - 2013-09-04 05:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\DscCore.dll 2013-10-22 13:44 - 2013-09-04 05:48 - 00326656 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll 2013-10-22 13:44 - 2013-09-04 05:35 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll 2013-10-22 13:44 - 2013-08-31 15:18 - 00205024 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll 2013-10-22 13:44 - 2013-08-31 13:15 - 00180232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll 2013-10-22 13:44 - 2013-08-31 13:04 - 00638464 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll 2013-10-22 13:44 - 2013-08-31 11:46 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll 2013-10-22 13:44 - 2013-08-31 11:00 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll 2013-10-22 13:44 - 2013-08-31 10:36 - 01231360 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll 2013-10-22 13:44 - 2013-08-31 10:25 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll 2013-10-22 13:44 - 2013-08-31 10:12 - 00888832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll 2013-10-22 13:44 - 2013-08-30 08:31 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll 2013-10-22 13:44 - 2013-08-28 09:03 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll 2013-10-22 13:44 - 2013-08-28 08:55 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe 2013-10-22 13:44 - 2013-08-28 08:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe 2013-10-22 13:44 - 2013-08-28 08:09 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\rdsdwmdr.dll 2013-10-22 13:44 - 2013-08-28 08:04 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll 2013-10-22 13:44 - 2013-08-27 08:44 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys 2013-10-22 13:44 - 2013-08-27 07:09 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll 2013-10-22 13:44 - 2013-08-27 06:42 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2013-10-22 13:44 - 2013-08-27 06:24 - 00813568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll 2013-10-22 13:44 - 2013-08-27 06:10 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-10-22 13:43 - 2013-09-29 10:22 - 01641496 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2013-10-22 13:43 - 2013-09-29 10:22 - 01506168 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2013-10-22 13:43 - 2013-09-29 10:22 - 01476184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2013-10-22 13:43 - 2013-09-29 10:22 - 01344984 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2013-10-22 13:41 - 2013-10-03 15:07 - 01537880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-10-22 13:41 - 2013-10-03 15:07 - 00382808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2013-10-22 13:41 - 2013-10-03 15:05 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2013-10-22 13:41 - 2013-10-03 15:05 - 00516496 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2013-10-22 13:41 - 2013-10-03 13:53 - 01765384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-10-22 13:41 - 2013-10-03 13:53 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2013-10-22 13:41 - 2013-10-03 10:29 - 02144768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2013-10-22 13:41 - 2013-10-03 10:16 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll 2013-10-22 13:41 - 2013-10-03 10:07 - 01765376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2013-10-22 13:41 - 2013-10-03 10:02 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll 2013-10-22 13:41 - 2013-10-02 12:00 - 01286552 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2013-10-22 13:41 - 2013-10-02 10:47 - 01018960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2013-10-22 13:41 - 2013-10-01 04:42 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll 2013-10-22 13:41 - 2013-10-01 04:36 - 00977408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll 2013-10-22 13:41 - 2013-05-02 16:29 - 00278800 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe Geändert von hotte83 (28.10.2013 um 16:36 Uhr) |
![]() | #4 |
![]() ![]() | ![]() Befall von Maleware nach Download (u.a. Serach.New.Tab). GMER meldet Rootkit FRST zweiter Teil: Code:
ATTFilter 2013-10-22 13:36 - 2013-10-22 13:36 - 00000000 ____D C:\Users\H\AppData\Roaming\ATI 2013-10-22 13:36 - 2013-10-22 13:36 - 00000000 ____D C:\Users\H\AppData\Local\ATI 2013-10-22 13:36 - 2013-10-22 13:36 - 00000000 ____D C:\ProgramData\ATI 2013-10-22 13:34 - 2013-10-22 13:34 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2013-10-22 13:34 - 2013-10-22 13:34 - 00000000 ____D C:\Program Files\Realtek 2013-10-22 13:34 - 2012-08-07 17:51 - 04102928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2013-10-22 13:34 - 2012-08-07 14:11 - 00329737 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2013-10-22 13:34 - 2012-08-06 14:44 - 01561744 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2013-10-22 13:34 - 2012-08-06 10:49 - 02743440 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2013-10-22 13:34 - 2012-08-03 17:18 - 01706640 ____N (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2013-10-22 13:34 - 2012-08-01 17:29 - 00109200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2013-10-22 13:34 - 2012-07-23 21:02 - 00626304 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll 2013-10-22 13:34 - 2012-07-23 21:02 - 00561792 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll 2013-10-22 13:34 - 2012-07-20 13:41 - 00880784 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2013-10-22 13:34 - 2012-07-19 15:52 - 02028920 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2013-10-22 13:34 - 2012-07-19 15:51 - 02080120 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2013-10-22 13:34 - 2012-07-19 15:51 - 00834936 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2013-10-22 13:34 - 2012-07-16 13:16 - 03643024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2013-10-22 13:34 - 2012-07-02 14:39 - 01264272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2013-10-22 13:34 - 2012-06-20 16:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2013-10-22 13:34 - 2012-06-08 15:23 - 00083072 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll 2013-10-22 13:34 - 2012-06-08 15:21 - 00897152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll 2013-10-22 13:34 - 2012-06-08 15:21 - 00753280 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll 2013-10-22 13:34 - 2012-04-10 13:40 - 02533952 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2013-10-22 13:34 - 2012-03-08 10:47 - 00202336 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2013-10-22 13:34 - 2012-03-08 10:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2013-10-22 13:34 - 2011-12-20 14:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2013-10-22 13:34 - 2011-11-22 15:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2013-10-22 13:34 - 2010-11-08 06:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2013-10-22 13:34 - 2010-11-08 06:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2013-10-22 13:34 - 2010-11-08 06:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2013-10-22 13:34 - 2010-11-08 06:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2013-10-22 13:34 - 2010-11-08 06:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2013-10-22 13:34 - 2010-11-08 06:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2013-10-22 13:34 - 2010-11-03 17:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2013-10-22 13:34 - 2010-10-15 18:20 - 02261764 _____ C:\Windows\system32\Drivers\rtvienna.dat 2013-10-22 13:34 - 2010-09-27 08:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2013-10-22 13:34 - 2009-11-24 08:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2013-10-22 13:34 - 2009-11-24 08:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2013-10-22 13:34 - 2009-11-24 08:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2013-10-22 13:34 - 2009-11-24 08:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2013-10-22 13:34 - 2009-11-18 06:12 - 00032344 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys 2013-10-22 13:28 - 2013-10-22 14:15 - 00000000 ____D C:\ProgramData\Package Cache 2013-10-22 13:28 - 2013-10-22 13:28 - 00061389 _____ C:\Windows\SysWOW64\CCCInstall_201310221428519465.log 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\ProgramData\AMD 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files\ATI 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files (x86)\ATI Technologies 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files (x86)\AMD AVT 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 _____ C:\Windows\ativpsrm.bin 2013-10-22 13:27 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files\ATI Technologies 2013-10-22 13:18 - 2013-10-22 13:18 - 00000000 ____D C:\Program Files (x86)\ASM106xSATA 2013-10-22 13:16 - 2013-10-22 16:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-10-22 13:16 - 2013-10-22 13:34 - 00000000 ____D C:\Program Files (x86)\Realtek 2013-10-22 13:16 - 2012-07-30 23:04 - 00690832 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys 2013-10-22 13:16 - 2012-07-30 23:04 - 00074344 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll 2013-10-22 13:15 - 2013-10-23 13:21 - 00000000 ____D C:\Program Files (x86)\Intel 2013-10-22 13:15 - 2012-09-14 08:59 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll 2013-10-22 13:12 - 2013-10-27 18:35 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4019318604-2835077012-2547861510-1001 2013-10-22 13:11 - 2013-10-28 15:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-22 13:11 - 2013-10-27 18:29 - 01686150 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-22 13:11 - 2013-10-27 18:16 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-22 13:11 - 2013-10-22 14:13 - 00000000 ____D C:\Users\H\AppData\Local\Google 2013-10-22 13:11 - 2013-10-22 14:13 - 00000000 ____D C:\Program Files (x86)\Google 2013-10-22 13:11 - 2013-10-22 13:11 - 00004086 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-10-22 13:11 - 2013-10-22 13:11 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-10-22 13:11 - 2013-10-22 13:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Macromedia 2013-10-22 13:07 - 2013-10-28 15:02 - 00000000 __RDO C:\Users\H\SkyDrive 2013-10-22 13:07 - 2013-10-22 13:07 - 00000000 ____D C:\Users\H\AppData\Local\PackageStaging 2013-10-22 13:06 - 2013-10-23 09:59 - 00000000 ____D C:\Users\H\AppData\Local\Packages 2013-10-22 13:06 - 2013-10-22 16:38 - 00000000 ____D C:\Users\H\AppData\Local\VirtualStore 2013-10-22 13:06 - 2013-10-22 14:39 - 00000000 ___RD C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-10-22 13:06 - 2013-10-22 14:39 - 00000000 ___RD C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-10-22 13:06 - 2013-10-22 14:05 - 00000000 ____D C:\Users\H\AppData\Roaming\Adobe 2013-10-22 13:06 - 2013-10-22 13:06 - 00001454 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-10-22 13:05 - 2013-10-23 13:59 - 00000000 ____D C:\Users\H 2013-10-22 13:05 - 2013-10-22 13:05 - 00000020 ___SH C:\Users\H\ntuser.ini 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Vorlagen 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Startmenü 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Netzwerkumgebung 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Lokale Einstellungen 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Eigene Dateien 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Druckumgebung 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Documents\Eigene Musik 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Documents\Eigene Bilder 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\AppData\Local\Verlauf 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\AppData\Local\Anwendungsdaten 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Anwendungsdaten 2013-10-22 13:05 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-10-22 13:05 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-10-22 13:05 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2013-10-22 13:05 - 2013-08-22 16:36 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-10-22 13:04 - 2013-10-22 13:04 - 00000000 ____D C:\Windows\CSC 2013-10-22 13:04 - 2013-09-29 05:08 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-10-22 13:04 - 2013-09-29 05:00 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll 2013-10-22 13:04 - 2013-09-29 04:50 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-10-22 13:04 - 2013-09-29 04:44 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll 2013-10-22 13:04 - 2013-09-29 04:37 - 00837120 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2013-10-22 13:04 - 2013-09-29 04:28 - 00698880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2013-10-22 13:04 - 2013-08-22 06:17 - 02407936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Vorlagen 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Startmenü 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Programme 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Vorlagen 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Startmenü 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Dokumente 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Dokumente und Einstellungen 2013-10-22 12:59 - 2013-10-22 12:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2013-10-03 22:43 - 2013-10-03 22:43 - 04067328 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 04010144 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAAC64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 02813952 _____ C:\Windows\system32\iglhxa64.cpa 2013-10-03 22:43 - 2013-10-03 22:43 - 02474832 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiVAD64.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 01423520 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSecureSourceFilter64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 01127424 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 01123328 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00844760 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 00750752 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiWinNextAgent64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00632480 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAudioFilter64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00598688 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMux64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00391128 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 00345600 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00344736 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSilenceFilter64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00279000 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 00241664 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00214528 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00209056 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUtils64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00193536 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00180224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3316.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00179712 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00176288 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiDDEAgent64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00121504 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMCUMD64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00094368 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiLogServer64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00066560 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00064000 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00044025 _____ C:\Windows\system32\iglhxo64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043816 _____ C:\Windows\system32\iglhxc64_dev.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043494 _____ C:\Windows\system32\iglhxc64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043298 _____ C:\Windows\system32\iglhxg64_dev.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043256 _____ C:\Windows\system32\iglhxg64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00042079 _____ C:\Windows\system32\iglhxo64_dev.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00002940 _____ C:\Windows\system32\iglhxs64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00001125 _____ C:\Windows\system32\iglhxa64.vp 2013-10-03 22:42 - 2013-10-03 22:42 - 25986048 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 20946944 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 13871616 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 13272576 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 12130304 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 11417600 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 09081856 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 07784448 _____ (Intel Corporation) C:\Windows\system32\ig7icd64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 07587800 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 06155264 _____ (Intel Corporation) C:\Windows\SysWOW64\ig7icd32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 04434432 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 04185600 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys 2013-10-03 22:42 - 2013-10-03 22:42 - 03524608 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 03292672 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 02974208 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 02384896 _____ C:\Windows\system32\GfxRes.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 02064896 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 01814016 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00771032 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00769496 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00754648 _____ (Intel Corporation) C:\Windows\system32\GfxUIHotKeyMenu.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00623616 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00548864 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00530392 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00527360 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00522240 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00521728 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00517120 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00516096 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00513536 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00513024 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00492032 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00412160 _____ C:\Windows\system32\igdmd64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00396248 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00393688 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00371200 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00343040 _____ C:\Windows\SysWOW64\igdmd32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00329216 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00290816 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00279040 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl 2013-10-03 22:42 - 2013-10-03 22:42 - 00265030 _____ C:\Windows\system32\Gfxres.th-TH.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00251250 _____ C:\Windows\system32\Gfxres.el-GR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00243712 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00233293 _____ C:\Windows\system32\Gfxres.ru-RU.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00223744 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00220672 _____ C:\Windows\system32\igdde64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00199323 _____ C:\Windows\system32\Gfxres.ar-SA.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00196855 _____ C:\Windows\system32\Gfxres.ja-JP.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00194048 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00190937 _____ C:\Windows\system32\Gfxres.he-IL.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00180736 _____ C:\Windows\SysWOW64\igdde32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00179235 _____ C:\Windows\system32\Gfxres.ko-KR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00179170 _____ C:\Windows\system32\Gfxres.it-IT.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00176818 _____ C:\Windows\system32\Gfxres.es-ES.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00176555 _____ C:\Windows\system32\Gfxres.fr-FR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00176526 _____ C:\Windows\system32\Gfxres.de-DE.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00175165 _____ C:\Windows\system32\Gfxres.ro-RO.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00174165 _____ C:\Windows\system32\Gfxres.hu-HU.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00173876 _____ C:\Windows\system32\Gfxres.tr-TR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00173626 _____ C:\Windows\system32\Gfxres.pl-PL.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00173401 _____ C:\Windows\system32\Gfxres.nl-NL.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00172630 _____ C:\Windows\system32\Gfxres.pt-BR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171980 _____ C:\Windows\system32\Gfxres.fi-FI.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171631 _____ C:\Windows\system32\Gfxres.sk-SK.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171464 _____ C:\Windows\system32\Gfxres.sv-SE.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171207 _____ C:\Windows\system32\Gfxres.pt-PT.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00170928 _____ C:\Windows\system32\Gfxres.cs-CZ.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00170073 _____ C:\Windows\system32\Gfxres.hr-HR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00166591 _____ C:\Windows\system32\Gfxres.sl-SI.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00165303 _____ C:\Windows\system32\Gfxres.nb-NO.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00164653 _____ C:\Windows\system32\Gfxres.da-DK.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00160256 _____ C:\Windows\system32\igdail64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00159945 _____ C:\Windows\system32\Gfxres.en-US.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00158720 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00153231 _____ C:\Windows\system32\Gfxres.zh-TW.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00153048 _____ (Intel Corporation) C:\Windows\system32\difx64.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00151479 _____ C:\Windows\system32\Gfxres.zh-CN.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00149504 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00142848 _____ C:\Windows\SysWOW64\igdail32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00133120 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00128000 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00094208 _____ C:\Windows\system32\IccLibDll_x64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00029184 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00012288 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll 2013-09-30 17:16 - 2013-09-26 22:35 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll 2013-09-30 17:16 - 2013-09-26 10:08 - 00039320 _____ (Intel Corporation) C:\Windows\system32\Drivers\intelaud.sys 2013-09-30 17:16 - 2013-09-26 10:08 - 00027032 _____ (Intel Corporation) C:\Windows\system32\Drivers\iwdbus.sys ==================== One Month Modified Files and Folders ======= 2013-10-28 15:07 - 2013-10-28 15:07 - 00000000 ____D C:\FRST 2013-10-28 15:06 - 2013-10-28 15:06 - 01956538 _____ (Farbar) C:\Users\H\Downloads\FRST64.exe 2013-10-28 15:06 - 2013-10-27 18:28 - 00034365 _____ C:\Windows\WindowsUpdate.log 2013-10-28 15:05 - 2013-10-28 15:05 - 00377856 _____ C:\Users\H\Downloads\pwsjf110.exe 2013-10-28 15:02 - 2013-10-22 13:11 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-28 15:02 - 2013-10-22 13:07 - 00000000 __RDO C:\Users\H\SkyDrive 2013-10-28 15:02 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-27 18:54 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2013-10-27 18:35 - 2013-10-22 13:12 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4019318604-2835077012-2547861510-1001 2013-10-27 18:29 - 2013-10-22 13:11 - 01686150 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-27 18:29 - 2013-08-23 00:24 - 00726688 _____ C:\Windows\system32\perfh007.dat 2013-10-27 18:29 - 2013-08-23 00:24 - 00151380 _____ C:\Windows\system32\perfc007.dat 2013-10-27 18:25 - 2013-10-27 18:25 - 00002982 _____ C:\Windows\PFRO.log 2013-10-27 18:25 - 2013-10-22 15:31 - 00036352 ___SH C:\Users\H\Desktop\Thumbs.db 2013-10-27 18:24 - 2013-10-22 16:39 - 00000000 ____D C:\Users\H\AppData\Roaming\KeePass 2013-10-27 18:22 - 2013-10-27 18:22 - 00000000 ____D C:\Users\H\Downloads\Rockchip_Batch_Tool_v1.7 2013-10-27 18:16 - 2013-10-22 13:11 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-27 18:09 - 2013-10-27 18:03 - 00000000 ____D C:\Users\H\Downloads\treiber 2013-10-27 18:07 - 2013-10-22 16:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Media Player Classic 2013-10-27 18:06 - 2013-10-27 18:03 - 00000000 ____D C:\ProgramData\Diownloada keeoPearr 2013-10-27 18:06 - 2013-10-27 18:03 - 00000000 ____D C:\ProgramData\88e5f17f07f338ab 2013-10-27 18:04 - 2013-10-27 18:04 - 00000000 ____D C:\ProgramData\WinterSoft 2013-10-27 18:04 - 2013-10-27 18:02 - 00000000 ____D C:\ProgramData\InstallMate 2013-10-27 18:00 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru 2013-10-27 17:44 - 2013-10-27 17:44 - 00000000 ____D C:\Users\H\Downloads\update_release03 2013-10-27 17:44 - 2013-10-27 17:26 - 283612513 _____ C:\Users\H\Downloads\update_release03.zip 2013-10-27 17:41 - 2013-10-27 16:09 - 283608132 _____ C:\Users\H\Downloads\beta_JB_04.zip 2013-10-27 16:56 - 2013-10-27 16:56 - 40344091 _____ C:\Users\H\Downloads\mk808_mod.wmv 2013-10-26 22:58 - 2013-10-22 15:19 - 00000000 ____D C:\Users\H\AppData\Local\PokerStars.EU 2013-10-26 20:57 - 2013-10-26 20:46 - 00000000 ____D C:\Users\H\AppData\Roaming\XBMC 2013-10-26 20:55 - 2013-10-26 20:55 - 00171522 _____ C:\Program Files (x86)\plugin.video.istream.ws (1).zip 2013-10-26 20:52 - 2013-10-26 20:52 - 00003998 _____ C:\Users\H\Desktop\XBMC.exe - Verknüpfung.lnk 2013-10-26 20:46 - 2013-10-26 20:46 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC 2013-10-26 20:46 - 2013-10-26 20:46 - 00000000 ____D C:\Program Files (x86)\XBMC 2013-10-26 20:44 - 2013-10-26 20:43 - 51965718 _____ C:\Users\H\Downloads\xbmc-12.2.exe 2013-10-26 18:10 - 2013-10-22 15:27 - 00000000 ____D C:\Program Files (x86)\PokerTracker 4 2013-10-26 00:03 - 2013-10-24 19:32 - 00000000 ____D C:\Users\H\Desktop\GesundheitsÖko 2013-10-25 16:19 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache 2013-10-24 17:18 - 2013-10-22 14:52 - 00000000 ____D C:\Users\H\AppData\Local\JDownloader 2.0 2013-10-24 12:03 - 2013-10-24 12:03 - 08354171 _____ C:\Users\H\Downloads\Frauentausch mit bvb fan uwe Video - Protofex - MyVideo.flv 2013-10-23 13:59 - 2013-10-22 15:33 - 00000000 ____D C:\Users\postgres 2013-10-23 13:59 - 2013-10-22 13:05 - 00000000 ____D C:\Users\H 2013-10-23 13:59 - 2013-08-22 14:25 - 52953088 _____ C:\Windows\system32\config\SOFTWARE_tureg_old 2013-10-23 13:59 - 2013-08-22 14:25 - 11272192 _____ C:\Windows\system32\config\SYSTEM_tureg_old 2013-10-23 13:59 - 2013-08-22 14:25 - 00524288 _____ C:\Windows\system32\config\DEFAULT_tureg_old 2013-10-23 13:59 - 2013-08-22 14:25 - 00262144 _____ C:\Windows\system32\config\SECURITY_tureg_old 2013-10-23 13:59 - 2013-08-22 14:25 - 00262144 _____ C:\Windows\system32\config\SAM_tureg_old 2013-10-23 13:51 - 2013-10-23 13:51 - 00003704 _____ C:\Windows\System32\Tasks\Java Update Scheduler 2013-10-23 13:50 - 2013-10-23 13:29 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2013-10-23 13:48 - 2013-10-23 13:48 - 00000000 ____D C:\Users\H\AppData\Roaming\TuneUp Software 2013-10-23 13:48 - 2013-10-23 13:47 - 00000000 ____D C:\ProgramData\TuneUp Software 2013-10-23 13:21 - 2013-10-23 13:21 - 00000000 ____D C:\Windows\LastGood.Tmp 2013-10-23 13:21 - 2013-10-22 13:15 - 00000000 ____D C:\Program Files (x86)\Intel 2013-10-23 13:20 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2013-10-23 09:59 - 2013-10-22 13:06 - 00000000 ____D C:\Users\H\AppData\Local\Packages 2013-10-23 09:59 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness 2013-10-22 23:50 - 2013-10-22 15:32 - 00000138 _____ C:\Users\H\Desktop\Amazon Gutscheine.txt 2013-10-22 23:18 - 2013-10-22 23:18 - 00015435 _____ C:\Users\H\Downloads\psid_2007_comp_meth.zip 2013-10-22 23:12 - 2013-10-22 23:12 - 00027978 _____ C:\Users\H\Downloads\GLUCKSY.zip 2013-10-22 17:40 - 2013-10-22 14:29 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2013-10-22 17:38 - 2013-10-22 15:21 - 00000000 ____D C:\Program Files (x86)\Full Tilt Poker.Eu 2013-10-22 17:20 - 2013-10-22 17:20 - 00000890 _____ C:\Users\H\Desktop\Downloads - Verknüpfung.lnk 2013-10-22 17:19 - 2013-10-22 14:22 - 00000000 ____D C:\Users\H\AppData\Roaming\Winamp 2013-10-22 16:42 - 2013-10-22 16:42 - 00001058 _____ C:\Users\H\Desktop\StarsHelper.lnk 2013-10-22 16:42 - 2013-10-22 15:33 - 00000000 ____D C:\Users\H\Desktop\StarsHelper 2013-10-22 16:38 - 2013-10-22 13:06 - 00000000 ____D C:\Users\H\AppData\Local\VirtualStore 2013-10-22 16:37 - 2013-10-22 16:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-10-22 16:31 - 2013-10-22 16:31 - 00000000 ____D C:\Program Files (x86)\Browny02 2013-10-22 16:31 - 2013-10-22 16:31 - 00000000 ____D C:\Program Files (x86)\Brother 2013-10-22 16:31 - 2013-10-22 16:31 - 00000000 ____D C:\Brother 2013-10-22 16:31 - 2013-10-22 16:30 - 00000000 ____D C:\ProgramData\Brother 2013-10-22 16:30 - 2013-10-22 16:30 - 00000000 ____D C:\Users\H\AppData\Roaming\InstallShield 2013-10-22 16:30 - 2013-10-22 13:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-10-22 16:22 - 2013-10-22 16:22 - 00000000 ____D C:\ProgramData\Canneverbe Limited 2013-10-22 16:22 - 2013-10-22 15:19 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU 2013-10-22 16:21 - 2013-10-22 16:21 - 00000000 ____D C:\Users\H\AppData\Roaming\OpenOffice 2013-10-22 16:19 - 2013-10-22 16:19 - 00000000 ____D C:\Program Files\7-Zip 2013-10-22 16:15 - 2013-10-22 16:14 - 00000000 ____D C:\Users\H\Documents\Calibre-Bibliothek 2013-10-22 16:15 - 2013-10-22 16:14 - 00000000 ____D C:\Users\H\AppData\Roaming\calibre 2013-10-22 16:14 - 2013-10-22 16:14 - 00000000 ____D C:\Users\H\AppData\Local\calibre-cache 2013-10-22 15:57 - 2013-10-22 15:57 - 00000000 ____D C:\Users\H\AppData\Local\StarsHelper 2013-10-22 15:55 - 2013-10-22 15:55 - 00000956 _____ C:\Users\H\Desktop\Audio Converter.lnk 2013-10-22 15:55 - 2013-10-22 15:55 - 00000000 ____D C:\Program Files (x86)\Tools 2013-10-22 15:55 - 2013-10-22 15:53 - 30100565 _____ C:\Program Files (x86)\AudioConverterTools.ZIP 2013-10-22 15:49 - 2013-10-22 15:28 - 00000000 ____D C:\Users\H\AppData\Local\PokerTracker 4 2013-10-22 15:49 - 2013-10-22 15:22 - 00000000 ____D C:\Users\H\AppData\Local\FullTiltPoker.eu 2013-10-22 15:33 - 2013-10-22 15:33 - 00000020 ___SH C:\Users\postgres\ntuser.ini 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Vorlagen 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Startmenü 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Netzwerkumgebung 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Lokale Einstellungen 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Eigene Dateien 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Druckumgebung 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Documents\Eigene Musik 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Documents\Eigene Bilder 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\AppData\Local\Verlauf 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\AppData\Local\Anwendungsdaten 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Anwendungsdaten 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Users\H\Desktop\Uni 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Users\H\Desktop\Txt 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Users\H\Desktop\Musik 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Program Files\PostgreSQL 2013-10-22 15:28 - 2013-10-22 15:28 - 00005002 _____ C:\ProgramData\flwjycbm.bab 2013-10-22 15:28 - 2013-10-22 15:28 - 00001090 _____ C:\Users\H\Desktop\PokerTracker 4.lnk 2013-10-22 15:28 - 2013-10-22 15:28 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4 2013-10-22 15:23 - 2013-10-22 15:23 - 00000814 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\William Hill Poker.lnk 2013-10-22 15:23 - 2013-10-22 15:23 - 00000784 _____ C:\Users\H\Desktop\William Hill Poker.lnk 2013-10-22 15:23 - 2013-10-22 15:18 - 00000000 ____D C:\Poker 2013-10-22 15:22 - 2013-10-22 15:22 - 00000000 ____D C:\Users\H\AppData\Local\cache 2013-10-22 15:21 - 2013-10-22 15:21 - 00001094 _____ C:\Users\Public\Desktop\Full Tilt Poker.Eu.lnk 2013-10-22 15:21 - 2013-10-22 15:18 - 00000772 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winner Poker.lnk 2013-10-22 15:21 - 2013-10-22 15:18 - 00000742 _____ C:\Users\H\Desktop\Winner Poker.lnk 2013-10-22 15:20 - 2013-10-22 15:20 - 00000751 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Poker 770.lnk 2013-10-22 15:20 - 2013-10-22 15:20 - 00000721 _____ C:\Users\H\Desktop\Poker 770.lnk 2013-10-22 15:19 - 2013-10-22 15:19 - 00001100 _____ C:\Users\Public\Desktop\PokerStars.eu.lnk 2013-10-22 15:18 - 2013-10-22 15:18 - 00001713 _____ C:\Users\H\Desktop\partypoker.lnk 2013-10-22 15:18 - 2013-10-22 15:18 - 00000000 ____D C:\Users\H\AppData\Roaming\Party 2013-10-22 15:18 - 2013-10-22 15:18 - 00000000 ____D C:\Users\H\AppData\Roaming\cef-cache 2013-10-22 15:17 - 2013-10-22 15:17 - 00000000 ____D C:\Program Files (x86)\Partypoker 2013-10-22 14:53 - 2013-10-22 14:53 - 00000000 ____D C:\Program Files\ffdshow 2013-10-22 14:52 - 2013-10-22 14:52 - 00002099 _____ C:\Users\H\Desktop\JDownloader 2.lnk 2013-10-22 14:52 - 2013-10-22 14:52 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader 2013-10-22 14:46 - 2013-10-22 14:46 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2013-10-22 14:46 - 2013-10-22 14:28 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-10-22 14:45 - 2013-10-22 14:45 - 00000000 ____D C:\Users\H\Documents\ProcAlyzer Dumps 2013-10-22 14:43 - 2013-10-22 14:43 - 00005900 _____ C:\Users\H\Desktop\install.txt 2013-10-22 14:42 - 2013-10-22 13:59 - 00000000 ____D C:\Windows\Panther 2013-10-22 14:39 - 2013-10-22 14:38 - 00000000 ___RD C:\Windows\BrowserChoice 2013-10-22 14:39 - 2013-10-22 14:24 - 00000000 ____D C:\Users\H\AppData\Roaming\Skype 2013-10-22 14:39 - 2013-10-22 14:19 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-10-22 14:39 - 2013-10-22 14:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-10-22 14:39 - 2013-10-22 14:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Dropbox 2013-10-22 14:39 - 2013-10-22 14:10 - 00000000 ____D C:\Program Files\Avast 2013-10-22 14:39 - 2013-10-22 13:06 - 00000000 ___RD C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-10-22 14:39 - 2013-10-22 13:06 - 00000000 ___RD C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-10-22 14:39 - 2013-08-22 15:44 - 00360936 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-22 14:38 - 2013-10-22 14:38 - 00000000 ____D C:\Program Files\Intel 2013-10-22 14:38 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData 2013-10-22 14:38 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel 2013-10-22 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\MediaViewer 2013-10-22 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\FileManager 2013-10-22 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Camera 2013-10-22 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Defender 2013-10-22 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2013-10-22 14:38 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\SysWOW64\Dism 2013-10-22 14:38 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\oobe 2013-10-22 14:38 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Dism 2013-10-22 14:31 - 2013-10-22 14:31 - 00001132 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk 2013-10-22 14:31 - 2013-10-22 14:31 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4 2013-10-22 14:30 - 2013-10-22 14:30 - 00000000 ____D C:\Program Files (x86)\Biet-O-Matic 2013-10-22 14:26 - 2013-10-22 14:26 - 00000000 ____D C:\Program Files\Tracker Software 2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ____D C:\ProgramData\Skype 2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2013-10-22 14:23 - 2013-10-22 14:23 - 00000000 ____D C:\Program Files (x86)\Veetle 2013-10-22 14:22 - 2013-10-22 14:22 - 00000995 _____ C:\Users\Public\Desktop\Winamp.lnk 2013-10-22 14:22 - 2013-10-22 14:22 - 00000000 ____D C:\Program Files (x86)\Winamp 2013-10-22 14:21 - 2013-10-22 14:21 - 00002764 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2013-10-22 14:21 - 2013-10-22 14:21 - 00000000 ____D C:\Program Files\CCleaner 2013-10-22 14:19 - 2013-10-22 14:19 - 00000000 ____D C:\Users\H\AppData\Roaming\Malwarebytes 2013-10-22 14:18 - 2013-10-22 14:18 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-10-22 14:18 - 2013-10-22 14:18 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-22 14:17 - 2013-10-22 14:17 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2 2013-10-22 14:16 - 2013-10-22 14:16 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-10-22 14:16 - 2013-10-22 14:16 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-10-22 14:16 - 2013-10-22 14:16 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-10-22 14:16 - 2013-10-22 14:16 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-22 14:16 - 2013-10-22 14:16 - 00000000 ____D C:\ProgramData\Sun 2013-10-22 14:16 - 2013-10-22 14:16 - 00000000 ____D C:\Program Files (x86)\Java 2013-10-22 14:16 - 2013-10-22 14:15 - 00000000 ____D C:\ProgramData\Oracle 2013-10-22 14:15 - 2013-10-22 14:15 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2013-10-22 14:15 - 2013-10-22 14:15 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2013-10-22 14:15 - 2013-10-22 14:15 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2013-10-22 14:15 - 2013-10-22 14:15 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2013-10-22 14:15 - 2013-10-22 14:15 - 00000000 ____D C:\Program Files\Java 2013-10-22 14:15 - 2013-10-22 14:15 - 00000000 ____D C:\Program Files\Image Resizer for Windows 2013-10-22 14:15 - 2013-10-22 14:15 - 00000000 ____D C:\Program Files (x86)\Image Resizer for Windows 2013-10-22 14:15 - 2013-10-22 13:28 - 00000000 ____D C:\ProgramData\Package Cache 2013-10-22 14:14 - 2013-10-22 14:14 - 00001714 _____ C:\Users\H\Desktop\MPC-HC x64.lnk 2013-10-22 14:14 - 2013-10-22 14:14 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2013-10-22 14:14 - 2013-10-22 14:14 - 00000000 ____D C:\Program Files\MPC-HC 2013-10-22 14:14 - 2013-10-22 14:14 - 00000000 ____D C:\Program Files (x86)\Haali 2013-10-22 14:13 - 2013-10-22 14:13 - 00002232 _____ C:\Users\Public\Desktop\Google Earth.lnk 2013-10-22 14:13 - 2013-10-22 13:11 - 00000000 ____D C:\Users\H\AppData\Local\Google 2013-10-22 14:13 - 2013-10-22 13:11 - 00000000 ____D C:\Program Files (x86)\Google 2013-10-22 14:11 - 2013-10-22 14:11 - 00001965 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk 2013-10-22 14:11 - 2013-10-22 14:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2013-10-22 14:11 - 2013-10-22 14:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Canneverbe Limited 2013-10-22 14:11 - 2013-10-22 14:11 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP 2013-10-22 14:10 - 2013-10-22 14:10 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2013-10-22 14:10 - 2013-10-22 14:10 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2013-10-22 14:10 - 2013-10-22 14:10 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00000000 ____D C:\Users\H\AppData\Roaming\AVAST Software 2013-10-22 14:10 - 2013-10-22 14:10 - 00000000 ____D C:\Program Files\Calibre2 2013-10-22 14:09 - 2013-10-22 14:09 - 00000000 ____D C:\ProgramData\AVAST Software 2013-10-22 14:06 - 2013-10-22 14:06 - 00000394 _____ C:\InstallHelper.log 2013-10-22 14:06 - 2013-10-22 14:06 - 00000000 ____D C:\Windows\SysWOW64\Adobe 2013-10-22 14:06 - 2013-10-22 14:06 - 00000000 ____D C:\ProgramData\eBay 2013-10-22 14:06 - 2013-10-22 14:06 - 00000000 ____D C:\Program Files (x86)\eBay 2013-10-22 14:05 - 2013-10-22 15:33 - 00000000 ____D C:\Users\postgres\AppData\Roaming\Macromedia 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Users\H\AppData\Local\Adobe 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\ProgramData\Adobe 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-10-22 14:05 - 2013-10-22 13:06 - 00000000 ____D C:\Users\H\AppData\Roaming\Adobe 2013-10-22 13:59 - 2013-08-22 16:36 - 00262144 _____ C:\Windows\system32\config\BCD-Template 2013-10-22 13:36 - 2013-10-22 13:36 - 00000000 ____D C:\Users\H\AppData\Roaming\ATI 2013-10-22 13:36 - 2013-10-22 13:36 - 00000000 ____D C:\Users\H\AppData\Local\ATI 2013-10-22 13:36 - 2013-10-22 13:36 - 00000000 ____D C:\ProgramData\ATI 2013-10-22 13:34 - 2013-10-22 13:34 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2013-10-22 13:34 - 2013-10-22 13:34 - 00000000 ____D C:\Program Files\Realtek 2013-10-22 13:34 - 2013-10-22 13:16 - 00000000 ____D C:\Program Files (x86)\Realtek 2013-10-22 13:28 - 2013-10-22 13:28 - 00061389 _____ C:\Windows\SysWOW64\CCCInstall_201310221428519465.log 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\ProgramData\AMD 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files\ATI 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files (x86)\ATI Technologies 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files (x86)\AMD AVT 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 _____ C:\Windows\ativpsrm.bin 2013-10-22 13:28 - 2013-10-22 13:27 - 00000000 ____D C:\Program Files\ATI Technologies 2013-10-22 13:18 - 2013-10-22 13:18 - 00000000 ____D C:\Program Files (x86)\ASM106xSATA 2013-10-22 13:11 - 2013-10-22 13:11 - 00004086 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-10-22 13:11 - 2013-10-22 13:11 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-10-22 13:11 - 2013-10-22 13:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Macromedia 2013-10-22 13:07 - 2013-10-22 13:07 - 00000000 ____D C:\Users\H\AppData\Local\PackageStaging 2013-10-22 13:06 - 2013-10-22 13:06 - 00001454 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-10-22 13:06 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\WinStore 2013-10-22 13:05 - 2013-10-22 13:05 - 00000020 ___SH C:\Users\H\ntuser.ini 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Vorlagen 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Startmenü 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Netzwerkumgebung 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Lokale Einstellungen 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Eigene Dateien 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Druckumgebung 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Documents\Eigene Musik 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Documents\Eigene Bilder 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\AppData\Local\Verlauf 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\AppData\Local\Anwendungsdaten 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Anwendungsdaten 2013-10-22 13:04 - 2013-10-22 13:04 - 00000000 ____D C:\Windows\CSC 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Vorlagen 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Startmenü 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Programme 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Vorlagen 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Startmenü 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Dokumente 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Dokumente und Einstellungen 2013-10-22 13:00 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Recovery 2013-10-22 13:00 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows NT 2013-10-22 13:00 - 2013-08-22 14:36 - 00000000 __RHD C:\Users\Default 2013-10-22 12:59 - 2013-10-22 12:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2013-10-22 11:47 - 2013-10-22 15:31 - 00006094 _____ C:\Program Files (x86)\Keepass.kdbx 2013-10-21 21:31 - 2013-10-22 15:31 - 00000147 _____ C:\Users\H\Desktop\Neues Textdokument.txt 2013-10-18 17:43 - 2013-10-22 15:31 - 00014741 _____ C:\Users\H\Desktop\Bankgebühren.odt 2013-10-16 12:39 - 2013-10-22 15:31 - 00000112 _____ C:\Users\H\Desktop\Neues Textdokument (2).txt 2013-10-03 22:43 - 2013-10-03 22:43 - 04067328 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 04010144 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAAC64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 02813952 _____ C:\Windows\system32\iglhxa64.cpa 2013-10-03 22:43 - 2013-10-03 22:43 - 02474832 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiVAD64.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 01423520 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSecureSourceFilter64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 01127424 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 01123328 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00844760 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 00750752 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiWinNextAgent64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00632480 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAudioFilter64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00598688 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMux64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00391128 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 00345600 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00344736 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSilenceFilter64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00279000 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 00241664 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00214528 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00209056 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUtils64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00193536 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00180224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3316.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00179712 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00176288 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiDDEAgent64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00121504 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMCUMD64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00094368 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiLogServer64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00066560 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00064000 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00044025 _____ C:\Windows\system32\iglhxo64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043816 _____ C:\Windows\system32\iglhxc64_dev.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043494 _____ C:\Windows\system32\iglhxc64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043298 _____ C:\Windows\system32\iglhxg64_dev.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043256 _____ C:\Windows\system32\iglhxg64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00042079 _____ C:\Windows\system32\iglhxo64_dev.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00002940 _____ C:\Windows\system32\iglhxs64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00001125 _____ C:\Windows\system32\iglhxa64.vp 2013-10-03 22:43 - 2013-09-26 21:59 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2013-10-03 22:43 - 2013-09-26 21:59 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 25986048 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 20946944 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 13871616 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 13272576 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 12130304 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 11417600 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 09081856 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 07784448 _____ (Intel Corporation) C:\Windows\system32\ig7icd64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 07587800 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 06155264 _____ (Intel Corporation) C:\Windows\SysWOW64\ig7icd32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 04434432 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 04185600 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys 2013-10-03 22:42 - 2013-10-03 22:42 - 03524608 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 03292672 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 02974208 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 02384896 _____ C:\Windows\system32\GfxRes.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 02064896 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 01814016 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00771032 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00769496 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00754648 _____ (Intel Corporation) C:\Windows\system32\GfxUIHotKeyMenu.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00623616 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00548864 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00530392 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00527360 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00522240 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00521728 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00517120 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00516096 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00513536 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00513024 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00492032 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00412160 _____ C:\Windows\system32\igdmd64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00396248 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00393688 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00371200 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00343040 _____ C:\Windows\SysWOW64\igdmd32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00329216 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00290816 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00279040 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl 2013-10-03 22:42 - 2013-10-03 22:42 - 00265030 _____ C:\Windows\system32\Gfxres.th-TH.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00251250 _____ C:\Windows\system32\Gfxres.el-GR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00243712 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00233293 _____ C:\Windows\system32\Gfxres.ru-RU.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00223744 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00220672 _____ C:\Windows\system32\igdde64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00199323 _____ C:\Windows\system32\Gfxres.ar-SA.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00196855 _____ C:\Windows\system32\Gfxres.ja-JP.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00194048 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00190937 _____ C:\Windows\system32\Gfxres.he-IL.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00180736 _____ C:\Windows\SysWOW64\igdde32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00179235 _____ C:\Windows\system32\Gfxres.ko-KR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00179170 _____ C:\Windows\system32\Gfxres.it-IT.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00176818 _____ C:\Windows\system32\Gfxres.es-ES.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00176555 _____ C:\Windows\system32\Gfxres.fr-FR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00176526 _____ C:\Windows\system32\Gfxres.de-DE.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00175165 _____ C:\Windows\system32\Gfxres.ro-RO.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00174165 _____ C:\Windows\system32\Gfxres.hu-HU.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00173876 _____ C:\Windows\system32\Gfxres.tr-TR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00173626 _____ C:\Windows\system32\Gfxres.pl-PL.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00173401 _____ C:\Windows\system32\Gfxres.nl-NL.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00172630 _____ C:\Windows\system32\Gfxres.pt-BR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171980 _____ C:\Windows\system32\Gfxres.fi-FI.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171631 _____ C:\Windows\system32\Gfxres.sk-SK.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171464 _____ C:\Windows\system32\Gfxres.sv-SE.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171207 _____ C:\Windows\system32\Gfxres.pt-PT.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00170928 _____ C:\Windows\system32\Gfxres.cs-CZ.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00170073 _____ C:\Windows\system32\Gfxres.hr-HR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00166591 _____ C:\Windows\system32\Gfxres.sl-SI.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00165303 _____ C:\Windows\system32\Gfxres.nb-NO.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00164653 _____ C:\Windows\system32\Gfxres.da-DK.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00160256 _____ C:\Windows\system32\igdail64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00159945 _____ C:\Windows\system32\Gfxres.en-US.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00158720 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00153231 _____ C:\Windows\system32\Gfxres.zh-TW.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00153048 _____ (Intel Corporation) C:\Windows\system32\difx64.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00151479 _____ C:\Windows\system32\Gfxres.zh-CN.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00149504 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00142848 _____ C:\Windows\SysWOW64\igdail32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00133120 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00128000 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00094208 _____ C:\Windows\system32\IccLibDll_x64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00029184 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00012288 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll 2013-10-03 15:07 - 2013-10-22 13:41 - 01537880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-10-03 15:07 - 2013-10-22 13:41 - 00382808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2013-10-03 15:05 - 2013-10-22 13:41 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2013-10-03 15:05 - 2013-10-22 13:41 - 00516496 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2013-10-03 13:53 - 2013-10-22 13:41 - 01765384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-10-03 13:53 - 2013-10-22 13:41 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2013-10-03 10:29 - 2013-10-22 13:41 - 02144768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2013-10-03 10:16 - 2013-10-22 13:41 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll 2013-10-03 10:07 - 2013-10-22 13:41 - 01765376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2013-10-03 10:02 - 2013-10-22 13:41 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll 2013-10-02 12:00 - 2013-10-22 13:41 - 01286552 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2013-10-02 10:47 - 2013-10-22 13:41 - 01018960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2013-10-02 02:04 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-10-02 02:04 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-10-01 04:42 - 2013-10-22 13:41 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll 2013-10-01 04:36 - 2013-10-22 13:41 - 00977408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll 2013-09-29 10:22 - 2013-10-22 13:43 - 01641496 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2013-09-29 10:22 - 2013-10-22 13:43 - 01506168 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2013-09-29 10:22 - 2013-10-22 13:43 - 01476184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2013-09-29 10:22 - 2013-10-22 13:43 - 01344984 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2013-09-29 05:08 - 2013-10-22 13:04 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-09-29 05:00 - 2013-10-22 13:04 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll 2013-09-29 04:50 - 2013-10-22 13:04 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-09-29 04:44 - 2013-10-22 13:04 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll 2013-09-29 04:37 - 2013-10-22 13:04 - 00837120 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2013-09-29 04:28 - 2013-10-22 13:04 - 00698880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe [2013-08-22 10:55] - [2013-08-22 10:55] - 0564736 ____A (Microsoft Corporation) 7C94FDA3809015B8F2208D2E1C221F17 C:\Windows\System32\wininit.exe [2013-08-22 10:58] - [2013-08-22 10:58] - 0144384 ____A (Microsoft Corporation) 48CFA7BE561A7BE144C29BB912055016 C:\Windows\explorer.exe [2013-10-22 13:44] - [2013-09-21 11:54] - 2328328 ____A (Microsoft Corporation) C1400519D76A364E974E47BBA62B95B0 C:\Windows\SysWOW64\explorer.exe [2013-10-22 13:44] - [2013-09-21 10:37] - 2065960 ____A (Microsoft Corporation) 712B0D2ADE5297563168C997DDC2DD13 C:\Windows\System32\svchost.exe [2013-08-22 10:54] - [2013-08-22 13:45] - 0037768 ____A (Microsoft Corporation) E4CA434F251681590D0538BC21C32D2F C:\Windows\SysWOW64\svchost.exe [2013-08-22 03:48] - [2013-08-22 06:30] - 0031552 ____A (Microsoft Corporation) 425E22D9F5C01616AFC92987791B19E9 C:\Windows\System32\services.exe [2013-08-22 14:25] - [2013-08-22 14:25] - 0405488 ____A (Microsoft Corporation) B4B610BBCB002EC478C6FD80CF915697 C:\Windows\System32\User32.dll [2013-08-22 10:56] - [2013-08-22 13:39] - 1517984 ____A (Microsoft Corporation) 1A811BAFA2114C2FC878507F9F86566C C:\Windows\SysWOW64\User32.dll [2013-08-22 03:51] - [2013-08-22 03:51] - 1363456 ____A (Microsoft Corporation) 170A3370144196F72A04038B652732EF C:\Windows\System32\userinit.exe [2013-08-22 11:03] - [2013-08-22 11:03] - 0025088 ____A (Microsoft Corporation) 08C191B2917862BE90C33E31CB6B6D79 C:\Windows\SysWOW64\userinit.exe [2013-08-22 03:54] - [2013-08-22 03:54] - 0021504 ____A (Microsoft Corporation) 41636F77AD6D9A396EA34E4786B96F2B C:\Windows\System32\Drivers\volsnap.sys [2013-08-22 12:40] - [2013-08-22 13:39] - 0312160 ____A (Microsoft Corporation) 9F9CE33B50611A1C61A46B8911E0B30B LastRegBack: 2013-10-22 12:59 ==================== End Of Log ============================ Code:
ATTFilter Search results from Spybot - Search & Destroy 22.10.2013 18:38:12 Scan took 00:16:32. 16 items found. E2Give: [SBI $71ECE41F] Settings (Registry Key, nothing done) HKEY_USERS\S-1-5-21-4019318604-2835077012-2547861510-1001\Software\Ptech Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-21-4019318604-2835077012-2547861510-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-21-4019318604-2835077012-2547861510-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done) HKEY_USERS\S-1-5-21-4019318604-2835077012-2547861510-1001\Software\Microsoft\MediaPlayer\Player\Settings\Client ID Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done) HKEY_USERS\S-1-5-21-4019318604-2835077012-2547861510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done) HKEY_USERS\S-1-5-21-4019318604-2835077012-2547861510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done) HKEY_USERS\S-1-5-21-4019318604-2835077012-2547861510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done) HKEY_USERS\S-1-5-21-4019318604-2835077012-2547861510-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done) HKEY_USERS\S-1-5-21-4019318604-2835077012-2547861510-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done) HKEY_USERS\S-1-5-21-4019318604-2835077012-2547861510-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber --- Spybot - Search & Destroy version: DLL (build: 20130516) --- 2013-09-20 blindman.exe ( 2013-09-20 explorer.exe ( 2013-09-20 SDBootCD.exe ( 2013-09-20 SDCleaner.exe ( 2013-09-20 SDDelFile.exe ( 2013-06-18 SDDisableProxy.exe 2013-09-20 SDFiles.exe ( 2013-09-20 SDFileScanHelper.exe ( 2013-10-15 SDFSSvc.exe ( 2013-10-10 SDHookHelper.exe ( 2013-10-10 SDHookInst32.exe ( 2013-10-10 SDHookInst64.exe ( 2013-09-20 SDImmunize.exe ( 2013-05-16 SDLogReport.exe ( 2013-10-14 SDOnAccess.exe ( 2013-09-20 SDPESetup.exe ( 2013-09-20 SDPEStart.exe ( 2013-09-20 SDPhoneScan.exe ( 2013-09-20 SDPRE.exe ( 2013-09-20 SDPrepPos.exe ( 2013-09-20 SDQuarantine.exe ( 2013-09-20 SDRootAlyzer.exe ( 2013-09-20 SDSBIEdit.exe ( 2013-09-20 SDScan.exe ( 2013-09-20 SDScript.exe ( 2013-10-15 SDSettings.exe ( 2013-09-20 SDShell.exe ( 2013-09-20 SDShred.exe ( 2013-09-20 SDSysRepair.exe ( 2013-09-20 SDTools.exe ( 2013-07-25 SDTray.exe ( 2013-09-20 SDUpdate.exe ( 2013-09-20 SDUpdSvc.exe ( 2013-09-20 SDWelcome.exe ( 2013-09-13 SDWSCSvc.exe ( 2013-06-19 spybotsd2-translation-frx.exe 2013-10-22 unins000.exe (51.1052.0.0) 1999-12-02 xcacls.exe 2012-08-23 borlndmm.dll (10.0.2288.42451) 2012-09-05 DelZip190.dll ( 2012-09-10 libeay32.dll ( 2012-09-10 libssl32.dll ( 2013-05-16 SDAdvancedCheckLibrary.dll ( 2013-05-16 SDAV.dll 2013-05-16 SDECon32.dll ( 2013-05-16 SDECon64.dll ( 2013-04-05 SDEvents.dll ( 2013-10-14 SDFileScanLibrary.dll ( 2013-10-10 SDHook32.dll ( 2013-10-10 SDHook64.dll ( 2013-05-16 SDImmunizeLibrary.dll ( 2013-05-16 SDLicense.dll ( 2013-05-16 SDLists.dll ( 2013-05-16 SDResources.dll ( 2013-05-16 SDScanLibrary.dll ( 2013-05-16 SDTasks.dll ( 2013-05-16 SDWinLogon.dll ( 2012-08-23 sqlite3.dll 2012-09-10 ssleay32.dll ( 2013-05-16 Tools.dll ( 2012-12-18 Includes\Adware.sbi (*) 2013-10-08 Includes\AdwareC.sbi (*) 2010-08-13 Includes\Cookies.sbi (*) 2012-11-14 Includes\Dialer.sbi (*) 2012-11-14 Includes\DialerC.sbi (*) 2012-11-14 Includes\HeavyDuty.sbi (*) 2012-11-14 Includes\Hijackers.sbi (*) 2012-11-14 Includes\HijackersC.sbi (*) 2013-10-16 Includes\iPhone.sbi (*) 2013-06-25 Includes\Keyloggers.sbi (*) 2012-12-18 Includes\KeyloggersC.sbi (*) 2013-05-29 Includes\Malware.sbi (*) 2013-10-01 Includes\MalwareC.sbi (*) 2012-11-14 Includes\PUPS.sbi (*) 2013-10-08 Includes\PUPSC.sbi (*) 2012-11-14 Includes\Security.sbi (*) 2012-11-14 Includes\SecurityC.sbi (*) 2013-05-22 Includes\Spyware.sbi (*) 2013-08-06 Includes\SpywareC.sbi (*) 2011-06-07 Includes\Tracks.sbi (*) 2012-11-19 Includes\Tracks.uti (*) 2013-01-16 Includes\Trojans.sbi (*) 2013-05-13 Includes\TrojansC-02.sbi (*) 2013-10-01 Includes\TrojansC-03.sbi (*) 2013-10-16 Includes\TrojansC-04.sbi (*) 2013-05-08 Includes\TrojansC-05.sbi (*) 2013-08-06 Includes\TrojansC.sbi (*) |
![]() | #5 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Befall von Maleware nach Download (u.a. Serach.New.Tab). GMER meldet Rootkit hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() | #6 |
![]() ![]() | ![]() Befall von Maleware nach Download (u.a. Serach.New.Tab). GMER meldet Rootkit Hallo, ich kann ComboFix nicht ausführen. Ich bekomme folgende Fehlermeldung: "ComboFix is not meant to run in "Compatibility Mode". The program shall now exit." |
![]() | #7 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Befall von Maleware nach Download (u.a. Serach.New.Tab). GMER meldet Rootkit Downloade Dir bitte ![]()
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() | #8 |
![]() ![]() | ![]() Befall von Maleware nach Download (u.a. Serach.New.Tab). GMER meldet Rootkit Erstmal wieder eine Dankeschön ![]() ADWCleaner und JRT Anmerkung zum ADW Cleaner. Nachdem bereinigt wurde, startet der Rechner wieder in normaler Geschwindigkeit. Code:
ATTFilter # AdwCleaner v3.010 - Bericht erstellt am 29/10/2013 um 17:25:32 # Updated 20/10/2013 von Xplode # Betriebssystem : Windows 8.1 Pro (64 bits) # Benutzername : H - MASTER # Gestartet von : C:\Users\H\Downloads\adwcleaner.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\ProgramData\Diownloada keeoPearr ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** ***** [ Browser ] ***** -\\ Internet Explorer v11.0.9600.16384 -\\ Google Chrome v30.0.1599.101 [ Datei : C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [811 octets] - [29/10/2013 17:23:31] AdwCleaner[S0].txt - [735 octets] - [29/10/2013 17:25:32] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [794 octets] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.7 (10.15.2013:3) OS: Windows 8.1 Pro x64 Ran by H on 29.10.2013 at 17:27:15,35 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Chrome Successfully deleted: [Folder] C:\Users\H\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 29.10.2013 at 17:29:48,96 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Hier FRST in zwei Teilen Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-10-2013 Ran by H (administrator) on MASTER on 29-10-2013 18:19:10 Running from C:\Users\H\Downloads Windows 8.1 Pro (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AVAST Software) C:\Program Files\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\system32\dashost.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (AMD) C:\Windows\system32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Windows\System32\skydrive.exe (AVAST Software) C:\Program Files\Avast\avastui.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor) HKLM\...\Run: [HotKeysCmds] - "C:\Windows\system32\hkcmd.exe" Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20473504 2013-10-02] (Skype Technologies S.A.) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-26] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\Avast\avastui.exe [3567800 2013-10-22] (AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.) Startup: C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\H\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4D5B2BCB1FCFCE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.5 BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE.dll (AVAST Software) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] Chrome: ======= CHR Extension: (Google Docs) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (Turn Off the Lights) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\ CHR Extension: (YouTube) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\ CHR Extension: (Yet another flags) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmchcmgddbhmbkakammmklpoonoiiomk\ CHR Extension: (Video Downloader professional) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil\1.97.37_0 CHR Extension: (AdBlock) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.10_0 CHR Extension: (avast! Online Security) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0 CHR Extension: (BugMeNot Lite) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\0.3.10_0 CHR Extension: (YouTube To MP3) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjjhpfeabmdlgllokffpjgbijpkpfdp\1.1_0 CHR Extension: (Premiumize.me) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\lojbjecfjcnaledoelddkcjlifhhfebm\0.0.16_0 CHR Extension: (Google Dictionary (by Google)) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.19_0 CHR Extension: (Google Mail Checker) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0 CHR Extension: (Gmail) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Avast\WebRep\Chrome\aswWebRepChrome.crx ==================== Services (Whitelisted) ================= S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [533504 2013-09-14] (Microsoft Corporation) S3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [1302016 2013-09-24] (Microsoft Corporation) R2 avast! Antivirus; C:\Program Files\Avast\AvastSvc.exe [50344 2013-10-22] (AVAST Software) S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2013-08-22] (Microsoft Corporation) S3 lfsvc; C:\Windows\System32\GeofenceMonitorService.dll [491520 2013-08-31] (Microsoft Corporation) S4 MsKeyboardFilter; C:\Windows\System32\KeyboardFilterSvc.dll [90464 2013-08-23] (Microsoft Corporation) R3 NcbService; C:\Windows\System32\ncbservice.dll [151040 2013-08-22] (Microsoft Corporation) S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [130560 2013-08-22] (Microsoft Corporation) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.) S3 smphost; C:\Windows\System32\smphost.dll [13312 2013-08-22] (Microsoft Corporation) S3 vmicguestinterface; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [24576 2013-08-22] (Microsoft Corporation) S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1581568 2013-09-19] (Microsoft Corporation) R2 postgresql-x64-9.0; C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-x64-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w [x] ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [76800 2013-08-22] (Microsoft Corporation) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-22] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-22] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-22] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-22] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-22] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-10-22] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-22] () R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-09-19] (Microsoft Corporation) S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-08-23] (Microsoft Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [56672 2013-08-22] (Microsoft Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== NETSVC: lfsvc -> C:\Windows\System32\GeofenceMonitorService.dll (Microsoft Corporation) NETSVC: MsKeyboardFilter -> C:\Windows\System32\KeyboardFilterSvc.dll (Microsoft Corporation) ==================== One Month Created Files and Folders ======== 2013-10-29 10:54 - 2013-10-23 12:01 - 00872840 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2013-10-29 10:54 - 2013-10-23 09:59 - 00698232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2013-10-29 10:34 - 2013-10-29 10:35 - 00000000 ___SD C:\32788R22FWJFW 2013-10-29 10:32 - 2013-10-29 10:32 - 00000000 ____D C:\Windows\erdnt 2013-10-29 10:31 - 2013-10-29 10:31 - 05137071 ____R (Swearware) C:\Users\H\Desktop\ComboFix.exe 2013-10-29 10:27 - 2013-10-29 10:27 - 00000000 ____D C:\Windows\ERUNT 2013-10-29 10:23 - 2013-10-29 10:25 - 00000000 ____D C:\AdwCleaner 2013-10-29 10:17 - 2013-10-29 10:23 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-10-29 10:17 - 2013-10-29 10:17 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2013-10-29 10:17 - 2013-10-29 10:17 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2013-10-29 10:16 - 2013-10-29 10:16 - 12576792 _____ (Malwarebytes Corp.) C:\Users\H\Downloads\mbar- 2013-10-29 10:15 - 2013-10-29 10:16 - 01033335 _____ (Thisisu) C:\Users\H\Downloads\JRT.exe 2013-10-29 10:15 - 2013-10-29 10:15 - 01060070 _____ C:\Users\H\Downloads\adwcleaner.exe 2013-10-28 16:08 - 2013-10-28 16:08 - 00032733 _____ C:\Users\H\Downloads\Logfiles (1).zip 2013-10-28 15:36 - 2013-10-28 15:36 - 00032733 _____ C:\Users\H\Downloads\Logfiles.zip 2013-10-28 15:31 - 2013-10-28 15:31 - 00000236 _____ C:\Users\H\Downloads\defogger_enable.log 2013-10-28 15:30 - 2013-10-28 15:30 - 00050477 _____ C:\Users\H\Downloads\Defogger.exe 2013-10-28 15:30 - 2013-10-28 15:30 - 00000464 _____ C:\Users\H\Downloads\defogger_disable.log 2013-10-28 15:25 - 2013-10-28 15:25 - 00052979 _____ C:\Users\H\Downloads\Gmer.txt 2013-10-28 15:17 - 2013-10-29 10:31 - 00002451 _____ C:\Users\H\Desktop\Neues Textdokument (3).txt 2013-10-28 15:07 - 2013-10-28 15:08 - 00022242 _____ C:\Users\H\Downloads\Addition.txt 2013-10-28 15:07 - 2013-10-28 15:07 - 00000000 ____D C:\FRST 2013-10-28 15:06 - 2013-10-28 15:06 - 01956538 _____ (Farbar) C:\Users\H\Downloads\FRST64.exe 2013-10-28 15:05 - 2013-10-28 15:05 - 00377856 _____ C:\Users\H\Downloads\pwsjf110.exe 2013-10-27 18:28 - 2013-10-29 17:27 - 00230513 _____ C:\Windows\WindowsUpdate.log 2013-10-27 18:25 - 2013-10-27 18:25 - 00002982 _____ C:\Windows\PFRO.log 2013-10-27 18:22 - 2013-10-27 18:22 - 00000000 ____D C:\Users\H\Downloads\Rockchip_Batch_Tool_v1.7 2013-10-27 18:04 - 2013-10-27 18:04 - 00000000 ____D C:\ProgramData\WinterSoft 2013-10-27 18:03 - 2013-10-27 18:09 - 00000000 ____D C:\Users\H\Downloads\treiber 2013-10-27 18:03 - 2013-10-27 18:06 - 00000000 ____D C:\ProgramData\88e5f17f07f338ab 2013-10-27 18:02 - 2013-10-27 18:04 - 00000000 ____D C:\ProgramData\InstallMate 2013-10-27 17:44 - 2013-10-27 17:44 - 00000000 ____D C:\Users\H\Downloads\update_release03 2013-10-27 17:26 - 2013-10-27 17:44 - 283612513 _____ C:\Users\H\Downloads\update_release03.zip 2013-10-27 16:56 - 2013-10-27 16:56 - 40344091 _____ C:\Users\H\Downloads\mk808_mod.wmv 2013-10-27 16:09 - 2013-10-27 17:41 - 283608132 _____ C:\Users\H\Downloads\beta_JB_04.zip 2013-10-26 20:55 - 2013-10-26 20:55 - 00171522 _____ C:\Program Files (x86)\plugin.video.istream.ws (1).zip 2013-10-26 20:52 - 2013-10-26 20:52 - 00003998 _____ C:\Users\H\Desktop\XBMC.exe - Verknüpfung.lnk 2013-10-26 20:46 - 2013-10-26 20:57 - 00000000 ____D C:\Users\H\AppData\Roaming\XBMC 2013-10-26 20:46 - 2013-10-26 20:46 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC 2013-10-26 20:46 - 2013-10-26 20:46 - 00000000 ____D C:\Program Files (x86)\XBMC 2013-10-26 20:46 - 2010-05-26 10:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2013-10-26 20:46 - 2010-05-26 10:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2013-10-26 20:43 - 2013-10-26 20:44 - 51965718 _____ C:\Users\H\Downloads\xbmc-12.2.exe 2013-10-24 19:32 - 2013-10-26 00:03 - 00000000 ____D C:\Users\H\Desktop\GesundheitsÖko 2013-10-24 12:03 - 2013-10-24 12:03 - 08354171 _____ C:\Users\H\Downloads\Frauentausch mit bvb fan uwe Video - Protofex - MyVideo.flv 2013-10-23 13:51 - 2013-10-23 13:51 - 00003704 _____ C:\Windows\System32\Tasks\Java Update Scheduler 2013-10-23 13:48 - 2013-10-23 13:48 - 00000000 ____D C:\Users\H\AppData\Roaming\TuneUp Software 2013-10-23 13:47 - 2013-10-23 13:48 - 00000000 ____D C:\ProgramData\TuneUp Software 2013-10-23 13:29 - 2013-10-23 13:50 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2013-10-22 23:18 - 2013-10-22 23:18 - 00015435 _____ C:\Users\H\Downloads\psid_2007_comp_meth.zip 2013-10-22 23:12 - 2013-10-22 23:12 - 00027978 _____ C:\Users\H\Downloads\GLUCKSY.zip 2013-10-22 17:20 - 2013-10-22 17:20 - 00000890 _____ C:\Users\H\Desktop\Downloads - Verknüpfung.lnk 2013-10-22 16:42 - 2013-10-22 16:42 - 00001058 _____ C:\Users\H\Desktop\StarsHelper.lnk 2013-10-22 16:39 - 2013-10-29 01:06 - 00000000 ____D C:\Users\H\AppData\Roaming\KeePass 2013-10-22 16:37 - 2013-10-22 16:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-10-22 16:31 - 2013-10-22 16:31 - 00000000 ____D C:\Program Files (x86)\Browny02 2013-10-22 16:31 - 2013-10-22 16:31 - 00000000 ____D C:\Program Files (x86)\Brother 2013-10-22 16:31 - 2013-10-22 16:31 - 00000000 ____D C:\Brother 2013-10-22 16:31 - 2012-06-05 07:59 - 00025299 _____ (Brother Industries, Ltd) C:\Windows\SysWOW64\BRLM03A.DLL 2013-10-22 16:31 - 2010-05-10 09:45 - 00103736 _____ (Brother Industries Ltd) C:\Windows\SysWOW64\BRRBTOOL.EXE 2013-10-22 16:31 - 2010-02-05 03:42 - 00180224 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BROSNMP.DLL 2013-10-22 16:31 - 2005-01-17 08:10 - 00045056 _____ C:\Windows\SysWOW64\BRTCPCON.DLL 2013-10-22 16:31 - 2004-08-09 08:00 - 00000114 _____ C:\Windows\SysWOW64\BRLMW03A.INI 2013-10-22 16:31 - 2004-08-09 07:42 - 00077824 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BRLMW03A.DLL 2013-10-22 16:31 - 1999-10-26 17:00 - 00000050 _____ C:\Windows\system32\BRADM10A.DAT 2013-10-22 16:30 - 2013-10-22 16:31 - 00000000 ____D C:\ProgramData\Brother 2013-10-22 16:30 - 2013-10-22 16:30 - 00000000 ____D C:\Users\H\AppData\Roaming\InstallShield 2013-10-22 16:22 - 2013-10-22 16:22 - 00000000 ____D C:\ProgramData\Canneverbe Limited 2013-10-22 16:21 - 2013-10-22 16:21 - 00000000 ____D C:\Users\H\AppData\Roaming\OpenOffice 2013-10-22 16:19 - 2013-10-22 16:19 - 00000000 ____D C:\Program Files\7-Zip 2013-10-22 16:14 - 2013-10-22 16:15 - 00000000 ____D C:\Users\H\Documents\Calibre-Bibliothek 2013-10-22 16:14 - 2013-10-22 16:15 - 00000000 ____D C:\Users\H\AppData\Roaming\calibre 2013-10-22 16:14 - 2013-10-22 16:14 - 00000000 ____D C:\Users\H\AppData\Local\calibre-cache 2013-10-22 16:11 - 2013-10-28 15:57 - 00000000 ____D C:\Users\H\AppData\Roaming\Media Player Classic 2013-10-22 15:57 - 2013-10-22 15:57 - 00000000 ____D C:\Users\H\AppData\Local\StarsHelper 2013-10-22 15:55 - 2013-10-22 15:55 - 00000956 _____ C:\Users\H\Desktop\Audio Converter.lnk 2013-10-22 15:55 - 2013-10-22 15:55 - 00000000 ____D C:\Program Files (x86)\Tools 2013-10-22 15:53 - 2013-10-22 15:55 - 30100565 _____ C:\Program Files (x86)\AudioConverterTools.ZIP 2013-10-22 15:33 - 2013-10-23 13:59 - 00000000 ____D C:\Users\postgres 2013-10-22 15:33 - 2013-10-22 16:42 - 00000000 ____D C:\Users\H\Desktop\StarsHelper 2013-10-22 15:33 - 2013-10-22 15:33 - 00000020 ___SH C:\Users\postgres\ntuser.ini 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Vorlagen 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Startmenü 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Netzwerkumgebung 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Lokale Einstellungen 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Eigene Dateien 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Druckumgebung 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Documents\Eigene Musik 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Documents\Eigene Bilder 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\AppData\Local\Verlauf 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\AppData\Local\Anwendungsdaten 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Anwendungsdaten 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Users\H\Desktop\Uni 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Users\H\Desktop\Txt 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Users\H\Desktop\Musik 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Program Files\PostgreSQL 2013-10-22 15:33 - 2013-10-22 14:05 - 00000000 ____D C:\Users\postgres\AppData\Roaming\Macromedia 2013-10-22 15:33 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-10-22 15:33 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-10-22 15:33 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2013-10-22 15:33 - 2013-08-22 16:36 - 00000000 ____D C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-10-22 15:32 - 2013-10-22 23:50 - 00000138 _____ C:\Users\H\Desktop\Amazon Gutscheine.txt 2013-10-22 15:32 - 2012-11-07 00:13 - 04983296 _____ C:\Program Files (x86)\AudioConverter.exe 2013-10-22 15:31 - 2013-10-27 18:25 - 00036352 ___SH C:\Users\H\Desktop\Thumbs.db 2013-10-22 15:31 - 2013-10-22 11:47 - 00006094 _____ C:\Program Files (x86)\Keepass.kdbx 2013-10-22 15:31 - 2013-10-21 21:31 - 00000147 _____ C:\Users\H\Desktop\Neues Textdokument.txt 2013-10-22 15:31 - 2013-10-18 17:43 - 00014741 _____ C:\Users\H\Desktop\Bankgebühren.odt 2013-10-22 15:31 - 2013-10-16 12:39 - 00000112 _____ C:\Users\H\Desktop\Neues Textdokument (2).txt 2013-10-22 15:31 - 2012-10-28 12:22 - 00001346 _____ C:\Users\H\Desktop\Herunterfahren.lnk 2013-10-22 15:28 - 2013-10-22 15:49 - 00000000 ____D C:\Users\H\AppData\Local\PokerTracker 4 2013-10-22 15:28 - 2013-10-22 15:28 - 00005002 _____ C:\ProgramData\flwjycbm.bab 2013-10-22 15:28 - 2013-10-22 15:28 - 00001090 _____ C:\Users\H\Desktop\PokerTracker 4.lnk 2013-10-22 15:28 - 2013-10-22 15:28 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4 2013-10-22 15:27 - 2013-10-28 19:39 - 00000000 ____D C:\Program Files (x86)\PokerTracker 4 2013-10-22 15:23 - 2013-10-22 15:23 - 00000814 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\William Hill Poker.lnk 2013-10-22 15:23 - 2013-10-22 15:23 - 00000784 _____ C:\Users\H\Desktop\William Hill Poker.lnk 2013-10-22 15:22 - 2013-10-22 15:49 - 00000000 ____D C:\Users\H\AppData\Local\FullTiltPoker.eu 2013-10-22 15:22 - 2013-10-22 15:22 - 00000000 ____D C:\Users\H\AppData\Local\cache 2013-10-22 15:21 - 2013-10-22 17:38 - 00000000 ____D C:\Program Files (x86)\Full Tilt Poker.Eu 2013-10-22 15:21 - 2013-10-22 15:21 - 00001094 _____ C:\Users\Public\Desktop\Full Tilt Poker.Eu.lnk 2013-10-22 15:20 - 2013-10-22 15:20 - 00000751 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Poker 770.lnk 2013-10-22 15:20 - 2013-10-22 15:20 - 00000721 _____ C:\Users\H\Desktop\Poker 770.lnk 2013-10-22 15:19 - 2013-10-29 10:11 - 00000000 ____D C:\Users\H\AppData\Local\PokerStars.EU 2013-10-22 15:19 - 2013-10-22 16:22 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU 2013-10-22 15:19 - 2013-10-22 15:19 - 00001100 _____ C:\Users\Public\Desktop\PokerStars.eu.lnk 2013-10-22 15:18 - 2013-10-22 15:23 - 00000000 ____D C:\Poker 2013-10-22 15:18 - 2013-10-22 15:21 - 00000772 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winner Poker.lnk 2013-10-22 15:18 - 2013-10-22 15:21 - 00000742 _____ C:\Users\H\Desktop\Winner Poker.lnk 2013-10-22 15:18 - 2013-10-22 15:18 - 00001713 _____ C:\Users\H\Desktop\partypoker.lnk 2013-10-22 15:18 - 2013-10-22 15:18 - 00000000 ____D C:\Users\H\AppData\Roaming\Party 2013-10-22 15:18 - 2013-10-22 15:18 - 00000000 ____D C:\Users\H\AppData\Roaming\cef-cache 2013-10-22 15:17 - 2013-10-22 15:17 - 00000000 ____D C:\Program Files (x86)\Partypoker 2013-10-22 14:53 - 2013-10-22 14:53 - 00000000 ____D C:\Program Files\ffdshow 2013-10-22 14:52 - 2013-10-28 18:34 - 00000000 ____D C:\Users\H\AppData\Local\JDownloader 2.0 2013-10-22 14:52 - 2013-10-22 14:52 - 00002099 _____ C:\Users\H\Desktop\JDownloader 2.lnk 2013-10-22 14:52 - 2013-10-22 14:52 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader 2013-10-22 14:46 - 2013-10-22 14:46 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2013-10-22 14:45 - 2013-10-22 14:45 - 00000000 ____D C:\Users\H\Documents\ProcAlyzer Dumps 2013-10-22 14:43 - 2013-10-22 14:43 - 00005900 _____ C:\Users\H\Desktop\install.txt 2013-10-22 14:38 - 2013-10-22 14:39 - 00000000 ___RD C:\Windows\BrowserChoice 2013-10-22 14:38 - 2013-10-22 14:38 - 00000000 ____D C:\Program Files\Intel 2013-10-22 14:31 - 2013-10-22 14:31 - 00001132 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk 2013-10-22 14:31 - 2013-10-22 14:31 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4 2013-10-22 14:30 - 2013-10-22 14:30 - 00000000 ____D C:\Program Files (x86)\Biet-O-Matic 2013-10-22 14:30 - 2003-01-07 01:22 - 00015873 _____ C:\Windows\SysWOW64\Inetde.dll 2013-10-22 14:30 - 2000-12-05 22:00 - 00109248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mswinsck.ocx 2013-10-22 14:30 - 2000-10-01 22:00 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb6de.dll 2013-10-22 14:30 - 2000-05-22 14:58 - 00115920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx 2013-10-22 14:30 - 2000-05-21 22:00 - 01066176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mscomctl.ocx 2013-10-22 14:30 - 2000-04-03 18:06 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winskde.dll 2013-10-22 14:30 - 2000-04-03 18:05 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstdfmt.dll 2013-10-22 14:30 - 1999-07-14 12:07 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stdftde.dll 2013-10-22 14:30 - 1998-07-05 22:00 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mscmcde.dll 2013-10-22 14:30 - 1998-07-05 22:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctde.dll 2013-10-22 14:30 - 1998-06-23 22:00 - 00209192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctl32.ocx 2013-10-22 14:29 - 2013-10-22 17:40 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2013-10-22 14:29 - 2013-09-20 09:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2013-10-22 14:28 - 2013-10-22 14:46 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-10-22 14:26 - 2013-10-22 14:26 - 00000000 ____D C:\Program Files\Tracker Software 2013-10-22 14:24 - 2013-10-22 14:39 - 00000000 ____D C:\Users\H\AppData\Roaming\Skype 2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ____D C:\ProgramData\Skype 2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2013-10-22 14:23 - 2013-10-22 14:23 - 00000000 ____D C:\Program Files (x86)\Veetle 2013-10-22 14:22 - 2013-10-22 17:19 - 00000000 ____D C:\Users\H\AppData\Roaming\Winamp 2013-10-22 14:22 - 2013-10-22 14:22 - 00000995 _____ C:\Users\Public\Desktop\Winamp.lnk 2013-10-22 14:22 - 2013-10-22 14:22 - 00000000 ____D C:\Program Files (x86)\Winamp 2013-10-22 14:21 - 2013-10-22 14:21 - 00002764 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2013-10-22 14:21 - 2013-10-22 14:21 - 00000000 ____D C:\Program Files\CCleaner 2013-10-22 14:19 - 2013-10-22 14:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-10-22 14:19 - 2013-10-22 14:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-10-22 14:19 - 2013-10-22 14:19 - 00000000 ____D C:\Users\H\AppData\Roaming\Malwarebytes 2013-10-22 14:18 - 2013-10-22 14:18 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-10-22 14:18 - 2013-10-22 14:18 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-22 14:18 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-10-22 14:17 - 2013-10-22 14:17 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2 2013-10-22 14:16 - 2013-10-22 14:16 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-10-22 14:16 - 2013-10-22 14:16 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-10-22 14:16 - 2013-10-22 14:16 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-10-22 14:16 - 2013-10-22 14:16 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-22 14:16 - 2013-10-22 14:16 - 00000000 ____D C:\ProgramData\Sun 2013-10-22 14:16 - 2013-10-22 14:16 - 00000000 ____D C:\Program Files (x86)\Java 2013-10-22 14:15 - 2013-10-22 14:16 - 00000000 ____D C:\ProgramData\Oracle 2013-10-22 14:15 - 2013-10-22 14:15 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2013-10-22 14:15 - 2013-10-22 14:15 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2013-10-22 14:15 - 2013-10-22 14:15 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2013-10-22 14:15 - 2013-10-22 14:15 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2013-10-22 14:15 - 2013-10-22 14:15 - 00000000 ____D C:\Program Files\Java 2013-10-22 14:15 - 2013-10-22 14:15 - 00000000 ____D C:\Program Files\Image Resizer for Windows 2013-10-22 14:15 - 2013-10-22 14:15 - 00000000 ____D C:\Program Files (x86)\Image Resizer for Windows 2013-10-22 14:14 - 2013-10-22 14:14 - 00001714 _____ C:\Users\H\Desktop\MPC-HC x64.lnk 2013-10-22 14:14 - 2013-10-22 14:14 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2013-10-22 14:14 - 2013-10-22 14:14 - 00000000 ____D C:\Program Files\MPC-HC 2013-10-22 14:14 - 2013-10-22 14:14 - 00000000 ____D C:\Program Files (x86)\Haali 2013-10-22 14:13 - 2013-10-22 14:13 - 00002232 _____ C:\Users\Public\Desktop\Google Earth.lnk 2013-10-22 14:11 - 2013-10-22 14:39 - 00000000 ____D C:\Users\H\AppData\Roaming\Dropbox 2013-10-22 14:11 - 2013-10-22 14:11 - 00001965 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk 2013-10-22 14:11 - 2013-10-22 14:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2013-10-22 14:11 - 2013-10-22 14:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Canneverbe Limited 2013-10-22 14:11 - 2013-10-22 14:11 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP 2013-10-22 14:10 - 2013-10-22 14:39 - 00000000 ____D C:\Program Files\Avast 2013-10-22 14:10 - 2013-10-22 14:10 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2013-10-22 14:10 - 2013-10-22 14:10 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2013-10-22 14:10 - 2013-10-22 14:10 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00000000 ____D C:\Users\H\AppData\Roaming\AVAST Software 2013-10-22 14:10 - 2013-10-22 14:10 - 00000000 ____D C:\Program Files\Calibre2 2013-10-22 14:09 - 2013-10-22 14:09 - 00000000 ____D C:\ProgramData\AVAST Software 2013-10-22 14:06 - 2013-10-22 14:06 - 00000394 _____ C:\InstallHelper.log 2013-10-22 14:06 - 2013-10-22 14:06 - 00000000 ____D C:\Windows\SysWOW64\Adobe 2013-10-22 14:06 - 2013-10-22 14:06 - 00000000 ____D C:\ProgramData\eBay 2013-10-22 14:06 - 2013-10-22 14:06 - 00000000 ____D C:\Program Files (x86)\eBay 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Users\H\AppData\Local\Adobe 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\ProgramData\Adobe 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-10-22 13:59 - 2013-10-22 14:42 - 00000000 ____D C:\Windows\Panther 2013-10-22 13:44 - 2013-09-26 13:08 - 00707560 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll 2013-10-22 13:44 - 2013-09-26 12:21 - 23213568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-10-22 13:44 - 2013-09-26 11:09 - 17143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-10-22 13:44 - 2013-09-26 10:37 - 02763776 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-10-22 13:44 - 2013-09-26 10:20 - 00556032 _____ (Microsoft Corporation) C:\Windows\system32\recimg.exe 2013-10-22 13:44 - 2013-09-26 09:46 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-10-22 13:44 - 2013-09-26 09:35 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-10-22 13:44 - 2013-09-26 09:24 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-10-22 13:44 - 2013-09-26 09:23 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-10-22 13:44 - 2013-09-26 08:58 - 12996096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-10-22 13:44 - 2013-09-26 08:42 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-10-22 13:44 - 2013-09-26 08:39 - 13172736 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2013-10-22 13:44 - 2013-09-26 08:37 - 11670528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2013-10-22 13:44 - 2013-09-26 08:32 - 00638464 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll 2013-10-22 13:44 - 2013-09-26 08:21 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-10-22 13:44 - 2013-09-26 08:14 - 00528896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll 2013-10-22 13:44 - 2013-09-26 08:03 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe 2013-10-22 13:44 - 2013-09-26 07:54 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-10-22 13:44 - 2013-09-26 07:52 - 00476672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe 2013-10-22 13:44 - 2013-09-26 07:51 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll 2013-10-22 13:44 - 2013-09-26 07:47 - 04079104 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll 2013-10-22 13:44 - 2013-09-26 07:47 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-10-22 13:44 - 2013-09-26 07:40 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-10-22 13:44 - 2013-09-26 07:37 - 02616832 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-10-22 13:44 - 2013-09-26 07:36 - 00867840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll 2013-10-22 13:44 - 2013-09-26 07:35 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll 2013-10-22 13:44 - 2013-09-26 07:34 - 02295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-10-22 13:44 - 2013-09-26 07:34 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\MrmIndexer.dll 2013-10-22 13:44 - 2013-09-26 07:34 - 00515072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmIndexer.dll 2013-10-22 13:44 - 2013-09-26 07:32 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll 2013-10-22 13:44 - 2013-09-26 07:30 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll 2013-10-22 13:44 - 2013-09-26 07:25 - 00560128 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe 2013-10-22 13:44 - 2013-09-25 11:25 - 00783504 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll 2013-10-22 13:44 - 2013-09-25 09:58 - 00648648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll 2013-10-22 13:44 - 2013-09-25 08:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll 2013-10-22 13:44 - 2013-09-25 06:40 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\windows.immersiveshell.serviceprovider.dll 2013-10-22 13:44 - 2013-09-24 11:12 - 00258904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys 2013-10-22 13:44 - 2013-09-24 07:55 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe 2013-10-22 13:44 - 2013-09-24 06:59 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe 2013-10-22 13:44 - 2013-09-24 06:54 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll 2013-10-22 13:44 - 2013-09-24 06:10 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll 2013-10-22 13:44 - 2013-09-24 06:05 - 01245696 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2013-10-22 13:44 - 2013-09-24 06:05 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll 2013-10-22 13:44 - 2013-09-24 06:00 - 01147904 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll 2013-10-22 13:44 - 2013-09-24 05:35 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll 2013-10-22 13:44 - 2013-09-24 05:27 - 00919552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll 2013-10-22 13:44 - 2013-09-24 04:56 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll 2013-10-22 13:44 - 2013-09-24 04:50 - 01302016 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2013-10-22 13:44 - 2013-09-23 08:58 - 21195128 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2013-10-22 13:44 - 2013-09-23 07:13 - 18640456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-10-22 13:44 - 2013-09-23 03:39 - 02800640 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2013-10-22 13:44 - 2013-09-23 03:25 - 01019392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2013-10-22 13:44 - 2013-09-23 02:46 - 00409088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-10-22 13:44 - 2013-09-23 02:42 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll 2013-10-22 13:44 - 2013-09-21 13:10 - 00579416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys 2013-10-22 13:44 - 2013-09-21 13:10 - 00236376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2013-10-22 13:44 - 2013-09-21 13:10 - 00151384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys 2013-10-22 13:44 - 2013-09-21 12:50 - 01286552 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2013-10-22 13:44 - 2013-09-21 12:50 - 00528048 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2013-10-22 13:44 - 2013-09-21 12:48 - 00700352 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2013-10-22 13:44 - 2013-09-21 12:48 - 00534048 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2013-10-22 13:44 - 2013-09-21 12:48 - 00358384 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll 2013-10-22 13:44 - 2013-09-21 12:48 - 00123480 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll 2013-10-22 13:44 - 2013-09-21 12:18 - 01109936 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2013-10-22 13:44 - 2013-09-21 12:05 - 00136536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2013-10-22 13:44 - 2013-09-21 12:04 - 00419160 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2013-10-22 13:44 - 2013-09-21 12:04 - 00086872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys 2013-10-22 13:44 - 2013-09-21 11:56 - 02555224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-10-22 13:44 - 2013-09-21 11:56 - 01119576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2013-10-22 13:44 - 2013-09-21 11:56 - 00101208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-10-22 13:44 - 2013-09-21 11:54 - 02328328 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2013-10-22 13:44 - 2013-09-21 11:53 - 02131120 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2013-10-22 13:44 - 2013-09-21 11:53 - 01928656 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll 2013-10-22 13:44 - 2013-09-21 11:53 - 01534504 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2013-10-22 13:44 - 2013-09-21 11:53 - 00996320 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll 2013-10-22 13:44 - 2013-09-21 11:53 - 00934856 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll 2013-10-22 13:44 - 2013-09-21 11:53 - 00482456 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2013-10-22 13:44 - 2013-09-21 11:53 - 00366688 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll 2013-10-22 13:44 - 2013-09-21 11:53 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2013-10-22 13:44 - 2013-09-21 11:51 - 01720552 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-10-22 13:44 - 2013-09-21 11:45 - 00171968 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-10-22 13:44 - 2013-09-21 10:37 - 02065960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2013-10-22 13:44 - 2013-09-21 10:23 - 00578952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2013-10-22 13:44 - 2013-09-21 10:23 - 00427096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2013-10-22 13:44 - 2013-09-21 10:23 - 00098104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll 2013-10-22 13:44 - 2013-09-21 10:12 - 01370800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll 2013-10-22 13:44 - 2013-09-21 10:12 - 01092896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2013-10-22 13:44 - 2013-09-21 10:09 - 02142424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2013-10-22 13:44 - 2013-09-21 10:09 - 01472048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-10-22 13:44 - 2013-09-21 10:09 - 00796928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll 2013-10-22 13:44 - 2013-09-21 10:09 - 00382224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2013-10-22 13:44 - 2013-09-21 10:09 - 00312936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll 2013-10-22 13:44 - 2013-09-21 09:01 - 04191744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-10-22 13:44 - 2013-09-21 08:58 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2013-10-22 13:44 - 2013-09-21 08:57 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2013-10-22 13:44 - 2013-09-21 08:56 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2013-10-22 13:44 - 2013-09-21 08:55 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys 2013-10-22 13:44 - 2013-09-21 08:50 - 00240128 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2013-10-22 13:44 - 2013-09-21 08:38 - 18576896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2013-10-22 13:44 - 2013-09-21 08:17 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe 2013-10-22 13:44 - 2013-09-21 08:06 - 13925888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2013-10-22 13:44 - 2013-09-21 08:05 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2013-10-22 13:44 - 2013-09-21 07:57 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2013-10-22 13:44 - 2013-09-21 07:55 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2013-10-22 13:44 - 2013-09-21 07:33 - 11366912 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll 2013-10-22 13:44 - 2013-09-21 07:27 - 00911872 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll 2013-10-22 13:44 - 2013-09-21 07:06 - 01415168 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-10-22 13:44 - 2013-09-21 07:01 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll 2013-10-22 13:44 - 2013-09-21 07:00 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2013-10-22 13:44 - 2013-09-21 06:59 - 00940544 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2013-10-22 13:44 - 2013-09-21 06:58 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2013-10-22 13:44 - 2013-09-21 06:57 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\livessp.dll 2013-10-22 13:44 - 2013-09-21 06:56 - 08712704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll 2013-10-22 13:44 - 2013-09-21 06:50 - 00767488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll 2013-10-22 13:44 - 2013-09-21 06:45 - 01102336 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-10-22 13:44 - 2013-09-21 06:43 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll 2013-10-22 13:44 - 2013-09-21 06:38 - 00365568 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2013-10-22 13:44 - 2013-09-21 06:37 - 00101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-10-22 13:44 - 2013-09-21 06:36 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll 2013-10-22 13:44 - 2013-09-21 06:34 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll 2013-10-22 13:44 - 2013-09-21 06:31 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2013-10-22 13:44 - 2013-09-21 06:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll 2013-10-22 13:44 - 2013-09-21 06:25 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll 2013-10-22 13:44 - 2013-09-21 06:20 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll 2013-10-22 13:44 - 2013-09-21 06:16 - 01503232 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2013-10-22 13:44 - 2013-09-21 06:13 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll 2013-10-22 13:44 - 2013-09-21 06:10 - 12028416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2013-10-22 13:44 - 2013-09-21 06:09 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll 2013-10-22 13:44 - 2013-09-21 06:08 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll 2013-10-22 13:44 - 2013-09-21 06:05 - 08875008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2013-10-22 13:44 - 2013-09-21 06:02 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll 2013-10-22 13:44 - 2013-09-21 05:58 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll 2013-10-22 13:44 - 2013-09-21 05:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll 2013-10-22 13:44 - 2013-09-21 05:49 - 04975104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll 2013-10-22 13:44 - 2013-09-21 05:48 - 07544320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll 2013-10-22 13:44 - 2013-09-21 05:45 - 02569728 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll 2013-10-22 13:44 - 2013-09-21 05:45 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll 2013-10-22 13:44 - 2013-09-21 05:44 - 01662464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll 2013-10-22 13:44 - 2013-09-21 05:42 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll 2013-10-22 13:44 - 2013-09-21 05:39 - 01455616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll 2013-10-22 13:44 - 2013-09-21 05:38 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll 2013-10-22 13:44 - 2013-09-21 05:38 - 00102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll 2013-10-22 13:44 - 2013-09-21 05:37 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll 2013-10-22 13:44 - 2013-09-21 05:36 - 01185280 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll 2013-10-22 13:44 - 2013-09-19 16:25 - 00039768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys 2013-10-22 13:44 - 2013-09-19 08:19 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersRes.dll 2013-10-22 13:44 - 2013-09-19 07:39 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll 2013-10-22 13:44 - 2013-09-19 07:27 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe 2013-10-22 13:44 - 2013-09-19 07:23 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WorkFoldersRes.dll 2013-10-22 13:44 - 2013-09-19 07:17 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx 2013-10-22 13:44 - 2013-09-19 06:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.dll 2013-10-22 13:44 - 2013-09-19 06:43 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll 2013-10-22 13:44 - 2013-09-19 06:30 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll 2013-10-22 13:44 - 2013-09-19 06:29 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx 2013-10-22 13:44 - 2013-09-19 06:08 - 01150976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2013-10-22 13:44 - 2013-09-19 06:01 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll 2013-10-22 13:44 - 2013-09-19 05:49 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll 2013-10-22 13:44 - 2013-09-19 05:37 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll 2013-10-22 13:44 - 2013-09-19 05:32 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll 2013-10-22 13:44 - 2013-09-19 05:27 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll 2013-10-22 13:44 - 2013-09-19 05:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll 2013-10-22 13:44 - 2013-09-19 05:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll 2013-10-22 13:44 - 2013-09-19 05:25 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2013-10-22 13:44 - 2013-09-19 05:11 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll 2013-10-22 13:44 - 2013-09-19 05:10 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll 2013-10-22 13:44 - 2013-09-19 04:59 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll 2013-10-22 13:44 - 2013-09-19 04:55 - 00552448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll 2013-10-22 13:44 - 2013-09-19 04:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2013-10-22 13:44 - 2013-09-19 04:32 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll 2013-10-22 13:44 - 2013-09-19 04:29 - 01581568 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll 2013-10-22 13:44 - 2013-09-17 10:18 - 00467800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS 2013-10-22 13:44 - 2013-09-17 07:58 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2013-10-22 13:44 - 2013-09-17 06:26 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2013-10-22 13:44 - 2013-09-17 06:15 - 01225728 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll 2013-10-22 13:44 - 2013-09-17 06:00 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll 2013-10-22 13:44 - 2013-09-17 05:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll 2013-10-22 13:44 - 2013-09-17 05:08 - 00738304 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll 2013-10-22 13:44 - 2013-09-17 04:28 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll 2013-10-22 13:44 - 2013-09-14 15:06 - 07401304 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-10-22 13:44 - 2013-09-14 15:06 - 00175960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VerifierExt.sys 2013-10-22 13:44 - 2013-09-14 15:06 - 00066904 _____ (Microsoft Corporation) C:\Windows\system32\PSHED.DLL 2013-10-22 13:44 - 2013-09-14 12:39 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2013-10-22 13:44 - 2013-09-14 12:38 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys 2013-10-22 13:44 - 2013-09-14 09:35 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll 2013-10-22 13:44 - 2013-09-13 13:24 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2013-10-22 13:44 - 2013-09-13 10:52 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\SensorsClassExtension.dll 2013-10-22 13:44 - 2013-09-13 09:54 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll 2013-10-22 13:44 - 2013-09-13 09:10 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll 2013-10-22 13:44 - 2013-09-13 08:55 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll 2013-10-22 13:44 - 2013-09-13 08:30 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2013-10-22 13:44 - 2013-09-13 08:28 - 03524096 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2013-10-22 13:44 - 2013-09-12 13:33 - 06353952 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2013-10-22 13:44 - 2013-09-12 08:37 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll 2013-10-22 13:44 - 2013-09-11 13:46 - 00371032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys 2013-10-22 13:44 - 2013-09-11 10:31 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys 2013-10-22 13:44 - 2013-09-11 10:31 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2013-10-22 13:44 - 2013-09-11 08:41 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll 2013-10-22 13:44 - 2013-09-11 08:09 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll 2013-10-22 13:44 - 2013-09-10 04:39 - 06639104 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2013-10-22 13:44 - 2013-09-10 04:39 - 05769728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2013-10-22 13:44 - 2013-09-07 17:12 - 00458616 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2013-10-22 13:44 - 2013-09-07 17:12 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2013-10-22 13:44 - 2013-09-07 15:45 - 00408480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2013-10-22 13:44 - 2013-09-07 15:45 - 00368736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll 2013-10-22 13:44 - 2013-09-07 13:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\fdprint.dll 2013-10-22 13:44 - 2013-09-07 13:29 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll 2013-10-22 13:44 - 2013-09-07 13:00 - 00256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdprint.dll 2013-10-22 13:44 - 2013-09-07 12:50 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll 2013-10-22 13:44 - 2013-09-07 12:45 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll 2013-10-22 13:44 - 2013-09-07 12:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll 2013-10-22 13:44 - 2013-09-07 12:25 - 01160704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll 2013-10-22 13:44 - 2013-09-07 12:22 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll 2013-10-22 13:44 - 2013-09-07 12:13 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll 2013-10-22 13:44 - 2013-09-07 12:11 - 00762368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll 2013-10-22 13:44 - 2013-09-07 12:07 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\TetheringMgr.dll 2013-10-22 13:44 - 2013-09-07 11:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll 2013-10-22 13:44 - 2013-09-07 11:51 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll 2013-10-22 13:44 - 2013-09-05 08:39 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys 2013-10-22 13:44 - 2013-09-05 07:42 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe 2013-10-22 13:44 - 2013-09-05 06:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Utilman.exe 2013-10-22 13:44 - 2013-09-05 05:58 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll 2013-10-22 13:44 - 2013-09-05 05:39 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll 2013-10-22 13:44 - 2013-09-04 08:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll 2013-10-22 13:44 - 2013-09-04 07:16 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll 2013-10-22 13:44 - 2013-09-04 06:47 - 00492032 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll 2013-10-22 13:44 - 2013-09-04 06:45 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\miutils.dll 2013-10-22 13:44 - 2013-09-04 06:12 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\DscCoreConfProv.dll 2013-10-22 13:44 - 2013-09-04 06:04 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\miutils.dll 2013-10-22 13:44 - 2013-09-04 05:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\DscCore.dll 2013-10-22 13:44 - 2013-09-04 05:48 - 00326656 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll 2013-10-22 13:44 - 2013-09-04 05:35 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll 2013-10-22 13:44 - 2013-08-31 15:18 - 00205024 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll 2013-10-22 13:44 - 2013-08-31 13:15 - 00180232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll 2013-10-22 13:44 - 2013-08-31 13:04 - 00638464 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll 2013-10-22 13:44 - 2013-08-31 11:46 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll 2013-10-22 13:44 - 2013-08-31 11:00 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll 2013-10-22 13:44 - 2013-08-31 10:36 - 01231360 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll 2013-10-22 13:44 - 2013-08-31 10:25 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll 2013-10-22 13:44 - 2013-08-31 10:12 - 00888832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll 2013-10-22 13:44 - 2013-08-30 08:31 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll 2013-10-22 13:44 - 2013-08-28 09:03 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll 2013-10-22 13:44 - 2013-08-28 08:55 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe 2013-10-22 13:44 - 2013-08-28 08:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe 2013-10-22 13:44 - 2013-08-28 08:09 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\rdsdwmdr.dll 2013-10-22 13:44 - 2013-08-28 08:04 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll 2013-10-22 13:44 - 2013-08-27 08:44 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys 2013-10-22 13:44 - 2013-08-27 07:09 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll 2013-10-22 13:44 - 2013-08-27 06:42 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2013-10-22 13:44 - 2013-08-27 06:24 - 00813568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll 2013-10-22 13:44 - 2013-08-27 06:10 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-10-22 13:43 - 2013-09-29 10:22 - 01641496 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2013-10-22 13:43 - 2013-09-29 10:22 - 01506168 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2013-10-22 13:43 - 2013-09-29 10:22 - 01476184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2013-10-22 13:43 - 2013-09-29 10:22 - 01344984 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2013-10-22 13:41 - 2013-10-03 15:07 - 01537880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-10-22 13:41 - 2013-10-03 15:07 - 00382808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2013-10-22 13:41 - 2013-10-03 15:05 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2013-10-22 13:41 - 2013-10-03 15:05 - 00516496 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2013-10-22 13:41 - 2013-10-03 13:53 - 01765384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-10-22 13:41 - 2013-10-03 13:53 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2013-10-22 13:41 - 2013-10-03 10:29 - 02144768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2013-10-22 13:41 - 2013-10-03 10:16 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll 2013-10-22 13:41 - 2013-10-03 10:07 - 01765376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2013-10-22 13:41 - 2013-10-03 10:02 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll 2013-10-22 13:41 - 2013-10-02 12:00 - 01286552 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2013-10-22 13:41 - 2013-10-02 10:47 - 01018960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2013-10-22 13:41 - 2013-10-01 04:42 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll 2013-10-22 13:41 - 2013-10-01 04:36 - 00977408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll 2013-10-22 13:41 - 2013-05-02 16:29 - 00278800 ____N (Microsoft Corporation) |
![]() | #9 |
![]() ![]() | ![]() Befall von Maleware nach Download (u.a. Serach.New.Tab). GMER meldet RootkitCode:
ATTFilter C:\Windows\system32\MpSigStub.exe 2013-10-22 13:36 - 2013-10-22 13:36 - 00000000 ____D C:\Users\H\AppData\Roaming\ATI 2013-10-22 13:36 - 2013-10-22 13:36 - 00000000 ____D C:\Users\H\AppData\Local\ATI 2013-10-22 13:36 - 2013-10-22 13:36 - 00000000 ____D C:\ProgramData\ATI 2013-10-22 13:34 - 2013-10-22 13:34 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2013-10-22 13:34 - 2013-10-22 13:34 - 00000000 ____D C:\Program Files\Realtek 2013-10-22 13:34 - 2012-08-07 17:51 - 04102928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2013-10-22 13:34 - 2012-08-07 14:11 - 00329737 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2013-10-22 13:34 - 2012-08-06 14:44 - 01561744 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2013-10-22 13:34 - 2012-08-06 10:49 - 02743440 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2013-10-22 13:34 - 2012-08-03 17:18 - 01706640 ____N (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2013-10-22 13:34 - 2012-08-01 17:29 - 00109200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2013-10-22 13:34 - 2012-07-23 21:02 - 00626304 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll 2013-10-22 13:34 - 2012-07-23 21:02 - 00561792 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll 2013-10-22 13:34 - 2012-07-20 13:41 - 00880784 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2013-10-22 13:34 - 2012-07-19 15:52 - 02028920 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2013-10-22 13:34 - 2012-07-19 15:51 - 02080120 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2013-10-22 13:34 - 2012-07-19 15:51 - 00834936 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2013-10-22 13:34 - 2012-07-16 13:16 - 03643024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2013-10-22 13:34 - 2012-07-02 14:39 - 01264272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2013-10-22 13:34 - 2012-06-20 16:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2013-10-22 13:34 - 2012-06-08 15:23 - 00083072 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll 2013-10-22 13:34 - 2012-06-08 15:21 - 00897152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll 2013-10-22 13:34 - 2012-06-08 15:21 - 00753280 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll 2013-10-22 13:34 - 2012-04-10 13:40 - 02533952 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2013-10-22 13:34 - 2012-03-08 10:47 - 00202336 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2013-10-22 13:34 - 2012-03-08 10:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2013-10-22 13:34 - 2011-12-20 14:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2013-10-22 13:34 - 2011-11-22 15:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2013-10-22 13:34 - 2010-11-08 06:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2013-10-22 13:34 - 2010-11-08 06:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2013-10-22 13:34 - 2010-11-08 06:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2013-10-22 13:34 - 2010-11-08 06:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2013-10-22 13:34 - 2010-11-08 06:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2013-10-22 13:34 - 2010-11-08 06:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2013-10-22 13:34 - 2010-11-03 17:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2013-10-22 13:34 - 2010-10-15 18:20 - 02261764 _____ C:\Windows\system32\Drivers\rtvienna.dat 2013-10-22 13:34 - 2010-09-27 08:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2013-10-22 13:34 - 2009-11-24 08:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2013-10-22 13:34 - 2009-11-24 08:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2013-10-22 13:34 - 2009-11-24 08:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2013-10-22 13:34 - 2009-11-24 08:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2013-10-22 13:34 - 2009-11-18 06:12 - 00032344 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys 2013-10-22 13:28 - 2013-10-22 14:15 - 00000000 ____D C:\ProgramData\Package Cache 2013-10-22 13:28 - 2013-10-22 13:28 - 00061389 _____ C:\Windows\SysWOW64\CCCInstall_201310221428519465.log 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\ProgramData\AMD 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files\ATI 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files (x86)\ATI Technologies 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files (x86)\AMD AVT 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 _____ C:\Windows\ativpsrm.bin 2013-10-22 13:27 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files\ATI Technologies 2013-10-22 13:18 - 2013-10-22 13:18 - 00000000 ____D C:\Program Files (x86)\ASM106xSATA 2013-10-22 13:16 - 2013-10-22 16:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-10-22 13:16 - 2013-10-22 13:34 - 00000000 ____D C:\Program Files (x86)\Realtek 2013-10-22 13:16 - 2012-07-30 23:04 - 00690832 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys 2013-10-22 13:16 - 2012-07-30 23:04 - 00074344 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll 2013-10-22 13:15 - 2013-10-23 13:21 - 00000000 ____D C:\Program Files (x86)\Intel 2013-10-22 13:15 - 2012-09-14 08:59 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll 2013-10-22 13:12 - 2013-10-29 17:33 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4019318604-2835077012-2547861510-1001 2013-10-22 13:11 - 2013-10-29 18:16 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-22 13:11 - 2013-10-29 17:14 - 01686150 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-22 13:11 - 2013-10-29 17:09 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-22 13:11 - 2013-10-22 14:13 - 00000000 ____D C:\Users\H\AppData\Local\Google 2013-10-22 13:11 - 2013-10-22 14:13 - 00000000 ____D C:\Program Files (x86)\Google 2013-10-22 13:11 - 2013-10-22 13:11 - 00004086 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-10-22 13:11 - 2013-10-22 13:11 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-10-22 13:11 - 2013-10-22 13:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Macromedia 2013-10-22 13:07 - 2013-10-29 17:09 - 00000000 __RDO C:\Users\H\SkyDrive 2013-10-22 13:07 - 2013-10-22 13:07 - 00000000 ____D C:\Users\H\AppData\Local\PackageStaging 2013-10-22 13:06 - 2013-10-23 09:59 - 00000000 ____D C:\Users\H\AppData\Local\Packages 2013-10-22 13:06 - 2013-10-22 16:38 - 00000000 ____D C:\Users\H\AppData\Local\VirtualStore 2013-10-22 13:06 - 2013-10-22 14:39 - 00000000 ___RD C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-10-22 13:06 - 2013-10-22 14:39 - 00000000 ___RD C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-10-22 13:06 - 2013-10-22 14:05 - 00000000 ____D C:\Users\H\AppData\Roaming\Adobe 2013-10-22 13:06 - 2013-10-22 13:06 - 00001454 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-10-22 13:05 - 2013-10-28 15:31 - 00000000 ____D C:\Users\H 2013-10-22 13:05 - 2013-10-22 13:05 - 00000020 ___SH C:\Users\H\ntuser.ini 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Vorlagen 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Startmenü 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Netzwerkumgebung 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Lokale Einstellungen 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Eigene Dateien 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Druckumgebung 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Documents\Eigene Musik 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Documents\Eigene Bilder 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\AppData\Local\Verlauf 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\AppData\Local\Anwendungsdaten 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Anwendungsdaten 2013-10-22 13:05 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-10-22 13:05 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-10-22 13:05 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2013-10-22 13:05 - 2013-08-22 16:36 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-10-22 13:04 - 2013-10-22 13:04 - 00000000 ____D C:\Windows\CSC 2013-10-22 13:04 - 2013-09-29 05:08 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-10-22 13:04 - 2013-09-29 05:00 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll 2013-10-22 13:04 - 2013-09-29 04:50 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-10-22 13:04 - 2013-09-29 04:44 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll 2013-10-22 13:04 - 2013-09-29 04:37 - 00837120 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2013-10-22 13:04 - 2013-09-29 04:28 - 00698880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2013-10-22 13:04 - 2013-08-22 06:17 - 02407936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Vorlagen 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Startmenü 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Programme 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Vorlagen 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Startmenü 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Dokumente 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Dokumente und Einstellungen 2013-10-22 12:59 - 2013-10-22 12:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2013-10-03 22:43 - 2013-10-03 22:43 - 04067328 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 04010144 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAAC64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 02813952 _____ C:\Windows\system32\iglhxa64.cpa 2013-10-03 22:43 - 2013-10-03 22:43 - 02474832 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiVAD64.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 01423520 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSecureSourceFilter64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 01127424 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 01123328 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00844760 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 00750752 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiWinNextAgent64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00632480 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAudioFilter64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00598688 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMux64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00391128 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 00345600 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00344736 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSilenceFilter64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00279000 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 00241664 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00214528 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00209056 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUtils64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00193536 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00180224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3316.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00179712 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00176288 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiDDEAgent64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00121504 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMCUMD64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00094368 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiLogServer64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00066560 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00064000 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00044025 _____ C:\Windows\system32\iglhxo64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043816 _____ C:\Windows\system32\iglhxc64_dev.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043494 _____ C:\Windows\system32\iglhxc64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043298 _____ C:\Windows\system32\iglhxg64_dev.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043256 _____ C:\Windows\system32\iglhxg64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00042079 _____ C:\Windows\system32\iglhxo64_dev.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00002940 _____ C:\Windows\system32\iglhxs64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00001125 _____ C:\Windows\system32\iglhxa64.vp 2013-10-03 22:42 - 2013-10-03 22:42 - 25986048 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 20946944 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 13871616 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 13272576 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 12130304 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 11417600 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 09081856 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 07784448 _____ (Intel Corporation) C:\Windows\system32\ig7icd64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 07587800 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 06155264 _____ (Intel Corporation) C:\Windows\SysWOW64\ig7icd32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 04434432 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 04185600 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys 2013-10-03 22:42 - 2013-10-03 22:42 - 03524608 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 03292672 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 02974208 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 02384896 _____ C:\Windows\system32\GfxRes.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 02064896 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 01814016 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00771032 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00769496 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00754648 _____ (Intel Corporation) C:\Windows\system32\GfxUIHotKeyMenu.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00623616 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00548864 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00530392 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00527360 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00522240 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00521728 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00517120 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00516096 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00513536 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00513024 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00492032 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00412160 _____ C:\Windows\system32\igdmd64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00396248 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00393688 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00371200 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00343040 _____ C:\Windows\SysWOW64\igdmd32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00329216 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00290816 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00279040 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl 2013-10-03 22:42 - 2013-10-03 22:42 - 00265030 _____ C:\Windows\system32\Gfxres.th-TH.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00251250 _____ C:\Windows\system32\Gfxres.el-GR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00243712 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00233293 _____ C:\Windows\system32\Gfxres.ru-RU.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00223744 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00220672 _____ C:\Windows\system32\igdde64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00199323 _____ C:\Windows\system32\Gfxres.ar-SA.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00196855 _____ C:\Windows\system32\Gfxres.ja-JP.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00194048 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00190937 _____ C:\Windows\system32\Gfxres.he-IL.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00180736 _____ C:\Windows\SysWOW64\igdde32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00179235 _____ C:\Windows\system32\Gfxres.ko-KR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00179170 _____ C:\Windows\system32\Gfxres.it-IT.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00176818 _____ C:\Windows\system32\Gfxres.es-ES.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00176555 _____ C:\Windows\system32\Gfxres.fr-FR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00176526 _____ C:\Windows\system32\Gfxres.de-DE.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00175165 _____ C:\Windows\system32\Gfxres.ro-RO.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00174165 _____ C:\Windows\system32\Gfxres.hu-HU.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00173876 _____ C:\Windows\system32\Gfxres.tr-TR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00173626 _____ C:\Windows\system32\Gfxres.pl-PL.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00173401 _____ C:\Windows\system32\Gfxres.nl-NL.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00172630 _____ C:\Windows\system32\Gfxres.pt-BR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171980 _____ C:\Windows\system32\Gfxres.fi-FI.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171631 _____ C:\Windows\system32\Gfxres.sk-SK.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171464 _____ C:\Windows\system32\Gfxres.sv-SE.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171207 _____ C:\Windows\system32\Gfxres.pt-PT.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00170928 _____ C:\Windows\system32\Gfxres.cs-CZ.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00170073 _____ C:\Windows\system32\Gfxres.hr-HR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00166591 _____ C:\Windows\system32\Gfxres.sl-SI.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00165303 _____ C:\Windows\system32\Gfxres.nb-NO.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00164653 _____ C:\Windows\system32\Gfxres.da-DK.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00160256 _____ C:\Windows\system32\igdail64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00159945 _____ C:\Windows\system32\Gfxres.en-US.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00158720 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00153231 _____ C:\Windows\system32\Gfxres.zh-TW.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00153048 _____ (Intel Corporation) C:\Windows\system32\difx64.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00151479 _____ C:\Windows\system32\Gfxres.zh-CN.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00149504 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00142848 _____ C:\Windows\SysWOW64\igdail32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00133120 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00128000 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00094208 _____ C:\Windows\system32\IccLibDll_x64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00029184 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00012288 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll 2013-09-30 17:16 - 2013-09-26 22:35 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll 2013-09-30 17:16 - 2013-09-26 10:08 - 00039320 _____ (Intel Corporation) C:\Windows\system32\Drivers\intelaud.sys 2013-09-30 17:16 - 2013-09-26 10:08 - 00027032 _____ (Intel Corporation) C:\Windows\system32\Drivers\iwdbus.sys ==================== One Month Modified Files and Folders ======= 2013-10-29 18:16 - 2013-10-22 13:11 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-29 18:00 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru 2013-10-29 17:33 - 2013-10-22 13:12 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4019318604-2835077012-2547861510-1001 2013-10-29 17:27 - 2013-10-27 18:28 - 00230513 _____ C:\Windows\WindowsUpdate.log 2013-10-29 17:14 - 2013-10-22 13:11 - 01686150 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-29 17:14 - 2013-08-23 00:24 - 00726688 _____ C:\Windows\system32\perfh007.dat 2013-10-29 17:14 - 2013-08-23 00:24 - 00151380 _____ C:\Windows\system32\perfc007.dat 2013-10-29 17:09 - 2013-10-22 13:11 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-29 17:09 - 2013-10-22 13:07 - 00000000 __RDO C:\Users\H\SkyDrive 2013-10-29 17:08 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-29 10:35 - 2013-10-29 10:34 - 00000000 ___SD C:\32788R22FWJFW 2013-10-29 10:32 - 2013-10-29 10:32 - 00000000 ____D C:\Windows\erdnt 2013-10-29 10:31 - 2013-10-29 10:31 - 05137071 ____R (Swearware) C:\Users\H\Desktop\ComboFix.exe 2013-10-29 10:31 - 2013-10-28 15:17 - 00002451 _____ C:\Users\H\Desktop\Neues Textdokument (3).txt 2013-10-29 10:27 - 2013-10-29 10:27 - 00000000 ____D C:\Windows\ERUNT 2013-10-29 10:26 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2013-10-29 10:25 - 2013-10-29 10:23 - 00000000 ____D C:\AdwCleaner 2013-10-29 10:23 - 2013-10-29 10:17 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-10-29 10:17 - 2013-10-29 10:17 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2013-10-29 10:17 - 2013-10-29 10:17 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2013-10-29 10:16 - 2013-10-29 10:16 - 12576792 _____ (Malwarebytes Corp.) C:\Users\H\Downloads\mbar- 2013-10-29 10:16 - 2013-10-29 10:15 - 01033335 _____ (Thisisu) C:\Users\H\Downloads\JRT.exe 2013-10-29 10:15 - 2013-10-29 10:15 - 01060070 _____ C:\Users\H\Downloads\adwcleaner.exe 2013-10-29 10:11 - 2013-10-22 15:19 - 00000000 ____D C:\Users\H\AppData\Local\PokerStars.EU 2013-10-29 01:06 - 2013-10-22 16:39 - 00000000 ____D C:\Users\H\AppData\Roaming\KeePass 2013-10-28 19:39 - 2013-10-22 15:27 - 00000000 ____D C:\Program Files (x86)\PokerTracker 4 2013-10-28 18:34 - 2013-10-22 14:52 - 00000000 ____D C:\Users\H\AppData\Local\JDownloader 2.0 2013-10-28 16:08 - 2013-10-28 16:08 - 00032733 _____ C:\Users\H\Downloads\Logfiles (1).zip 2013-10-28 15:57 - 2013-10-22 16:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Media Player Classic 2013-10-28 15:36 - 2013-10-28 15:36 - 00032733 _____ C:\Users\H\Downloads\Logfiles.zip 2013-10-28 15:31 - 2013-10-28 15:31 - 00000236 _____ C:\Users\H\Downloads\defogger_enable.log 2013-10-28 15:31 - 2013-10-22 13:05 - 00000000 ____D C:\Users\H 2013-10-28 15:30 - 2013-10-28 15:30 - 00050477 _____ C:\Users\H\Downloads\Defogger.exe 2013-10-28 15:30 - 2013-10-28 15:30 - 00000464 _____ C:\Users\H\Downloads\defogger_disable.log 2013-10-28 15:25 - 2013-10-28 15:25 - 00052979 _____ C:\Users\H\Downloads\Gmer.txt 2013-10-28 15:08 - 2013-10-28 15:07 - 00022242 _____ C:\Users\H\Downloads\Addition.txt 2013-10-28 15:07 - 2013-10-28 15:07 - 00000000 ____D C:\FRST 2013-10-28 15:06 - 2013-10-28 15:06 - 01956538 _____ (Farbar) C:\Users\H\Downloads\FRST64.exe 2013-10-28 15:05 - 2013-10-28 15:05 - 00377856 _____ C:\Users\H\Downloads\pwsjf110.exe 2013-10-27 18:25 - 2013-10-27 18:25 - 00002982 _____ C:\Windows\PFRO.log 2013-10-27 18:25 - 2013-10-22 15:31 - 00036352 ___SH C:\Users\H\Desktop\Thumbs.db 2013-10-27 18:22 - 2013-10-27 18:22 - 00000000 ____D C:\Users\H\Downloads\Rockchip_Batch_Tool_v1.7 2013-10-27 18:09 - 2013-10-27 18:03 - 00000000 ____D C:\Users\H\Downloads\treiber 2013-10-27 18:06 - 2013-10-27 18:03 - 00000000 ____D C:\ProgramData\88e5f17f07f338ab 2013-10-27 18:04 - 2013-10-27 18:04 - 00000000 ____D C:\ProgramData\WinterSoft 2013-10-27 18:04 - 2013-10-27 18:02 - 00000000 ____D C:\ProgramData\InstallMate 2013-10-27 17:44 - 2013-10-27 17:44 - 00000000 ____D C:\Users\H\Downloads\update_release03 2013-10-27 17:44 - 2013-10-27 17:26 - 283612513 _____ C:\Users\H\Downloads\update_release03.zip 2013-10-27 17:41 - 2013-10-27 16:09 - 283608132 _____ C:\Users\H\Downloads\beta_JB_04.zip 2013-10-27 16:56 - 2013-10-27 16:56 - 40344091 _____ C:\Users\H\Downloads\mk808_mod.wmv 2013-10-26 20:57 - 2013-10-26 20:46 - 00000000 ____D C:\Users\H\AppData\Roaming\XBMC 2013-10-26 20:55 - 2013-10-26 20:55 - 00171522 _____ C:\Program Files (x86)\plugin.video.istream.ws (1).zip 2013-10-26 20:52 - 2013-10-26 20:52 - 00003998 _____ C:\Users\H\Desktop\XBMC.exe - Verknüpfung.lnk 2013-10-26 20:46 - 2013-10-26 20:46 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC 2013-10-26 20:46 - 2013-10-26 20:46 - 00000000 ____D C:\Program Files (x86)\XBMC 2013-10-26 20:44 - 2013-10-26 20:43 - 51965718 _____ C:\Users\H\Downloads\xbmc-12.2.exe 2013-10-26 00:03 - 2013-10-24 19:32 - 00000000 ____D C:\Users\H\Desktop\GesundheitsÖko 2013-10-25 16:19 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache 2013-10-24 12:03 - 2013-10-24 12:03 - 08354171 _____ C:\Users\H\Downloads\Frauentausch mit bvb fan uwe Video - Protofex - MyVideo.flv 2013-10-23 13:59 - 2013-10-22 15:33 - 00000000 ____D C:\Users\postgres 2013-10-23 13:59 - 2013-08-22 14:25 - 52953088 _____ C:\Windows\system32\config\SOFTWARE_tureg_old 2013-10-23 13:59 - 2013-08-22 14:25 - 11272192 _____ C:\Windows\system32\config\SYSTEM_tureg_old 2013-10-23 13:59 - 2013-08-22 14:25 - 00524288 _____ C:\Windows\system32\config\DEFAULT_tureg_old 2013-10-23 13:59 - 2013-08-22 14:25 - 00262144 _____ C:\Windows\system32\config\SECURITY_tureg_old 2013-10-23 13:59 - 2013-08-22 14:25 - 00262144 _____ C:\Windows\system32\config\SAM_tureg_old 2013-10-23 13:51 - 2013-10-23 13:51 - 00003704 _____ C:\Windows\System32\Tasks\Java Update Scheduler 2013-10-23 13:50 - 2013-10-23 13:29 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2013-10-23 13:48 - 2013-10-23 13:48 - 00000000 ____D C:\Users\H\AppData\Roaming\TuneUp Software 2013-10-23 13:48 - 2013-10-23 13:47 - 00000000 ____D C:\ProgramData\TuneUp Software 2013-10-23 13:21 - 2013-10-22 13:15 - 00000000 ____D C:\Program Files (x86)\Intel 2013-10-23 13:20 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2013-10-23 12:01 - 2013-10-29 10:54 - 00872840 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2013-10-23 09:59 - 2013-10-29 10:54 - 00698232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2013-10-23 09:59 - 2013-10-22 13:06 - 00000000 ____D C:\Users\H\AppData\Local\Packages 2013-10-23 09:59 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness 2013-10-22 23:50 - 2013-10-22 15:32 - 00000138 _____ C:\Users\H\Desktop\Amazon Gutscheine.txt 2013-10-22 23:18 - 2013-10-22 23:18 - 00015435 _____ C:\Users\H\Downloads\psid_2007_comp_meth.zip 2013-10-22 23:12 - 2013-10-22 23:12 - 00027978 _____ C:\Users\H\Downloads\GLUCKSY.zip 2013-10-22 17:40 - 2013-10-22 14:29 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2013-10-22 17:38 - 2013-10-22 15:21 - 00000000 ____D C:\Program Files (x86)\Full Tilt Poker.Eu 2013-10-22 17:20 - 2013-10-22 17:20 - 00000890 _____ C:\Users\H\Desktop\Downloads - Verknüpfung.lnk 2013-10-22 17:19 - 2013-10-22 14:22 - 00000000 ____D C:\Users\H\AppData\Roaming\Winamp 2013-10-22 16:42 - 2013-10-22 16:42 - 00001058 _____ C:\Users\H\Desktop\StarsHelper.lnk 2013-10-22 16:42 - 2013-10-22 15:33 - 00000000 ____D C:\Users\H\Desktop\StarsHelper 2013-10-22 16:38 - 2013-10-22 13:06 - 00000000 ____D C:\Users\H\AppData\Local\VirtualStore 2013-10-22 16:37 - 2013-10-22 16:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-10-22 16:31 - 2013-10-22 16:31 - 00000000 ____D C:\Program Files (x86)\Browny02 2013-10-22 16:31 - 2013-10-22 16:31 - 00000000 ____D C:\Program Files (x86)\Brother 2013-10-22 16:31 - 2013-10-22 16:31 - 00000000 ____D C:\Brother 2013-10-22 16:31 - 2013-10-22 16:30 - 00000000 ____D C:\ProgramData\Brother 2013-10-22 16:30 - 2013-10-22 16:30 - 00000000 ____D C:\Users\H\AppData\Roaming\InstallShield 2013-10-22 16:30 - 2013-10-22 13:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-10-22 16:22 - 2013-10-22 16:22 - 00000000 ____D C:\ProgramData\Canneverbe Limited 2013-10-22 16:22 - 2013-10-22 15:19 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU 2013-10-22 16:21 - 2013-10-22 16:21 - 00000000 ____D C:\Users\H\AppData\Roaming\OpenOffice 2013-10-22 16:19 - 2013-10-22 16:19 - 00000000 ____D C:\Program Files\7-Zip 2013-10-22 16:15 - 2013-10-22 16:14 - 00000000 ____D C:\Users\H\Documents\Calibre-Bibliothek 2013-10-22 16:15 - 2013-10-22 16:14 - 00000000 ____D C:\Users\H\AppData\Roaming\calibre 2013-10-22 16:14 - 2013-10-22 16:14 - 00000000 ____D C:\Users\H\AppData\Local\calibre-cache 2013-10-22 15:57 - 2013-10-22 15:57 - 00000000 ____D C:\Users\H\AppData\Local\StarsHelper 2013-10-22 15:55 - 2013-10-22 15:55 - 00000956 _____ C:\Users\H\Desktop\Audio Converter.lnk 2013-10-22 15:55 - 2013-10-22 15:55 - 00000000 ____D C:\Program Files (x86)\Tools 2013-10-22 15:55 - 2013-10-22 15:53 - 30100565 _____ C:\Program Files (x86)\AudioConverterTools.ZIP 2013-10-22 15:49 - 2013-10-22 15:28 - 00000000 ____D C:\Users\H\AppData\Local\PokerTracker 4 2013-10-22 15:49 - 2013-10-22 15:22 - 00000000 ____D C:\Users\H\AppData\Local\FullTiltPoker.eu 2013-10-22 15:33 - 2013-10-22 15:33 - 00000020 ___SH C:\Users\postgres\ntuser.ini 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Vorlagen 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Startmenü 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Netzwerkumgebung 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Lokale Einstellungen 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Eigene Dateien 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Druckumgebung 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Documents\Eigene Musik 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Documents\Eigene Bilder 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\AppData\Local\Verlauf 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\AppData\Local\Anwendungsdaten 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Anwendungsdaten 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Users\H\Desktop\Uni 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Users\H\Desktop\Txt 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Users\H\Desktop\Musik 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Program Files\PostgreSQL 2013-10-22 15:28 - 2013-10-22 15:28 - 00005002 _____ C:\ProgramData\flwjycbm.bab 2013-10-22 15:28 - 2013-10-22 15:28 - 00001090 _____ C:\Users\H\Desktop\PokerTracker 4.lnk 2013-10-22 15:28 - 2013-10-22 15:28 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4 2013-10-22 15:23 - 2013-10-22 15:23 - 00000814 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\William Hill Poker.lnk 2013-10-22 15:23 - 2013-10-22 15:23 - 00000784 _____ C:\Users\H\Desktop\William Hill Poker.lnk 2013-10-22 15:23 - 2013-10-22 15:18 - 00000000 ____D C:\Poker 2013-10-22 15:22 - 2013-10-22 15:22 - 00000000 ____D C:\Users\H\AppData\Local\cache 2013-10-22 15:21 - 2013-10-22 15:21 - 00001094 _____ C:\Users\Public\Desktop\Full Tilt Poker.Eu.lnk 2013-10-22 15:21 - 2013-10-22 15:18 - 00000772 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winner Poker.lnk 2013-10-22 15:21 - 2013-10-22 15:18 - 00000742 _____ C:\Users\H\Desktop\Winner Poker.lnk 2013-10-22 15:20 - 2013-10-22 15:20 - 00000751 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Poker 770.lnk 2013-10-22 15:20 - 2013-10-22 15:20 - 00000721 _____ C:\Users\H\Desktop\Poker 770.lnk 2013-10-22 15:19 - 2013-10-22 15:19 - 00001100 _____ C:\Users\Public\Desktop\PokerStars.eu.lnk 2013-10-22 15:18 - 2013-10-22 15:18 - 00001713 _____ C:\Users\H\Desktop\partypoker.lnk 2013-10-22 15:18 - 2013-10-22 15:18 - 00000000 ____D C:\Users\H\AppData\Roaming\Party 2013-10-22 15:18 - 2013-10-22 15:18 - 00000000 ____D C:\Users\H\AppData\Roaming\cef-cache 2013-10-22 15:17 - 2013-10-22 15:17 - 00000000 ____D C:\Program Files (x86)\Partypoker 2013-10-22 14:53 - 2013-10-22 14:53 - 00000000 ____D C:\Program Files\ffdshow 2013-10-22 14:52 - 2013-10-22 14:52 - 00002099 _____ C:\Users\H\Desktop\JDownloader 2.lnk 2013-10-22 14:52 - 2013-10-22 14:52 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader 2013-10-22 14:46 - 2013-10-22 14:46 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2013-10-22 14:46 - 2013-10-22 14:28 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-10-22 14:45 - 2013-10-22 14:45 - 00000000 ____D C:\Users\H\Documents\ProcAlyzer Dumps 2013-10-22 14:43 - 2013-10-22 14:43 - 00005900 _____ C:\Users\H\Desktop\install.txt 2013-10-22 14:42 - 2013-10-22 13:59 - 00000000 ____D C:\Windows\Panther 2013-10-22 14:39 - 2013-10-22 14:38 - 00000000 ___RD C:\Windows\BrowserChoice 2013-10-22 14:39 - 2013-10-22 14:24 - 00000000 ____D C:\Users\H\AppData\Roaming\Skype 2013-10-22 14:39 - 2013-10-22 14:19 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-10-22 14:39 - 2013-10-22 14:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-10-22 14:39 - 2013-10-22 14:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Dropbox 2013-10-22 14:39 - 2013-10-22 14:10 - 00000000 ____D C:\Program Files\Avast 2013-10-22 14:39 - 2013-10-22 13:06 - 00000000 ___RD C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-10-22 14:39 - 2013-10-22 13:06 - 00000000 ___RD C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-10-22 14:39 - 2013-08-22 15:44 - 00360936 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-22 14:38 - 2013-10-22 14:38 - 00000000 ____D C:\Program Files\Intel 2013-10-22 14:38 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData 2013-10-22 14:38 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel 2013-10-22 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\MediaViewer 2013-10-22 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\FileManager 2013-10-22 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Camera 2013-10-22 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Defender 2013-10-22 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2013-10-22 14:38 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\SysWOW64\Dism 2013-10-22 14:38 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\oobe 2013-10-22 14:38 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Dism 2013-10-22 14:31 - 2013-10-22 14:31 - 00001132 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk 2013-10-22 14:31 - 2013-10-22 14:31 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4 2013-10-22 14:30 - 2013-10-22 14:30 - 00000000 ____D C:\Program Files (x86)\Biet-O-Matic 2013-10-22 14:26 - 2013-10-22 14:26 - 00000000 ____D C:\Program Files\Tracker Software 2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ____D C:\ProgramData\Skype 2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2013-10-22 14:23 - 2013-10-22 14:23 - 00000000 ____D C:\Program Files (x86)\Veetle 2013-10-22 14:22 - 2013-10-22 14:22 - 00000995 _____ C:\Users\Public\Desktop\Winamp.lnk 2013-10-22 14:22 - 2013-10-22 14:22 - 00000000 ____D C:\Program Files (x86)\Winamp 2013-10-22 14:21 - 2013-10-22 14:21 - 00002764 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2013-10-22 14:21 - 2013-10-22 14:21 - 00000000 ____D C:\Program Files\CCleaner 2013-10-22 14:19 - 2013-10-22 14:19 - 00000000 ____D C:\Users\H\AppData\Roaming\Malwarebytes 2013-10-22 14:18 - 2013-10-22 14:18 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-10-22 14:18 - 2013-10-22 14:18 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-22 14:17 - 2013-10-22 14:17 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2 2013-10-22 14:16 - 2013-10-22 14:16 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-10-22 14:16 - 2013-10-22 14:16 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-10-22 14:16 - 2013-10-22 14:16 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-10-22 14:16 - 2013-10-22 14:16 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-22 14:16 - 2013-10-22 14:16 - 00000000 ____D C:\ProgramData\Sun 2013-10-22 14:16 - 2013-10-22 14:16 - 00000000 ____D C:\Program Files (x86)\Java 2013-10-22 14:16 - 2013-10-22 14:15 - 00000000 ____D C:\ProgramData\Oracle 2013-10-22 14:15 - 2013-10-22 14:15 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2013-10-22 14:15 - 2013-10-22 14:15 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2013-10-22 14:15 - 2013-10-22 14:15 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2013-10-22 14:15 - 2013-10-22 14:15 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2013-10-22 14:15 - 2013-10-22 14:15 - 00000000 ____D C:\Program Files\Java 2013-10-22 14:15 - 2013-10-22 14:15 - 00000000 ____D C:\Program Files\Image Resizer for Windows 2013-10-22 14:15 - 2013-10-22 14:15 - 00000000 ____D C:\Program Files (x86)\Image Resizer for Windows 2013-10-22 14:15 - 2013-10-22 13:28 - 00000000 ____D C:\ProgramData\Package Cache 2013-10-22 14:14 - 2013-10-22 14:14 - 00001714 _____ C:\Users\H\Desktop\MPC-HC x64.lnk 2013-10-22 14:14 - 2013-10-22 14:14 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2013-10-22 14:14 - 2013-10-22 14:14 - 00000000 ____D C:\Program Files\MPC-HC 2013-10-22 14:14 - 2013-10-22 14:14 - 00000000 ____D C:\Program Files (x86)\Haali 2013-10-22 14:13 - 2013-10-22 14:13 - 00002232 _____ C:\Users\Public\Desktop\Google Earth.lnk 2013-10-22 14:13 - 2013-10-22 13:11 - 00000000 ____D C:\Users\H\AppData\Local\Google 2013-10-22 14:13 - 2013-10-22 13:11 - 00000000 ____D C:\Program Files (x86)\Google 2013-10-22 14:11 - 2013-10-22 14:11 - 00001965 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk 2013-10-22 14:11 - 2013-10-22 14:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2013-10-22 14:11 - 2013-10-22 14:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Canneverbe Limited 2013-10-22 14:11 - 2013-10-22 14:11 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP 2013-10-22 14:10 - 2013-10-22 14:10 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2013-10-22 14:10 - 2013-10-22 14:10 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2013-10-22 14:10 - 2013-10-22 14:10 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00000000 ____D C:\Users\H\AppData\Roaming\AVAST Software 2013-10-22 14:10 - 2013-10-22 14:10 - 00000000 ____D C:\Program Files\Calibre2 2013-10-22 14:09 - 2013-10-22 14:09 - 00000000 ____D C:\ProgramData\AVAST Software 2013-10-22 14:06 - 2013-10-22 14:06 - 00000394 _____ C:\InstallHelper.log 2013-10-22 14:06 - 2013-10-22 14:06 - 00000000 ____D C:\Windows\SysWOW64\Adobe 2013-10-22 14:06 - 2013-10-22 14:06 - 00000000 ____D C:\ProgramData\eBay 2013-10-22 14:06 - 2013-10-22 14:06 - 00000000 ____D C:\Program Files (x86)\eBay 2013-10-22 14:05 - 2013-10-22 15:33 - 00000000 ____D C:\Users\postgres\AppData\Roaming\Macromedia 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Users\H\AppData\Local\Adobe 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\ProgramData\Adobe 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-10-22 14:05 - 2013-10-22 13:06 - 00000000 ____D C:\Users\H\AppData\Roaming\Adobe 2013-10-22 13:59 - 2013-08-22 16:36 - 00262144 _____ C:\Windows\system32\config\BCD-Template 2013-10-22 13:36 - 2013-10-22 13:36 - 00000000 ____D C:\Users\H\AppData\Roaming\ATI 2013-10-22 13:36 - 2013-10-22 13:36 - 00000000 ____D C:\Users\H\AppData\Local\ATI 2013-10-22 13:36 - 2013-10-22 13:36 - 00000000 ____D C:\ProgramData\ATI 2013-10-22 13:34 - 2013-10-22 13:34 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2013-10-22 13:34 - 2013-10-22 13:34 - 00000000 ____D C:\Program Files\Realtek 2013-10-22 13:34 - 2013-10-22 13:16 - 00000000 ____D C:\Program Files (x86)\Realtek 2013-10-22 13:28 - 2013-10-22 13:28 - 00061389 _____ C:\Windows\SysWOW64\CCCInstall_201310221428519465.log 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\ProgramData\AMD 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files\ATI 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files (x86)\ATI Technologies 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files (x86)\AMD AVT 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 _____ C:\Windows\ativpsrm.bin 2013-10-22 13:28 - 2013-10-22 13:27 - 00000000 ____D C:\Program Files\ATI Technologies 2013-10-22 13:18 - 2013-10-22 13:18 - 00000000 ____D C:\Program Files (x86)\ASM106xSATA 2013-10-22 13:11 - 2013-10-22 13:11 - 00004086 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-10-22 13:11 - 2013-10-22 13:11 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-10-22 13:11 - 2013-10-22 13:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Macromedia 2013-10-22 13:07 - 2013-10-22 13:07 - 00000000 ____D C:\Users\H\AppData\Local\PackageStaging 2013-10-22 13:06 - 2013-10-22 13:06 - 00001454 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-10-22 13:06 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\WinStore 2013-10-22 13:05 - 2013-10-22 13:05 - 00000020 ___SH C:\Users\H\ntuser.ini 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Vorlagen 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Startmenü 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Netzwerkumgebung 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Lokale Einstellungen 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Eigene Dateien 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Druckumgebung 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Documents\Eigene Musik 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Documents\Eigene Bilder 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\AppData\Local\Verlauf 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\AppData\Local\Anwendungsdaten 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Anwendungsdaten 2013-10-22 13:04 - 2013-10-22 13:04 - 00000000 ____D C:\Windows\CSC 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Vorlagen 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Startmenü 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Programme 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Vorlagen 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Startmenü 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Dokumente 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Dokumente und Einstellungen 2013-10-22 13:00 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Recovery 2013-10-22 13:00 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows NT 2013-10-22 13:00 - 2013-08-22 14:36 - 00000000 __RHD C:\Users\Default 2013-10-22 12:59 - 2013-10-22 12:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2013-10-22 11:47 - 2013-10-22 15:31 - 00006094 _____ C:\Program Files (x86)\Keepass.kdbx 2013-10-21 21:31 - 2013-10-22 15:31 - 00000147 _____ C:\Users\H\Desktop\Neues Textdokument.txt 2013-10-18 17:43 - 2013-10-22 15:31 - 00014741 _____ C:\Users\H\Desktop\Bankgebühren.odt 2013-10-16 12:39 - 2013-10-22 15:31 - 00000112 _____ C:\Users\H\Desktop\Neues Textdokument (2).txt 2013-10-03 22:43 - 2013-10-03 22:43 - 04067328 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 04010144 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAAC64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 02813952 _____ C:\Windows\system32\iglhxa64.cpa 2013-10-03 22:43 - 2013-10-03 22:43 - 02474832 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiVAD64.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 01423520 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSecureSourceFilter64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 01127424 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 01123328 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00844760 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 00750752 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiWinNextAgent64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00632480 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAudioFilter64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00598688 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMux64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00391128 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 00345600 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00344736 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSilenceFilter64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00279000 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 00241664 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00214528 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00209056 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUtils64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00193536 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00180224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3316.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00179712 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00176288 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiDDEAgent64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00121504 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMCUMD64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00094368 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiLogServer64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00066560 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00064000 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00044025 _____ C:\Windows\system32\iglhxo64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043816 _____ C:\Windows\system32\iglhxc64_dev.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043494 _____ C:\Windows\system32\iglhxc64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043298 _____ C:\Windows\system32\iglhxg64_dev.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043256 _____ C:\Windows\system32\iglhxg64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00042079 _____ C:\Windows\system32\iglhxo64_dev.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00002940 _____ C:\Windows\system32\iglhxs64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00001125 _____ C:\Windows\system32\iglhxa64.vp 2013-10-03 22:43 - 2013-09-26 21:59 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2013-10-03 22:43 - 2013-09-26 21:59 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 25986048 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 20946944 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 13871616 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 13272576 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 12130304 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 11417600 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 09081856 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 07784448 _____ (Intel Corporation) C:\Windows\system32\ig7icd64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 07587800 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 06155264 _____ (Intel Corporation) C:\Windows\SysWOW64\ig7icd32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 04434432 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 04185600 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys 2013-10-03 22:42 - 2013-10-03 22:42 - 03524608 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 03292672 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 02974208 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 02384896 _____ C:\Windows\system32\GfxRes.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 02064896 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 01814016 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00771032 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00769496 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00754648 _____ (Intel Corporation) C:\Windows\system32\GfxUIHotKeyMenu.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00623616 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00548864 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00530392 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00527360 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00522240 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00521728 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00517120 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00516096 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00513536 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00513024 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00492032 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00412160 _____ C:\Windows\system32\igdmd64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00396248 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00393688 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00371200 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00343040 _____ C:\Windows\SysWOW64\igdmd32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00329216 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00290816 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00279040 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl 2013-10-03 22:42 - 2013-10-03 22:42 - 00265030 _____ C:\Windows\system32\Gfxres.th-TH.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00251250 _____ C:\Windows\system32\Gfxres.el-GR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00243712 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00233293 _____ C:\Windows\system32\Gfxres.ru-RU.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00223744 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00220672 _____ C:\Windows\system32\igdde64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00199323 _____ C:\Windows\system32\Gfxres.ar-SA.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00196855 _____ C:\Windows\system32\Gfxres.ja-JP.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00194048 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00190937 _____ C:\Windows\system32\Gfxres.he-IL.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00180736 _____ C:\Windows\SysWOW64\igdde32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00179235 _____ C:\Windows\system32\Gfxres.ko-KR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00179170 _____ C:\Windows\system32\Gfxres.it-IT.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00176818 _____ C:\Windows\system32\Gfxres.es-ES.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00176555 _____ C:\Windows\system32\Gfxres.fr-FR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00176526 _____ C:\Windows\system32\Gfxres.de-DE.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00175165 _____ C:\Windows\system32\Gfxres.ro-RO.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00174165 _____ C:\Windows\system32\Gfxres.hu-HU.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00173876 _____ C:\Windows\system32\Gfxres.tr-TR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00173626 _____ C:\Windows\system32\Gfxres.pl-PL.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00173401 _____ C:\Windows\system32\Gfxres.nl-NL.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00172630 _____ C:\Windows\system32\Gfxres.pt-BR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171980 _____ C:\Windows\system32\Gfxres.fi-FI.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171631 _____ C:\Windows\system32\Gfxres.sk-SK.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171464 _____ C:\Windows\system32\Gfxres.sv-SE.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171207 _____ C:\Windows\system32\Gfxres.pt-PT.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00170928 _____ C:\Windows\system32\Gfxres.cs-CZ.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00170073 _____ C:\Windows\system32\Gfxres.hr-HR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00166591 _____ C:\Windows\system32\Gfxres.sl-SI.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00165303 _____ C:\Windows\system32\Gfxres.nb-NO.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00164653 _____ C:\Windows\system32\Gfxres.da-DK.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00160256 _____ C:\Windows\system32\igdail64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00159945 _____ C:\Windows\system32\Gfxres.en-US.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00158720 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00153231 _____ C:\Windows\system32\Gfxres.zh-TW.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00153048 _____ (Intel Corporation) C:\Windows\system32\difx64.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00151479 _____ C:\Windows\system32\Gfxres.zh-CN.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00149504 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00142848 _____ C:\Windows\SysWOW64\igdail32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00133120 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00128000 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00094208 _____ C:\Windows\system32\IccLibDll_x64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00029184 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00012288 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll 2013-10-03 15:07 - 2013-10-22 13:41 - 01537880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-10-03 15:07 - 2013-10-22 13:41 - 00382808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2013-10-03 15:05 - 2013-10-22 13:41 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2013-10-03 15:05 - 2013-10-22 13:41 - 00516496 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2013-10-03 13:53 - 2013-10-22 13:41 - 01765384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-10-03 13:53 - 2013-10-22 13:41 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2013-10-03 10:29 - 2013-10-22 13:41 - 02144768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2013-10-03 10:16 - 2013-10-22 13:41 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll 2013-10-03 10:07 - 2013-10-22 13:41 - 01765376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2013-10-03 10:02 - 2013-10-22 13:41 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll 2013-10-02 12:00 - 2013-10-22 13:41 - 01286552 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2013-10-02 10:47 - 2013-10-22 13:41 - 01018960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2013-10-02 02:04 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-10-02 02:04 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-10-01 04:42 - 2013-10-22 13:41 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll 2013-10-01 04:36 - 2013-10-22 13:41 - 00977408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll 2013-09-29 10:22 - 2013-10-22 13:43 - 01641496 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2013-09-29 10:22 - 2013-10-22 13:43 - 01506168 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2013-09-29 10:22 - 2013-10-22 13:43 - 01476184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2013-09-29 10:22 - 2013-10-22 13:43 - 01344984 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2013-09-29 05:08 - 2013-10-22 13:04 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-09-29 05:00 - 2013-10-22 13:04 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll 2013-09-29 04:50 - 2013-10-22 13:04 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-09-29 04:44 - 2013-10-22 13:04 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll 2013-09-29 04:37 - 2013-10-22 13:04 - 00837120 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2013-09-29 04:28 - 2013-10-22 13:04 - 00698880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll Some content of TEMP: ==================== C:\Users\H\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe [2013-08-22 10:55] - [2013-08-22 10:55] - 0564736 ____A (Microsoft Corporation) 7C94FDA3809015B8F2208D2E1C221F17 C:\Windows\System32\wininit.exe [2013-08-22 10:58] - [2013-08-22 10:58] - 0144384 ____A (Microsoft Corporation) 48CFA7BE561A7BE144C29BB912055016 C:\Windows\explorer.exe [2013-10-22 13:44] - [2013-09-21 11:54] - 2328328 ____A (Microsoft Corporation) C1400519D76A364E974E47BBA62B95B0 C:\Windows\SysWOW64\explorer.exe [2013-10-22 13:44] - [2013-09-21 10:37] - 2065960 ____A (Microsoft Corporation) 712B0D2ADE5297563168C997DDC2DD13 C:\Windows\System32\svchost.exe [2013-08-22 10:54] - [2013-08-22 13:45] - 0037768 ____A (Microsoft Corporation) E4CA434F251681590D0538BC21C32D2F C:\Windows\SysWOW64\svchost.exe [2013-08-22 03:48] - [2013-08-22 06:30] - 0031552 ____A (Microsoft Corporation) 425E22D9F5C01616AFC92987791B19E9 C:\Windows\System32\services.exe [2013-08-22 14:25] - [2013-08-22 14:25] - 0405488 ____A (Microsoft Corporation) B4B610BBCB002EC478C6FD80CF915697 C:\Windows\System32\User32.dll [2013-08-22 10:56] - [2013-08-22 13:39] - 1517984 ____A (Microsoft Corporation) 1A811BAFA2114C2FC878507F9F86566C C:\Windows\SysWOW64\User32.dll [2013-08-22 03:51] - [2013-08-22 03:51] - 1363456 ____A (Microsoft Corporation) 170A3370144196F72A04038B652732EF C:\Windows\System32\userinit.exe [2013-08-22 11:03] - [2013-08-22 11:03] - 0025088 ____A (Microsoft Corporation) 08C191B2917862BE90C33E31CB6B6D79 C:\Windows\SysWOW64\userinit.exe [2013-08-22 03:54] - [2013-08-22 03:54] - 0021504 ____A (Microsoft Corporation) 41636F77AD6D9A396EA34E4786B96F2B C:\Windows\System32\Drivers\volsnap.sys [2013-08-22 12:40] - [2013-08-22 13:39] - 0312160 ____A (Microsoft Corporation) 9F9CE33B50611A1C61A46B8911E0B30B LastRegBack: 2013-10-22 12:59 ==================== End Of Log ============================ |
![]() | #10 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Befall von Maleware nach Download (u.a. Serach.New.Tab). GMER meldet RootkitESET Online Scanner
Downloade Dir bitte ![]()
und ein frisches FRST log bitte. Noch Probleme? ![]()
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() | #11 |
![]() ![]() | ![]() Befall von Maleware nach Download (u.a. Serach.New.Tab). GMER meldet RootkitCode:
ATTFilter Results of screen317's Security Check version 0.99.74 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender avast! Antivirus Antivirus out of date! `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware Version Java 7 Update 45 Java version out of Date! Google Chrome 30.0.1599.101 ````````Process Check: objlist.exe by Laurent```````` Spybot Teatimer.exe is disabled! ESET ESET Online Scanner OnlineScannerApp.exe ESET ESET Online Scanner OnlineCmdLineScanner.exe Avast AvastSvc.exe Avast avastui.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe= # OnlineScanner.ocx= # api_version=3.0.2 # EOSSerial=17d1ffd61969c949a1fbf14d00e65333 # engine=15694 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2013-10-30 03:14:09 # local_time=2013-10-30 04:14:09 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.2.9200 NT # compatibility_mode=5893 16776574 100 94 696926 5979751 0 0 # scanned=135671 # found=0 # cleaned=0 # scan_time=947 Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-10-2013 Ran by H (administrator) on MASTER on 30-10-2013 16:37:04 Running from C:\Users\H\Downloads Windows 8.1 Pro (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (AVAST Software) C:\Program Files\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\system32\dashost.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (Google Inc.) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler64.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (AVAST Software) C:\Program Files\Avast\avastui.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor) HKLM\...\Run: [HotKeysCmds] - "C:\Windows\system32\hkcmd.exe" Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20473504 2013-10-02] (Skype Technologies S.A.) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-26] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\Avast\avastui.exe [3567800 2013-10-22] (AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.) Startup: C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\H\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4D5B2BCB1FCFCE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.5 SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE.dll (AVAST Software) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] Chrome: ======= CHR Extension: (Google Docs) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (Turn Off the Lights) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\ CHR Extension: (YouTube) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\ CHR Extension: (Yet another flags) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmchcmgddbhmbkakammmklpoonoiiomk\ CHR Extension: (Video Downloader professional) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil\1.97.37_0 CHR Extension: (AdBlock) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.10_0 CHR Extension: (avast! Online Security) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0 CHR Extension: (BugMeNot Lite) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\0.3.10_0 CHR Extension: (YouTube To MP3) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjjhpfeabmdlgllokffpjgbijpkpfdp\1.1_0 CHR Extension: (Premiumize.me) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\lojbjecfjcnaledoelddkcjlifhhfebm\0.0.16_0 CHR Extension: (Google Dictionary (by Google)) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.19_0 CHR Extension: (Google Mail Checker) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0 CHR Extension: (Gmail) - C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Avast\WebRep\Chrome\aswWebRepChrome.crx ==================== Services (Whitelisted) ================= S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [533504 2013-09-14] (Microsoft Corporation) S3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [1302016 2013-09-24] (Microsoft Corporation) R2 avast! Antivirus; C:\Program Files\Avast\AvastSvc.exe [50344 2013-10-22] (AVAST Software) S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2013-08-22] (Microsoft Corporation) S3 lfsvc; C:\Windows\System32\GeofenceMonitorService.dll [491520 2013-08-31] (Microsoft Corporation) S4 MsKeyboardFilter; C:\Windows\System32\KeyboardFilterSvc.dll [90464 2013-08-23] (Microsoft Corporation) R3 NcbService; C:\Windows\System32\ncbservice.dll [151040 2013-08-22] (Microsoft Corporation) S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [130560 2013-08-22] (Microsoft Corporation) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.) S3 smphost; C:\Windows\System32\smphost.dll [13312 2013-08-22] (Microsoft Corporation) S3 vmicguestinterface; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [24576 2013-08-22] (Microsoft Corporation) S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1581568 2013-09-19] (Microsoft Corporation) R2 postgresql-x64-9.0; C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-x64-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w [x] ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [76800 2013-08-22] (Microsoft Corporation) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-22] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-22] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-22] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-22] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-22] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-10-22] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-22] () R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-09-19] (Microsoft Corporation) S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-08-23] (Microsoft Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [56672 2013-08-22] (Microsoft Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== NETSVC: lfsvc -> C:\Windows\System32\GeofenceMonitorService.dll (Microsoft Corporation) NETSVC: MsKeyboardFilter -> C:\Windows\System32\KeyboardFilterSvc.dll (Microsoft Corporation) ==================== One Month Created Files and Folders ======== 2013-10-30 16:36 - 2013-10-30 16:36 - 01956614 _____ (Farbar) C:\Users\H\Downloads\FRST64.exe 2013-10-30 15:56 - 2013-10-30 15:56 - 00000000 ____D C:\Program Files (x86)\ESET 2013-10-30 15:55 - 2013-10-30 15:55 - 02347384 _____ (ESET) C:\Users\H\Downloads\esetsmartinstaller_enu.exe 2013-10-29 10:54 - 2013-10-23 12:01 - 00872840 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2013-10-29 10:54 - 2013-10-23 09:59 - 00698232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2013-10-29 10:34 - 2013-10-29 10:35 - 00000000 ___SD C:\32788R22FWJFW 2013-10-29 10:32 - 2013-10-29 10:32 - 00000000 ____D C:\Windows\erdnt 2013-10-29 10:31 - 2013-10-29 10:31 - 05137071 ____R (Swearware) C:\Users\H\Desktop\ComboFix.exe 2013-10-29 10:27 - 2013-10-29 10:27 - 00000000 ____D C:\Windows\ERUNT 2013-10-29 10:23 - 2013-10-29 10:25 - 00000000 ____D C:\AdwCleaner 2013-10-29 10:17 - 2013-10-29 10:23 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-10-29 10:17 - 2013-10-29 10:17 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2013-10-29 10:17 - 2013-10-29 10:17 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2013-10-29 10:16 - 2013-10-29 10:16 - 12576792 _____ (Malwarebytes Corp.) C:\Users\H\Downloads\mbar- 2013-10-29 10:15 - 2013-10-29 10:16 - 01033335 _____ (Thisisu) C:\Users\H\Downloads\JRT.exe 2013-10-29 10:15 - 2013-10-29 10:15 - 01060070 _____ C:\Users\H\Downloads\adwcleaner.exe 2013-10-28 16:08 - 2013-10-28 16:08 - 00032733 _____ C:\Users\H\Downloads\Logfiles (1).zip 2013-10-28 15:36 - 2013-10-28 15:36 - 00032733 _____ C:\Users\H\Downloads\Logfiles.zip 2013-10-28 15:31 - 2013-10-28 15:31 - 00000236 _____ C:\Users\H\Downloads\defogger_enable.log 2013-10-28 15:30 - 2013-10-28 15:30 - 00050477 _____ C:\Users\H\Downloads\Defogger.exe 2013-10-28 15:30 - 2013-10-28 15:30 - 00000464 _____ C:\Users\H\Downloads\defogger_disable.log 2013-10-28 15:25 - 2013-10-28 15:25 - 00052979 _____ C:\Users\H\Downloads\Gmer.txt 2013-10-28 15:17 - 2013-10-29 18:35 - 00002451 _____ C:\Users\H\Desktop\Neues Textdokument (3).txt 2013-10-28 15:07 - 2013-10-28 15:08 - 00022242 _____ C:\Users\H\Downloads\Addition.txt 2013-10-28 15:07 - 2013-10-28 15:07 - 00000000 ____D C:\FRST 2013-10-28 15:05 - 2013-10-28 15:05 - 00377856 _____ C:\Users\H\Downloads\pwsjf110.exe 2013-10-27 18:28 - 2013-10-30 16:05 - 00281220 _____ C:\Windows\WindowsUpdate.log 2013-10-27 18:25 - 2013-10-27 18:25 - 00002982 _____ C:\Windows\PFRO.log 2013-10-27 18:22 - 2013-10-27 18:22 - 00000000 ____D C:\Users\H\Downloads\Rockchip_Batch_Tool_v1.7 2013-10-27 18:04 - 2013-10-27 18:04 - 00000000 ____D C:\ProgramData\WinterSoft 2013-10-27 18:03 - 2013-10-27 18:09 - 00000000 ____D C:\Users\H\Downloads\treiber 2013-10-27 18:03 - 2013-10-27 18:06 - 00000000 ____D C:\ProgramData\88e5f17f07f338ab 2013-10-27 18:02 - 2013-10-27 18:04 - 00000000 ____D C:\ProgramData\InstallMate 2013-10-27 17:44 - 2013-10-27 17:44 - 00000000 ____D C:\Users\H\Downloads\update_release03 2013-10-27 17:26 - 2013-10-27 17:44 - 283612513 _____ C:\Users\H\Downloads\update_release03.zip 2013-10-27 16:56 - 2013-10-27 16:56 - 40344091 _____ C:\Users\H\Downloads\mk808_mod.wmv 2013-10-27 16:09 - 2013-10-27 17:41 - 283608132 _____ C:\Users\H\Downloads\beta_JB_04.zip 2013-10-26 20:55 - 2013-10-26 20:55 - 00171522 _____ C:\Program Files (x86)\plugin.video.istream.ws (1).zip 2013-10-26 20:52 - 2013-10-26 20:52 - 00003998 _____ C:\Users\H\Desktop\XBMC.exe - Verknüpfung.lnk 2013-10-26 20:46 - 2013-10-26 20:57 - 00000000 ____D C:\Users\H\AppData\Roaming\XBMC 2013-10-26 20:46 - 2013-10-26 20:46 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC 2013-10-26 20:46 - 2013-10-26 20:46 - 00000000 ____D C:\Program Files (x86)\XBMC 2013-10-26 20:46 - 2010-05-26 10:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2013-10-26 20:46 - 2010-05-26 10:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2013-10-26 20:43 - 2013-10-26 20:44 - 51965718 _____ C:\Users\H\Downloads\xbmc-12.2.exe 2013-10-24 19:32 - 2013-10-26 00:03 - 00000000 ____D C:\Users\H\Desktop\GesundheitsÖko 2013-10-24 12:03 - 2013-10-24 12:03 - 08354171 _____ C:\Users\H\Downloads\Frauentausch mit bvb fan uwe Video - Protofex - MyVideo.flv 2013-10-23 13:51 - 2013-10-23 13:51 - 00003704 _____ C:\Windows\System32\Tasks\Java Update Scheduler 2013-10-23 13:48 - 2013-10-23 13:48 - 00000000 ____D C:\Users\H\AppData\Roaming\TuneUp Software 2013-10-23 13:47 - 2013-10-23 13:48 - 00000000 ____D C:\ProgramData\TuneUp Software 2013-10-23 13:29 - 2013-10-23 13:50 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2013-10-22 23:18 - 2013-10-22 23:18 - 00015435 _____ C:\Users\H\Downloads\psid_2007_comp_meth.zip 2013-10-22 23:12 - 2013-10-22 23:12 - 00027978 _____ C:\Users\H\Downloads\GLUCKSY.zip 2013-10-22 17:20 - 2013-10-22 17:20 - 00000890 _____ C:\Users\H\Desktop\Downloads - Verknüpfung.lnk 2013-10-22 16:42 - 2013-10-22 16:42 - 00001058 _____ C:\Users\H\Desktop\StarsHelper.lnk 2013-10-22 16:39 - 2013-10-29 22:53 - 00000000 ____D C:\Users\H\AppData\Roaming\KeePass 2013-10-22 16:37 - 2013-10-22 16:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-10-22 16:31 - 2013-10-22 16:31 - 00000000 ____D C:\Program Files (x86)\Browny02 2013-10-22 16:31 - 2013-10-22 16:31 - 00000000 ____D C:\Program Files (x86)\Brother 2013-10-22 16:31 - 2013-10-22 16:31 - 00000000 ____D C:\Brother 2013-10-22 16:31 - 2012-06-05 07:59 - 00025299 _____ (Brother Industries, Ltd) C:\Windows\SysWOW64\BRLM03A.DLL 2013-10-22 16:31 - 2010-05-10 09:45 - 00103736 _____ (Brother Industries Ltd) C:\Windows\SysWOW64\BRRBTOOL.EXE 2013-10-22 16:31 - 2010-02-05 03:42 - 00180224 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BROSNMP.DLL 2013-10-22 16:31 - 2005-01-17 08:10 - 00045056 _____ C:\Windows\SysWOW64\BRTCPCON.DLL 2013-10-22 16:31 - 2004-08-09 08:00 - 00000114 _____ C:\Windows\SysWOW64\BRLMW03A.INI 2013-10-22 16:31 - 2004-08-09 07:42 - 00077824 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BRLMW03A.DLL 2013-10-22 16:31 - 1999-10-26 17:00 - 00000050 _____ C:\Windows\system32\BRADM10A.DAT 2013-10-22 16:30 - 2013-10-22 16:31 - 00000000 ____D C:\ProgramData\Brother 2013-10-22 16:30 - 2013-10-22 16:30 - 00000000 ____D C:\Users\H\AppData\Roaming\InstallShield 2013-10-22 16:22 - 2013-10-22 16:22 - 00000000 ____D C:\ProgramData\Canneverbe Limited 2013-10-22 16:21 - 2013-10-22 16:21 - 00000000 ____D C:\Users\H\AppData\Roaming\OpenOffice 2013-10-22 16:19 - 2013-10-22 16:19 - 00000000 ____D C:\Program Files\7-Zip 2013-10-22 16:14 - 2013-10-22 16:15 - 00000000 ____D C:\Users\H\Documents\Calibre-Bibliothek 2013-10-22 16:14 - 2013-10-22 16:15 - 00000000 ____D C:\Users\H\AppData\Roaming\calibre 2013-10-22 16:14 - 2013-10-22 16:14 - 00000000 ____D C:\Users\H\AppData\Local\calibre-cache 2013-10-22 16:11 - 2013-10-28 15:57 - 00000000 ____D C:\Users\H\AppData\Roaming\Media Player Classic 2013-10-22 15:57 - 2013-10-22 15:57 - 00000000 ____D C:\Users\H\AppData\Local\StarsHelper 2013-10-22 15:55 - 2013-10-22 15:55 - 00000956 _____ C:\Users\H\Desktop\Audio Converter.lnk 2013-10-22 15:55 - 2013-10-22 15:55 - 00000000 ____D C:\Program Files (x86)\Tools 2013-10-22 15:53 - 2013-10-22 15:55 - 30100565 _____ C:\Program Files (x86)\AudioConverterTools.ZIP 2013-10-22 15:33 - 2013-10-23 13:59 - 00000000 ____D C:\Users\postgres 2013-10-22 15:33 - 2013-10-22 16:42 - 00000000 ____D C:\Users\H\Desktop\StarsHelper 2013-10-22 15:33 - 2013-10-22 15:33 - 00000020 ___SH C:\Users\postgres\ntuser.ini 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Vorlagen 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Startmenü 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Netzwerkumgebung 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Lokale Einstellungen 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Eigene Dateien 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Druckumgebung 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Documents\Eigene Musik 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Documents\Eigene Bilder 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\AppData\Local\Verlauf 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\AppData\Local\Anwendungsdaten 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Anwendungsdaten 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Users\H\Desktop\Uni 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Users\H\Desktop\Txt 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Users\H\Desktop\Musik 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Program Files\PostgreSQL 2013-10-22 15:33 - 2013-10-22 14:05 - 00000000 ____D C:\Users\postgres\AppData\Roaming\Macromedia 2013-10-22 15:33 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-10-22 15:33 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-10-22 15:33 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2013-10-22 15:33 - 2013-08-22 16:36 - 00000000 ____D C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-10-22 15:32 - 2013-10-22 23:50 - 00000138 _____ C:\Users\H\Desktop\Amazon Gutscheine.txt 2013-10-22 15:32 - 2012-11-07 00:13 - 04983296 _____ C:\Program Files (x86)\AudioConverter.exe 2013-10-22 15:31 - 2013-10-27 18:25 - 00036352 ___SH C:\Users\H\Desktop\Thumbs.db 2013-10-22 15:31 - 2013-10-22 11:47 - 00006094 _____ C:\Program Files (x86)\Keepass.kdbx 2013-10-22 15:31 - 2013-10-21 21:31 - 00000147 _____ C:\Users\H\Desktop\Neues Textdokument.txt 2013-10-22 15:31 - 2013-10-18 17:43 - 00014741 _____ C:\Users\H\Desktop\Bankgebühren.odt 2013-10-22 15:31 - 2013-10-16 12:39 - 00000112 _____ C:\Users\H\Desktop\Neues Textdokument (2).txt 2013-10-22 15:31 - 2012-10-28 12:22 - 00001346 _____ C:\Users\H\Desktop\Herunterfahren.lnk 2013-10-22 15:28 - 2013-10-22 15:49 - 00000000 ____D C:\Users\H\AppData\Local\PokerTracker 4 2013-10-22 15:28 - 2013-10-22 15:28 - 00005002 _____ C:\ProgramData\flwjycbm.bab 2013-10-22 15:28 - 2013-10-22 15:28 - 00001090 _____ C:\Users\H\Desktop\PokerTracker 4.lnk 2013-10-22 15:28 - 2013-10-22 15:28 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4 2013-10-22 15:27 - 2013-10-29 20:38 - 00000000 ____D C:\Program Files (x86)\PokerTracker 4 2013-10-22 15:23 - 2013-10-22 15:23 - 00000814 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\William Hill Poker.lnk 2013-10-22 15:23 - 2013-10-22 15:23 - 00000784 _____ C:\Users\H\Desktop\William Hill Poker.lnk 2013-10-22 15:22 - 2013-10-22 15:49 - 00000000 ____D C:\Users\H\AppData\Local\FullTiltPoker.eu 2013-10-22 15:22 - 2013-10-22 15:22 - 00000000 ____D C:\Users\H\AppData\Local\cache 2013-10-22 15:21 - 2013-10-22 17:38 - 00000000 ____D C:\Program Files (x86)\Full Tilt Poker.Eu 2013-10-22 15:21 - 2013-10-22 15:21 - 00001094 _____ C:\Users\Public\Desktop\Full Tilt Poker.Eu.lnk 2013-10-22 15:20 - 2013-10-22 15:20 - 00000751 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Poker 770.lnk 2013-10-22 15:20 - 2013-10-22 15:20 - 00000721 _____ C:\Users\H\Desktop\Poker 770.lnk 2013-10-22 15:19 - 2013-10-29 22:23 - 00000000 ____D C:\Users\H\AppData\Local\PokerStars.EU 2013-10-22 15:19 - 2013-10-22 16:22 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU 2013-10-22 15:19 - 2013-10-22 15:19 - 00001100 _____ C:\Users\Public\Desktop\PokerStars.eu.lnk 2013-10-22 15:18 - 2013-10-22 15:23 - 00000000 ____D C:\Poker 2013-10-22 15:18 - 2013-10-22 15:21 - 00000772 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winner Poker.lnk 2013-10-22 15:18 - 2013-10-22 15:21 - 00000742 _____ C:\Users\H\Desktop\Winner Poker.lnk 2013-10-22 15:18 - 2013-10-22 15:18 - 00001713 _____ C:\Users\H\Desktop\partypoker.lnk 2013-10-22 15:18 - 2013-10-22 15:18 - 00000000 ____D C:\Users\H\AppData\Roaming\Party 2013-10-22 15:18 - 2013-10-22 15:18 - 00000000 ____D C:\Users\H\AppData\Roaming\cef-cache 2013-10-22 15:17 - 2013-10-22 15:17 - 00000000 ____D C:\Program Files (x86)\Partypoker 2013-10-22 14:53 - 2013-10-22 14:53 - 00000000 ____D C:\Program Files\ffdshow 2013-10-22 14:52 - 2013-10-28 18:34 - 00000000 ____D C:\Users\H\AppData\Local\JDownloader 2.0 2013-10-22 14:52 - 2013-10-22 14:52 - 00002099 _____ C:\Users\H\Desktop\JDownloader 2.lnk 2013-10-22 14:52 - 2013-10-22 14:52 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader 2013-10-22 14:46 - 2013-10-22 14:46 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2013-10-22 14:45 - 2013-10-22 14:45 - 00000000 ____D C:\Users\H\Documents\ProcAlyzer Dumps 2013-10-22 14:43 - 2013-10-22 14:43 - 00005900 _____ C:\Users\H\Desktop\install.txt 2013-10-22 14:38 - 2013-10-22 14:39 - 00000000 ___RD C:\Windows\BrowserChoice 2013-10-22 14:38 - 2013-10-22 14:38 - 00000000 ____D C:\Program Files\Intel 2013-10-22 14:31 - 2013-10-22 14:31 - 00001132 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk 2013-10-22 14:31 - 2013-10-22 14:31 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4 2013-10-22 14:30 - 2013-10-22 14:30 - 00000000 ____D C:\Program Files (x86)\Biet-O-Matic 2013-10-22 14:30 - 2003-01-07 01:22 - 00015873 _____ C:\Windows\SysWOW64\Inetde.dll 2013-10-22 14:30 - 2000-12-05 22:00 - 00109248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mswinsck.ocx 2013-10-22 14:30 - 2000-10-01 22:00 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb6de.dll 2013-10-22 14:30 - 2000-05-22 14:58 - 00115920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx 2013-10-22 14:30 - 2000-05-21 22:00 - 01066176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mscomctl.ocx 2013-10-22 14:30 - 2000-04-03 18:06 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winskde.dll 2013-10-22 14:30 - 2000-04-03 18:05 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstdfmt.dll 2013-10-22 14:30 - 1999-07-14 12:07 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stdftde.dll 2013-10-22 14:30 - 1998-07-05 22:00 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mscmcde.dll 2013-10-22 14:30 - 1998-07-05 22:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctde.dll 2013-10-22 14:30 - 1998-06-23 22:00 - 00209192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctl32.ocx 2013-10-22 14:29 - 2013-10-22 17:40 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2013-10-22 14:29 - 2013-09-20 09:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2013-10-22 14:28 - 2013-10-22 14:46 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-10-22 14:26 - 2013-10-22 14:26 - 00000000 ____D C:\Program Files\Tracker Software 2013-10-22 14:24 - 2013-10-22 14:39 - 00000000 ____D C:\Users\H\AppData\Roaming\Skype 2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ____D C:\ProgramData\Skype 2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2013-10-22 14:23 - 2013-10-22 14:23 - 00000000 ____D C:\Program Files (x86)\Veetle 2013-10-22 14:22 - 2013-10-22 17:19 - 00000000 ____D C:\Users\H\AppData\Roaming\Winamp 2013-10-22 14:22 - 2013-10-22 14:22 - 00000995 _____ C:\Users\Public\Desktop\Winamp.lnk 2013-10-22 14:22 - 2013-10-22 14:22 - 00000000 ____D C:\Program Files (x86)\Winamp 2013-10-22 14:21 - 2013-10-22 14:21 - 00002764 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2013-10-22 14:21 - 2013-10-22 14:21 - 00000000 ____D C:\Program Files\CCleaner 2013-10-22 14:19 - 2013-10-22 14:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-10-22 14:19 - 2013-10-22 14:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-10-22 14:19 - 2013-10-22 14:19 - 00000000 ____D C:\Users\H\AppData\Roaming\Malwarebytes 2013-10-22 14:18 - 2013-10-22 14:18 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-10-22 14:18 - 2013-10-22 14:18 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-22 14:18 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-10-22 14:17 - 2013-10-22 14:17 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2 2013-10-22 14:16 - 2013-10-22 14:16 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-10-22 14:16 - 2013-10-22 14:16 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-10-22 14:16 - 2013-10-22 14:16 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-10-22 14:16 - 2013-10-22 14:16 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-22 14:16 - 2013-10-22 14:16 - 00000000 ____D C:\ProgramData\Sun 2013-10-22 14:16 - 2013-10-22 14:16 - 00000000 ____D C:\Program Files (x86)\Java 2013-10-22 14:15 - 2013-10-22 14:16 - 00000000 ____D C:\ProgramData\Oracle 2013-10-22 14:15 - 2013-10-22 14:15 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2013-10-22 14:15 - 2013-10-22 14:15 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2013-10-22 14:15 - 2013-10-22 14:15 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2013-10-22 14:15 - 2013-10-22 14:15 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2013-10-22 14:15 - 2013-10-22 14:15 - 00000000 ____D C:\Program Files\Java 2013-10-22 14:15 - 2013-10-22 14:15 - 00000000 ____D C:\Program Files\Image Resizer for Windows 2013-10-22 14:15 - 2013-10-22 14:15 - 00000000 ____D C:\Program Files (x86)\Image Resizer for Windows 2013-10-22 14:14 - 2013-10-22 14:14 - 00001714 _____ C:\Users\H\Desktop\MPC-HC x64.lnk 2013-10-22 14:14 - 2013-10-22 14:14 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2013-10-22 14:14 - 2013-10-22 14:14 - 00000000 ____D C:\Program Files\MPC-HC 2013-10-22 14:14 - 2013-10-22 14:14 - 00000000 ____D C:\Program Files (x86)\Haali 2013-10-22 14:13 - 2013-10-22 14:13 - 00002232 _____ C:\Users\Public\Desktop\Google Earth.lnk 2013-10-22 14:11 - 2013-10-22 14:39 - 00000000 ____D C:\Users\H\AppData\Roaming\Dropbox 2013-10-22 14:11 - 2013-10-22 14:11 - 00001965 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk 2013-10-22 14:11 - 2013-10-22 14:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2013-10-22 14:11 - 2013-10-22 14:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Canneverbe Limited 2013-10-22 14:11 - 2013-10-22 14:11 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP 2013-10-22 14:10 - 2013-10-22 14:39 - 00000000 ____D C:\Program Files\Avast 2013-10-22 14:10 - 2013-10-22 14:10 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2013-10-22 14:10 - 2013-10-22 14:10 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2013-10-22 14:10 - 2013-10-22 14:10 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00000000 ____D C:\Users\H\AppData\Roaming\AVAST Software 2013-10-22 14:10 - 2013-10-22 14:10 - 00000000 ____D C:\Program Files\Calibre2 2013-10-22 14:09 - 2013-10-22 14:09 - 00000000 ____D C:\ProgramData\AVAST Software 2013-10-22 14:06 - 2013-10-22 14:06 - 00000394 _____ C:\InstallHelper.log 2013-10-22 14:06 - 2013-10-22 14:06 - 00000000 ____D C:\Windows\SysWOW64\Adobe 2013-10-22 14:06 - 2013-10-22 14:06 - 00000000 ____D C:\ProgramData\eBay 2013-10-22 14:06 - 2013-10-22 14:06 - 00000000 ____D C:\Program Files (x86)\eBay 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Users\H\AppData\Local\Adobe 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\ProgramData\Adobe 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-10-22 13:59 - 2013-10-22 14:42 - 00000000 ____D C:\Windows\Panther 2013-10-22 13:44 - 2013-09-26 13:08 - 00707560 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll 2013-10-22 13:44 - 2013-09-26 12:21 - 23213568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-10-22 13:44 - 2013-09-26 11:09 - 17143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-10-22 13:44 - 2013-09-26 10:37 - 02763776 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-10-22 13:44 - 2013-09-26 10:20 - 00556032 _____ (Microsoft Corporation) C:\Windows\system32\recimg.exe 2013-10-22 13:44 - 2013-09-26 09:46 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-10-22 13:44 - 2013-09-26 09:35 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-10-22 13:44 - 2013-09-26 09:24 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-10-22 13:44 - 2013-09-26 09:23 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-10-22 13:44 - 2013-09-26 08:58 - 12996096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-10-22 13:44 - 2013-09-26 08:42 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-10-22 13:44 - 2013-09-26 08:39 - 13172736 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2013-10-22 13:44 - 2013-09-26 08:37 - 11670528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2013-10-22 13:44 - 2013-09-26 08:32 - 00638464 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll 2013-10-22 13:44 - 2013-09-26 08:21 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-10-22 13:44 - 2013-09-26 08:14 - 00528896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll 2013-10-22 13:44 - 2013-09-26 08:03 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe 2013-10-22 13:44 - 2013-09-26 07:54 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-10-22 13:44 - 2013-09-26 07:52 - 00476672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe 2013-10-22 13:44 - 2013-09-26 07:51 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll 2013-10-22 13:44 - 2013-09-26 07:47 - 04079104 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll 2013-10-22 13:44 - 2013-09-26 07:47 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-10-22 13:44 - 2013-09-26 07:40 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-10-22 13:44 - 2013-09-26 07:37 - 02616832 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-10-22 13:44 - 2013-09-26 07:36 - 00867840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll 2013-10-22 13:44 - 2013-09-26 07:35 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll 2013-10-22 13:44 - 2013-09-26 07:34 - 02295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-10-22 13:44 - 2013-09-26 07:34 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\MrmIndexer.dll 2013-10-22 13:44 - 2013-09-26 07:34 - 00515072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmIndexer.dll 2013-10-22 13:44 - 2013-09-26 07:32 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll 2013-10-22 13:44 - 2013-09-26 07:30 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll 2013-10-22 13:44 - 2013-09-26 07:25 - 00560128 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe 2013-10-22 13:44 - 2013-09-25 11:25 - 00783504 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll 2013-10-22 13:44 - 2013-09-25 09:58 - 00648648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll 2013-10-22 13:44 - 2013-09-25 08:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll 2013-10-22 13:44 - 2013-09-25 06:40 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\windows.immersiveshell.serviceprovider.dll 2013-10-22 13:44 - 2013-09-24 11:12 - 00258904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys 2013-10-22 13:44 - 2013-09-24 07:55 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe 2013-10-22 13:44 - 2013-09-24 06:59 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe 2013-10-22 13:44 - 2013-09-24 06:54 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll 2013-10-22 13:44 - 2013-09-24 06:10 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll 2013-10-22 13:44 - 2013-09-24 06:05 - 01245696 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2013-10-22 13:44 - 2013-09-24 06:05 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll 2013-10-22 13:44 - 2013-09-24 06:00 - 01147904 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll 2013-10-22 13:44 - 2013-09-24 05:35 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll 2013-10-22 13:44 - 2013-09-24 05:27 - 00919552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll 2013-10-22 13:44 - 2013-09-24 04:56 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll 2013-10-22 13:44 - 2013-09-24 04:50 - 01302016 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2013-10-22 13:44 - 2013-09-23 08:58 - 21195128 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2013-10-22 13:44 - 2013-09-23 07:13 - 18640456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-10-22 13:44 - 2013-09-23 03:39 - 02800640 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2013-10-22 13:44 - 2013-09-23 03:25 - 01019392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2013-10-22 13:44 - 2013-09-23 02:46 - 00409088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-10-22 13:44 - 2013-09-23 02:42 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll 2013-10-22 13:44 - 2013-09-21 13:10 - 00579416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys 2013-10-22 13:44 - 2013-09-21 13:10 - 00236376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2013-10-22 13:44 - 2013-09-21 13:10 - 00151384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys 2013-10-22 13:44 - 2013-09-21 12:50 - 01286552 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2013-10-22 13:44 - 2013-09-21 12:50 - 00528048 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2013-10-22 13:44 - 2013-09-21 12:48 - 00700352 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2013-10-22 13:44 - 2013-09-21 12:48 - 00534048 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2013-10-22 13:44 - 2013-09-21 12:48 - 00358384 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll 2013-10-22 13:44 - 2013-09-21 12:48 - 00123480 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll 2013-10-22 13:44 - 2013-09-21 12:18 - 01109936 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2013-10-22 13:44 - 2013-09-21 12:05 - 00136536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2013-10-22 13:44 - 2013-09-21 12:04 - 00419160 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2013-10-22 13:44 - 2013-09-21 12:04 - 00086872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys 2013-10-22 13:44 - 2013-09-21 11:56 - 02555224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-10-22 13:44 - 2013-09-21 11:56 - 01119576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2013-10-22 13:44 - 2013-09-21 11:56 - 00101208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-10-22 13:44 - 2013-09-21 11:54 - 02328328 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2013-10-22 13:44 - 2013-09-21 11:53 - 02131120 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2013-10-22 13:44 - 2013-09-21 11:53 - 01928656 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll 2013-10-22 13:44 - 2013-09-21 11:53 - 01534504 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2013-10-22 13:44 - 2013-09-21 11:53 - 00996320 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll 2013-10-22 13:44 - 2013-09-21 11:53 - 00934856 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll 2013-10-22 13:44 - 2013-09-21 11:53 - 00482456 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2013-10-22 13:44 - 2013-09-21 11:53 - 00366688 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll 2013-10-22 13:44 - 2013-09-21 11:53 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2013-10-22 13:44 - 2013-09-21 11:51 - 01720552 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-10-22 13:44 - 2013-09-21 11:45 - 00171968 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-10-22 13:44 - 2013-09-21 10:37 - 02065960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2013-10-22 13:44 - 2013-09-21 10:23 - 00578952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2013-10-22 13:44 - 2013-09-21 10:23 - 00427096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2013-10-22 13:44 - 2013-09-21 10:23 - 00098104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll 2013-10-22 13:44 - 2013-09-21 10:12 - 01370800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll 2013-10-22 13:44 - 2013-09-21 10:12 - 01092896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2013-10-22 13:44 - 2013-09-21 10:09 - 02142424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2013-10-22 13:44 - 2013-09-21 10:09 - 01472048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-10-22 13:44 - 2013-09-21 10:09 - 00796928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll 2013-10-22 13:44 - 2013-09-21 10:09 - 00382224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2013-10-22 13:44 - 2013-09-21 10:09 - 00312936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll 2013-10-22 13:44 - 2013-09-21 09:01 - 04191744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-10-22 13:44 - 2013-09-21 08:58 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2013-10-22 13:44 - 2013-09-21 08:57 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2013-10-22 13:44 - 2013-09-21 08:56 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2013-10-22 13:44 - 2013-09-21 08:55 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys 2013-10-22 13:44 - 2013-09-21 08:50 - 00240128 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2013-10-22 13:44 - 2013-09-21 08:38 - 18576896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2013-10-22 13:44 - 2013-09-21 08:17 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe 2013-10-22 13:44 - 2013-09-21 08:06 - 13925888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2013-10-22 13:44 - 2013-09-21 08:05 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2013-10-22 13:44 - 2013-09-21 07:57 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2013-10-22 13:44 - 2013-09-21 07:55 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2013-10-22 13:44 - 2013-09-21 07:33 - 11366912 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll 2013-10-22 13:44 - 2013-09-21 07:27 - 00911872 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll 2013-10-22 13:44 - 2013-09-21 07:06 - 01415168 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-10-22 13:44 - 2013-09-21 07:01 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll 2013-10-22 13:44 - 2013-09-21 07:00 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2013-10-22 13:44 - 2013-09-21 06:59 - 00940544 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2013-10-22 13:44 - 2013-09-21 06:58 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2013-10-22 13:44 - 2013-09-21 06:57 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\livessp.dll 2013-10-22 13:44 - 2013-09-21 06:56 - 08712704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll 2013-10-22 13:44 - 2013-09-21 06:50 - 00767488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll 2013-10-22 13:44 - 2013-09-21 06:45 - 01102336 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-10-22 13:44 - 2013-09-21 06:43 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll 2013-10-22 13:44 - 2013-09-21 06:38 - 00365568 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2013-10-22 13:44 - 2013-09-21 06:37 - 00101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-10-22 13:44 - 2013-09-21 06:36 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll 2013-10-22 13:44 - 2013-09-21 06:34 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll 2013-10-22 13:44 - 2013-09-21 06:31 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2013-10-22 13:44 - 2013-09-21 06:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll 2013-10-22 13:44 - 2013-09-21 06:25 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll 2013-10-22 13:44 - 2013-09-21 06:20 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll 2013-10-22 13:44 - 2013-09-21 06:16 - 01503232 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2013-10-22 13:44 - 2013-09-21 06:13 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll 2013-10-22 13:44 - 2013-09-21 06:10 - 12028416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2013-10-22 13:44 - 2013-09-21 06:09 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll 2013-10-22 13:44 - 2013-09-21 06:08 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll 2013-10-22 13:44 - 2013-09-21 06:05 - 08875008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2013-10-22 13:44 - 2013-09-21 06:02 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll 2013-10-22 13:44 - 2013-09-21 05:58 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll 2013-10-22 13:44 - 2013-09-21 05:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll 2013-10-22 13:44 - 2013-09-21 05:49 - 04975104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll 2013-10-22 13:44 - 2013-09-21 05:48 - 07544320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll 2013-10-22 13:44 - 2013-09-21 05:45 - 02569728 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll 2013-10-22 13:44 - 2013-09-21 05:45 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll 2013-10-22 13:44 - 2013-09-21 05:44 - 01662464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll 2013-10-22 13:44 - 2013-09-21 05:42 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll 2013-10-22 13:44 - 2013-09-21 05:39 - 01455616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll 2013-10-22 13:44 - 2013-09-21 05:38 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll 2013-10-22 13:44 - 2013-09-21 05:38 - 00102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll 2013-10-22 13:44 - 2013-09-21 05:37 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll 2013-10-22 13:44 - 2013-09-21 05:36 - 01185280 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll 2013-10-22 13:44 - 2013-09-19 16:25 - 00039768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys 2013-10-22 13:44 - 2013-09-19 08:19 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersRes.dll 2013-10-22 13:44 - 2013-09-19 07:39 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll 2013-10-22 13:44 - 2013-09-19 07:27 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe 2013-10-22 13:44 - 2013-09-19 07:23 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WorkFoldersRes.dll 2013-10-22 13:44 - 2013-09-19 07:17 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx 2013-10-22 13:44 - 2013-09-19 06:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.dll 2013-10-22 13:44 - 2013-09-19 06:43 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll 2013-10-22 13:44 - 2013-09-19 06:30 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll 2013-10-22 13:44 - 2013-09-19 06:29 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx 2013-10-22 13:44 - 2013-09-19 06:08 - 01150976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2013-10-22 13:44 - 2013-09-19 06:01 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll 2013-10-22 13:44 - 2013-09-19 05:49 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll 2013-10-22 13:44 - 2013-09-19 05:37 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll 2013-10-22 13:44 - 2013-09-19 05:32 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll 2013-10-22 13:44 - 2013-09-19 05:27 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll 2013-10-22 13:44 - 2013-09-19 05:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll 2013-10-22 13:44 - 2013-09-19 05:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll 2013-10-22 13:44 - 2013-09-19 05:25 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2013-10-22 13:44 - 2013-09-19 05:11 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll 2013-10-22 13:44 - 2013-09-19 05:10 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll 2013-10-22 13:44 - 2013-09-19 04:59 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll 2013-10-22 13:44 - 2013-09-19 04:55 - 00552448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll 2013-10-22 13:44 - 2013-09-19 04:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2013-10-22 13:44 - 2013-09-19 04:32 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll 2013-10-22 13:44 - 2013-09-19 04:29 - 01581568 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll 2013-10-22 13:44 - 2013-09-17 10:18 - 00467800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS 2013-10-22 13:44 - 2013-09-17 07:58 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2013-10-22 13:44 - 2013-09-17 06:26 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2013-10-22 13:44 - 2013-09-17 06:15 - 01225728 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll 2013-10-22 13:44 - 2013-09-17 06:00 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll 2013-10-22 13:44 - 2013-09-17 05:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll 2013-10-22 13:44 - 2013-09-17 05:08 - 00738304 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll 2013-10-22 13:44 - 2013-09-17 04:28 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll 2013-10-22 13:44 - 2013-09-14 15:06 - 07401304 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-10-22 13:44 - 2013-09-14 15:06 - 00175960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VerifierExt.sys 2013-10-22 13:44 - 2013-09-14 15:06 - 00066904 _____ (Microsoft Corporation) C:\Windows\system32\PSHED.DLL 2013-10-22 13:44 - 2013-09-14 12:39 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2013-10-22 13:44 - 2013-09-14 12:38 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys 2013-10-22 13:44 - 2013-09-14 09:35 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll 2013-10-22 13:44 - 2013-09-13 13:24 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2013-10-22 13:44 - 2013-09-13 10:52 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\SensorsClassExtension.dll 2013-10-22 13:44 - 2013-09-13 09:54 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll 2013-10-22 13:44 - 2013-09-13 09:10 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll 2013-10-22 13:44 - 2013-09-13 08:55 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll 2013-10-22 13:44 - 2013-09-13 08:30 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2013-10-22 13:44 - 2013-09-13 08:28 - 03524096 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2013-10-22 13:44 - 2013-09-12 13:33 - 06353952 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2013-10-22 13:44 - 2013-09-12 08:37 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll 2013-10-22 13:44 - 2013-09-11 13:46 - 00371032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys 2013-10-22 13:44 - 2013-09-11 10:31 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys 2013-10-22 13:44 - 2013-09-11 10:31 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2013-10-22 13:44 - 2013-09-11 08:41 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll 2013-10-22 13:44 - 2013-09-11 08:09 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll 2013-10-22 13:44 - 2013-09-10 04:39 - 06639104 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2013-10-22 13:44 - 2013-09-10 04:39 - 05769728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2013-10-22 13:44 - 2013-09-07 17:12 - 00458616 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2013-10-22 13:44 - 2013-09-07 17:12 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2013-10-22 13:44 - 2013-09-07 15:45 - 00408480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2013-10-22 13:44 - 2013-09-07 15:45 - 00368736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll 2013-10-22 13:44 - 2013-09-07 13:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\fdprint.dll 2013-10-22 13:44 - 2013-09-07 13:29 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll 2013-10-22 13:44 - 2013-09-07 13:00 - 00256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdprint.dll 2013-10-22 13:44 - 2013-09-07 12:50 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll 2013-10-22 13:44 - 2013-09-07 12:45 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll 2013-10-22 13:44 - 2013-09-07 12:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll 2013-10-22 13:44 - 2013-09-07 12:25 - 01160704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll 2013-10-22 13:44 - 2013-09-07 12:22 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll 2013-10-22 13:44 - 2013-09-07 12:13 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll 2013-10-22 13:44 - 2013-09-07 12:11 - 00762368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll 2013-10-22 13:44 - 2013-09-07 12:07 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\TetheringMgr.dll 2013-10-22 13:44 - 2013-09-07 11:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll 2013-10-22 13:44 - 2013-09-07 11:51 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll 2013-10-22 13:44 - 2013-09-05 08:39 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys 2013-10-22 13:44 - 2013-09-05 07:42 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe 2013-10-22 13:44 - 2013-09-05 06:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Utilman.exe 2013-10-22 13:44 - 2013-09-05 05:58 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll 2013-10-22 13:44 - 2013-09-05 05:39 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll 2013-10-22 13:44 - 2013-09-04 08:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll 2013-10-22 13:44 - 2013-09-04 07:16 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll 2013-10-22 13:44 - 2013-09-04 06:47 - 00492032 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll 2013-10-22 13:44 - 2013-09-04 06:45 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\miutils.dll 2013-10-22 13:44 - 2013-09-04 06:12 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\DscCoreConfProv.dll 2013-10-22 13:44 - 2013-09-04 06:04 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\miutils.dll 2013-10-22 13:44 - 2013-09-04 05:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\DscCore.dll 2013-10-22 13:44 - 2013-09-04 05:48 - 00326656 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll 2013-10-22 13:44 - 2013-09-04 05:35 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll 2013-10-22 13:44 - 2013-08-31 15:18 - 00205024 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll 2013-10-22 13:44 - 2013-08-31 13:15 - 00180232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll 2013-10-22 13:44 - 2013-08-31 13:04 - 00638464 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll 2013-10-22 13:44 - 2013-08-31 11:46 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll 2013-10-22 13:44 - 2013-08-31 11:00 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll 2013-10-22 13:44 - 2013-08-31 10:36 - 01231360 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll 2013-10-22 13:44 - 2013-08-31 10:25 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll 2013-10-22 13:44 - 2013-08-31 10:12 - 00888832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll 2013-10-22 13:44 - 2013-08-30 08:31 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll 2013-10-22 13:44 - 2013-08-28 09:03 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll 2013-10-22 13:44 - 2013-08-28 08:55 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe 2013-10-22 13:44 - 2013-08-28 08:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe 2013-10-22 13:44 - 2013-08-28 08:09 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\rdsdwmdr.dll 2013-10-22 13:44 - 2013-08-28 08:04 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll 2013-10-22 13:44 - 2013-08-27 08:44 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys 2013-10-22 13:44 - 2013-08-27 07:09 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll 2013-10-22 13:44 - 2013-08-27 06:42 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2013-10-22 13:44 - 2013-08-27 06:24 - 00813568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll 2013-10-22 13:44 - 2013-08-27 06:10 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-10-22 13:43 - 2013-09-29 10:22 - 01641496 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2013-10-22 13:43 - 2013-09-29 10:22 - 01506168 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2013-10-22 13:43 - 2013-09-29 10:22 - 01476184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2013-10-22 13:43 - 2013-09-29 10:22 - 01344984 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2013-10-22 13:41 - 2013-10-03 15:07 - 01537880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-10-22 13:41 - 2013-10-03 15:07 - 00382808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2013-10-22 13:41 - 2013-10-03 15:05 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2013-10-22 13:41 - 2013-10-03 15:05 - 00516496 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2013-10-22 13:41 - 2013-10-03 13:53 - 01765384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-10-22 13:41 - 2013-10-03 13:53 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2013-10-22 13:41 - 2013-10-03 10:29 - 02144768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2013-10-22 13:41 - 2013-10-03 10:16 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll 2013-10-22 13:41 - 2013-10-03 10:07 - 01765376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2013-10-22 13:41 - 2013-10-03 10:02 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll 2013-10-22 13:41 - 2013-10-02 12:00 - 01286552 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2013-10-22 13:41 - 2013-10-02 10:47 - 01018960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2013-10-22 13:41 - 2013-10-01 04:42 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll 2013-10-22 13:41 - 2013-10-01 04:36 - 00977408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll 2013-10-22 13:41 - 2013-05-02 16:29 - 00278800 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2013-10-22 13:36 - 2013-10-22 13:36 - 00000000 ____D C:\Users\H\AppData\Roaming\ATI 2013-10-22 13:36 - 2013-10-22 13:36 - 00000000 ____D C:\Users\H\AppData\Local\ATI 2013-10-22 13:36 - 2013-10-22 13:36 - 00000000 ____D C:\ProgramData\ATI 2013-10-22 13:34 - 2013-10-22 13:34 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2013-10-22 13:34 - 2013-10-22 13:34 - 00000000 ____D C:\Program Files\Realtek 2013-10-22 13:34 - 2012-08-07 17:51 - 04102928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2013-10-22 13:34 - 2012-08-07 14:11 - 00329737 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2013-10-22 13:34 - 2012-08-06 14:44 - 01561744 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2013-10-22 13:34 - 2012-08-06 10:49 - 02743440 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2013-10-22 13:34 - 2012-08-03 17:18 - 01706640 ____N (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2013-10-22 13:34 - 2012-08-01 17:29 - 00109200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2013-10-22 13:34 - 2012-07-23 21:02 - 00626304 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll 2013-10-22 13:34 - 2012-07-23 21:02 - 00561792 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll 2013-10-22 13:34 - 2012-07-20 13:41 - 00880784 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2013-10-22 13:34 - 2012-07-19 15:52 - 02028920 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2013-10-22 13:34 - 2012-07-19 15:51 - 02080120 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2013-10-22 13:34 - 2012-07-19 15:51 - 00834936 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2013-10-22 13:34 - 2012-07-16 13:16 - 03643024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2013-10-22 13:34 - 2012-07-02 14:39 - 01264272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2013-10-22 13:34 - 2012-06-20 16:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2013-10-22 13:34 - 2012-06-08 15:23 - 00083072 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll 2013-10-22 13:34 - 2012-06-08 15:21 - 00897152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll 2013-10-22 13:34 - 2012-06-08 15:21 - 00753280 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll 2013-10-22 13:34 - 2012-04-10 13:40 - 02533952 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2013-10-22 13:34 - 2012-03-08 10:47 - 00202336 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2013-10-22 13:34 - 2012-03-08 10:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2013-10-22 13:34 - 2011-12-20 14:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2013-10-22 13:34 - 2011-11-22 15:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2013-10-22 13:34 - 2010-11-08 06:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2013-10-22 13:34 - 2010-11-08 06:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2013-10-22 13:34 - 2010-11-08 06:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2013-10-22 13:34 - 2010-11-08 06:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2013-10-22 13:34 - 2010-11-08 06:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2013-10-22 13:34 - 2010-11-08 06:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2013-10-22 13:34 - 2010-11-03 17:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2013-10-22 13:34 - 2010-10-15 18:20 - 02261764 _____ C:\Windows\system32\Drivers\rtvienna.dat 2013-10-22 13:34 - 2010-09-27 08:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2013-10-22 13:34 - 2009-11-24 08:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2013-10-22 13:34 - 2009-11-24 08:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2013-10-22 13:34 - 2009-11-24 08:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2013-10-22 13:34 - 2009-11-24 08:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2013-10-22 13:34 - 2009-11-18 06:12 - 00032344 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys 2013-10-22 13:28 - 2013-10-22 14:15 - 00000000 ____D C:\ProgramData\Package Cache 2013-10-22 13:28 - 2013-10-22 13:28 - 00061389 _____ C:\Windows\SysWOW64\CCCInstall_201310221428519465.log 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\ProgramData\AMD 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files\ATI 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files (x86)\ATI Technologies 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files (x86)\AMD AVT 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 _____ C:\Windows\ativpsrm.bin 2013-10-22 13:27 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files\ATI Technologies 2013-10-22 13:18 - 2013-10-22 13:18 - 00000000 ____D C:\Program Files (x86)\ASM106xSATA 2013-10-22 13:16 - 2013-10-22 16:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-10-22 13:16 - 2013-10-22 13:34 - 00000000 ____D C:\Program Files (x86)\Realtek 2013-10-22 13:16 - 2012-07-30 23:04 - 00690832 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys 2013-10-22 13:16 - 2012-07-30 23:04 - 00074344 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll 2013-10-22 13:15 - 2013-10-23 13:21 - 00000000 ____D C:\Program Files (x86)\Intel 2013-10-22 13:15 - 2012-09-14 08:59 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll 2013-10-22 13:12 - 2013-10-30 15:55 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4019318604-2835077012-2547861510-1001 2013-10-22 13:11 - 2013-10-30 16:16 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-22 13:11 - 2013-10-30 15:55 - 01686150 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-22 13:11 - 2013-10-30 15:49 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-22 13:11 - 2013-10-22 14:13 - 00000000 ____D C:\Users\H\AppData\Local\Google 2013-10-22 13:11 - 2013-10-22 14:13 - 00000000 ____D C:\Program Files (x86)\Google 2013-10-22 13:11 - 2013-10-22 13:11 - 00004086 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-10-22 13:11 - 2013-10-22 13:11 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-10-22 13:11 - 2013-10-22 13:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Macromedia 2013-10-22 13:07 - 2013-10-29 17:09 - 00000000 __RDO C:\Users\H\SkyDrive 2013-10-22 13:07 - 2013-10-22 13:07 - 00000000 ____D C:\Users\H\AppData\Local\PackageStaging 2013-10-22 13:06 - 2013-10-23 09:59 - 00000000 ____D C:\Users\H\AppData\Local\Packages 2013-10-22 13:06 - 2013-10-22 16:38 - 00000000 ____D C:\Users\H\AppData\Local\VirtualStore 2013-10-22 13:06 - 2013-10-22 14:39 - 00000000 ___RD C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-10-22 13:06 - 2013-10-22 14:39 - 00000000 ___RD C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-10-22 13:06 - 2013-10-22 14:05 - 00000000 ____D C:\Users\H\AppData\Roaming\Adobe 2013-10-22 13:06 - 2013-10-22 13:06 - 00001454 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-10-22 13:05 - 2013-10-28 15:31 - 00000000 ____D C:\Users\H 2013-10-22 13:05 - 2013-10-22 13:05 - 00000020 ___SH C:\Users\H\ntuser.ini 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Vorlagen 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Startmenü 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Netzwerkumgebung 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Lokale Einstellungen 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Eigene Dateien 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Druckumgebung 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Documents\Eigene Musik 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Documents\Eigene Bilder 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\AppData\Local\Verlauf 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\AppData\Local\Anwendungsdaten 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Anwendungsdaten 2013-10-22 13:05 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-10-22 13:05 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-10-22 13:05 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2013-10-22 13:05 - 2013-08-22 16:36 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-10-22 13:04 - 2013-10-22 13:04 - 00000000 ____D C:\Windows\CSC 2013-10-22 13:04 - 2013-09-29 05:08 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-10-22 13:04 - 2013-09-29 05:00 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll 2013-10-22 13:04 - 2013-09-29 04:50 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-10-22 13:04 - 2013-09-29 04:44 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll 2013-10-22 13:04 - 2013-09-29 04:37 - 00837120 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2013-10-22 13:04 - 2013-09-29 04:28 - 00698880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2013-10-22 13:04 - 2013-08-22 06:17 - 02407936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Vorlagen 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Startmenü 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Programme 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Vorlagen 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Startmenü 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Dokumente 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Dokumente und Einstellungen 2013-10-22 12:59 - 2013-10-22 12:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2013-10-03 22:43 - 2013-10-03 22:43 - 04067328 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 04010144 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAAC64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 02813952 _____ |
![]() | #12 |
![]() ![]() | ![]() Befall von Maleware nach Download (u.a. Serach.New.Tab). GMER meldet RootkitCode:
ATTFilter C:\Windows\system32\iglhxa64.cpa 2013-10-03 22:43 - 2013-10-03 22:43 - 02474832 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiVAD64.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 01423520 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSecureSourceFilter64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 01127424 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 01123328 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00844760 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 00750752 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiWinNextAgent64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00632480 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAudioFilter64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00598688 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMux64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00391128 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 00345600 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00344736 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSilenceFilter64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00279000 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 00241664 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00214528 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00209056 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUtils64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00193536 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00180224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3316.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00179712 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00176288 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiDDEAgent64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00121504 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMCUMD64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00094368 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiLogServer64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00066560 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00064000 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00044025 _____ C:\Windows\system32\iglhxo64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043816 _____ C:\Windows\system32\iglhxc64_dev.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043494 _____ C:\Windows\system32\iglhxc64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043298 _____ C:\Windows\system32\iglhxg64_dev.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043256 _____ C:\Windows\system32\iglhxg64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00042079 _____ C:\Windows\system32\iglhxo64_dev.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00002940 _____ C:\Windows\system32\iglhxs64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00001125 _____ C:\Windows\system32\iglhxa64.vp 2013-10-03 22:42 - 2013-10-03 22:42 - 25986048 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 20946944 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 13871616 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 13272576 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 12130304 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 11417600 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 09081856 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 07784448 _____ (Intel Corporation) C:\Windows\system32\ig7icd64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 07587800 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 06155264 _____ (Intel Corporation) C:\Windows\SysWOW64\ig7icd32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 04434432 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 04185600 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys 2013-10-03 22:42 - 2013-10-03 22:42 - 03524608 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 03292672 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 02974208 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 02384896 _____ C:\Windows\system32\GfxRes.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 02064896 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 01814016 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00771032 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00769496 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00754648 _____ (Intel Corporation) C:\Windows\system32\GfxUIHotKeyMenu.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00623616 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00548864 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00530392 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00527360 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00522240 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00521728 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00517120 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00516096 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00513536 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00513024 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00492032 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00412160 _____ C:\Windows\system32\igdmd64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00396248 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00393688 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00371200 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00343040 _____ C:\Windows\SysWOW64\igdmd32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00329216 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00290816 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00279040 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl 2013-10-03 22:42 - 2013-10-03 22:42 - 00265030 _____ C:\Windows\system32\Gfxres.th-TH.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00251250 _____ C:\Windows\system32\Gfxres.el-GR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00243712 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00233293 _____ C:\Windows\system32\Gfxres.ru-RU.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00223744 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00220672 _____ C:\Windows\system32\igdde64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00199323 _____ C:\Windows\system32\Gfxres.ar-SA.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00196855 _____ C:\Windows\system32\Gfxres.ja-JP.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00194048 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00190937 _____ C:\Windows\system32\Gfxres.he-IL.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00180736 _____ C:\Windows\SysWOW64\igdde32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00179235 _____ C:\Windows\system32\Gfxres.ko-KR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00179170 _____ C:\Windows\system32\Gfxres.it-IT.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00176818 _____ C:\Windows\system32\Gfxres.es-ES.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00176555 _____ C:\Windows\system32\Gfxres.fr-FR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00176526 _____ C:\Windows\system32\Gfxres.de-DE.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00175165 _____ C:\Windows\system32\Gfxres.ro-RO.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00174165 _____ C:\Windows\system32\Gfxres.hu-HU.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00173876 _____ C:\Windows\system32\Gfxres.tr-TR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00173626 _____ C:\Windows\system32\Gfxres.pl-PL.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00173401 _____ C:\Windows\system32\Gfxres.nl-NL.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00172630 _____ C:\Windows\system32\Gfxres.pt-BR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171980 _____ C:\Windows\system32\Gfxres.fi-FI.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171631 _____ C:\Windows\system32\Gfxres.sk-SK.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171464 _____ C:\Windows\system32\Gfxres.sv-SE.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171207 _____ C:\Windows\system32\Gfxres.pt-PT.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00170928 _____ C:\Windows\system32\Gfxres.cs-CZ.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00170073 _____ C:\Windows\system32\Gfxres.hr-HR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00166591 _____ C:\Windows\system32\Gfxres.sl-SI.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00165303 _____ C:\Windows\system32\Gfxres.nb-NO.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00164653 _____ C:\Windows\system32\Gfxres.da-DK.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00160256 _____ C:\Windows\system32\igdail64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00159945 _____ C:\Windows\system32\Gfxres.en-US.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00158720 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00153231 _____ C:\Windows\system32\Gfxres.zh-TW.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00153048 _____ (Intel Corporation) C:\Windows\system32\difx64.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00151479 _____ C:\Windows\system32\Gfxres.zh-CN.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00149504 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00142848 _____ C:\Windows\SysWOW64\igdail32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00133120 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00128000 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00094208 _____ C:\Windows\system32\IccLibDll_x64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00029184 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00012288 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll 2013-09-30 17:16 - 2013-09-26 22:35 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll 2013-09-30 17:16 - 2013-09-26 10:08 - 00039320 _____ (Intel Corporation) C:\Windows\system32\Drivers\intelaud.sys 2013-09-30 17:16 - 2013-09-26 10:08 - 00027032 _____ (Intel Corporation) C:\Windows\system32\Drivers\iwdbus.sys ==================== One Month Modified Files and Folders ======= 2013-10-30 16:36 - 2013-10-30 16:36 - 01956614 _____ (Farbar) C:\Users\H\Downloads\FRST64.exe 2013-10-30 16:16 - 2013-10-22 13:11 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-30 16:05 - 2013-10-27 18:28 - 00281220 _____ C:\Windows\WindowsUpdate.log 2013-10-30 16:00 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru 2013-10-30 15:56 - 2013-10-30 15:56 - 00000000 ____D C:\Program Files (x86)\ESET 2013-10-30 15:55 - 2013-10-30 15:55 - 02347384 _____ (ESET) C:\Users\H\Downloads\esetsmartinstaller_enu.exe 2013-10-30 15:55 - 2013-10-22 13:12 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4019318604-2835077012-2547861510-1001 2013-10-30 15:55 - 2013-10-22 13:11 - 01686150 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-30 15:55 - 2013-08-23 00:24 - 00726688 _____ C:\Windows\system32\perfh007.dat 2013-10-30 15:55 - 2013-08-23 00:24 - 00151380 _____ C:\Windows\system32\perfc007.dat 2013-10-30 15:49 - 2013-10-22 13:11 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-30 15:49 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-29 22:53 - 2013-10-22 16:39 - 00000000 ____D C:\Users\H\AppData\Roaming\KeePass 2013-10-29 22:53 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2013-10-29 22:23 - 2013-10-22 15:19 - 00000000 ____D C:\Users\H\AppData\Local\PokerStars.EU 2013-10-29 20:38 - 2013-10-22 15:27 - 00000000 ____D C:\Program Files (x86)\PokerTracker 4 2013-10-29 18:35 - 2013-10-28 15:17 - 00002451 _____ C:\Users\H\Desktop\Neues Textdokument (3).txt 2013-10-29 17:09 - 2013-10-22 13:07 - 00000000 __RDO C:\Users\H\SkyDrive 2013-10-29 10:35 - 2013-10-29 10:34 - 00000000 ___SD C:\32788R22FWJFW 2013-10-29 10:32 - 2013-10-29 10:32 - 00000000 ____D C:\Windows\erdnt 2013-10-29 10:31 - 2013-10-29 10:31 - 05137071 ____R (Swearware) C:\Users\H\Desktop\ComboFix.exe 2013-10-29 10:27 - 2013-10-29 10:27 - 00000000 ____D C:\Windows\ERUNT 2013-10-29 10:25 - 2013-10-29 10:23 - 00000000 ____D C:\AdwCleaner 2013-10-29 10:23 - 2013-10-29 10:17 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-10-29 10:17 - 2013-10-29 10:17 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2013-10-29 10:17 - 2013-10-29 10:17 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2013-10-29 10:16 - 2013-10-29 10:16 - 12576792 _____ (Malwarebytes Corp.) C:\Users\H\Downloads\mbar- 2013-10-29 10:16 - 2013-10-29 10:15 - 01033335 _____ (Thisisu) C:\Users\H\Downloads\JRT.exe 2013-10-29 10:15 - 2013-10-29 10:15 - 01060070 _____ C:\Users\H\Downloads\adwcleaner.exe 2013-10-28 18:34 - 2013-10-22 14:52 - 00000000 ____D C:\Users\H\AppData\Local\JDownloader 2.0 2013-10-28 16:08 - 2013-10-28 16:08 - 00032733 _____ C:\Users\H\Downloads\Logfiles (1).zip 2013-10-28 15:57 - 2013-10-22 16:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Media Player Classic 2013-10-28 15:36 - 2013-10-28 15:36 - 00032733 _____ C:\Users\H\Downloads\Logfiles.zip 2013-10-28 15:31 - 2013-10-28 15:31 - 00000236 _____ C:\Users\H\Downloads\defogger_enable.log 2013-10-28 15:31 - 2013-10-22 13:05 - 00000000 ____D C:\Users\H 2013-10-28 15:30 - 2013-10-28 15:30 - 00050477 _____ C:\Users\H\Downloads\Defogger.exe 2013-10-28 15:30 - 2013-10-28 15:30 - 00000464 _____ C:\Users\H\Downloads\defogger_disable.log 2013-10-28 15:25 - 2013-10-28 15:25 - 00052979 _____ C:\Users\H\Downloads\Gmer.txt 2013-10-28 15:08 - 2013-10-28 15:07 - 00022242 _____ C:\Users\H\Downloads\Addition.txt 2013-10-28 15:07 - 2013-10-28 15:07 - 00000000 ____D C:\FRST 2013-10-28 15:05 - 2013-10-28 15:05 - 00377856 _____ C:\Users\H\Downloads\pwsjf110.exe 2013-10-27 18:25 - 2013-10-27 18:25 - 00002982 _____ C:\Windows\PFRO.log 2013-10-27 18:25 - 2013-10-22 15:31 - 00036352 ___SH C:\Users\H\Desktop\Thumbs.db 2013-10-27 18:22 - 2013-10-27 18:22 - 00000000 ____D C:\Users\H\Downloads\Rockchip_Batch_Tool_v1.7 2013-10-27 18:09 - 2013-10-27 18:03 - 00000000 ____D C:\Users\H\Downloads\treiber 2013-10-27 18:06 - 2013-10-27 18:03 - 00000000 ____D C:\ProgramData\88e5f17f07f338ab 2013-10-27 18:04 - 2013-10-27 18:04 - 00000000 ____D C:\ProgramData\WinterSoft 2013-10-27 18:04 - 2013-10-27 18:02 - 00000000 ____D C:\ProgramData\InstallMate 2013-10-27 17:44 - 2013-10-27 17:44 - 00000000 ____D C:\Users\H\Downloads\update_release03 2013-10-27 17:44 - 2013-10-27 17:26 - 283612513 _____ C:\Users\H\Downloads\update_release03.zip 2013-10-27 17:41 - 2013-10-27 16:09 - 283608132 _____ C:\Users\H\Downloads\beta_JB_04.zip 2013-10-27 16:56 - 2013-10-27 16:56 - 40344091 _____ C:\Users\H\Downloads\mk808_mod.wmv 2013-10-26 20:57 - 2013-10-26 20:46 - 00000000 ____D C:\Users\H\AppData\Roaming\XBMC 2013-10-26 20:55 - 2013-10-26 20:55 - 00171522 _____ C:\Program Files (x86)\plugin.video.istream.ws (1).zip 2013-10-26 20:52 - 2013-10-26 20:52 - 00003998 _____ C:\Users\H\Desktop\XBMC.exe - Verknüpfung.lnk 2013-10-26 20:46 - 2013-10-26 20:46 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC 2013-10-26 20:46 - 2013-10-26 20:46 - 00000000 ____D C:\Program Files (x86)\XBMC 2013-10-26 20:44 - 2013-10-26 20:43 - 51965718 _____ C:\Users\H\Downloads\xbmc-12.2.exe 2013-10-26 00:03 - 2013-10-24 19:32 - 00000000 ____D C:\Users\H\Desktop\GesundheitsÖko 2013-10-25 16:19 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache 2013-10-24 12:03 - 2013-10-24 12:03 - 08354171 _____ C:\Users\H\Downloads\Frauentausch mit bvb fan uwe Video - Protofex - MyVideo.flv 2013-10-23 13:59 - 2013-10-22 15:33 - 00000000 ____D C:\Users\postgres 2013-10-23 13:59 - 2013-08-22 14:25 - 52953088 _____ C:\Windows\system32\config\SOFTWARE_tureg_old 2013-10-23 13:59 - 2013-08-22 14:25 - 11272192 _____ C:\Windows\system32\config\SYSTEM_tureg_old 2013-10-23 13:59 - 2013-08-22 14:25 - 00524288 _____ C:\Windows\system32\config\DEFAULT_tureg_old 2013-10-23 13:59 - 2013-08-22 14:25 - 00262144 _____ C:\Windows\system32\config\SECURITY_tureg_old 2013-10-23 13:59 - 2013-08-22 14:25 - 00262144 _____ C:\Windows\system32\config\SAM_tureg_old 2013-10-23 13:51 - 2013-10-23 13:51 - 00003704 _____ C:\Windows\System32\Tasks\Java Update Scheduler 2013-10-23 13:50 - 2013-10-23 13:29 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2013-10-23 13:48 - 2013-10-23 13:48 - 00000000 ____D C:\Users\H\AppData\Roaming\TuneUp Software 2013-10-23 13:48 - 2013-10-23 13:47 - 00000000 ____D C:\ProgramData\TuneUp Software 2013-10-23 13:21 - 2013-10-22 13:15 - 00000000 ____D C:\Program Files (x86)\Intel 2013-10-23 13:20 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2013-10-23 12:01 - 2013-10-29 10:54 - 00872840 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2013-10-23 09:59 - 2013-10-29 10:54 - 00698232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2013-10-23 09:59 - 2013-10-22 13:06 - 00000000 ____D C:\Users\H\AppData\Local\Packages 2013-10-23 09:59 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness 2013-10-22 23:50 - 2013-10-22 15:32 - 00000138 _____ C:\Users\H\Desktop\Amazon Gutscheine.txt 2013-10-22 23:18 - 2013-10-22 23:18 - 00015435 _____ C:\Users\H\Downloads\psid_2007_comp_meth.zip 2013-10-22 23:12 - 2013-10-22 23:12 - 00027978 _____ C:\Users\H\Downloads\GLUCKSY.zip 2013-10-22 17:40 - 2013-10-22 14:29 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2013-10-22 17:38 - 2013-10-22 15:21 - 00000000 ____D C:\Program Files (x86)\Full Tilt Poker.Eu 2013-10-22 17:20 - 2013-10-22 17:20 - 00000890 _____ C:\Users\H\Desktop\Downloads - Verknüpfung.lnk 2013-10-22 17:19 - 2013-10-22 14:22 - 00000000 ____D C:\Users\H\AppData\Roaming\Winamp 2013-10-22 16:42 - 2013-10-22 16:42 - 00001058 _____ C:\Users\H\Desktop\StarsHelper.lnk 2013-10-22 16:42 - 2013-10-22 15:33 - 00000000 ____D C:\Users\H\Desktop\StarsHelper 2013-10-22 16:38 - 2013-10-22 13:06 - 00000000 ____D C:\Users\H\AppData\Local\VirtualStore 2013-10-22 16:37 - 2013-10-22 16:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-10-22 16:31 - 2013-10-22 16:31 - 00000000 ____D C:\Program Files (x86)\Browny02 2013-10-22 16:31 - 2013-10-22 16:31 - 00000000 ____D C:\Program Files (x86)\Brother 2013-10-22 16:31 - 2013-10-22 16:31 - 00000000 ____D C:\Brother 2013-10-22 16:31 - 2013-10-22 16:30 - 00000000 ____D C:\ProgramData\Brother 2013-10-22 16:30 - 2013-10-22 16:30 - 00000000 ____D C:\Users\H\AppData\Roaming\InstallShield 2013-10-22 16:30 - 2013-10-22 13:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-10-22 16:22 - 2013-10-22 16:22 - 00000000 ____D C:\ProgramData\Canneverbe Limited 2013-10-22 16:22 - 2013-10-22 15:19 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU 2013-10-22 16:21 - 2013-10-22 16:21 - 00000000 ____D C:\Users\H\AppData\Roaming\OpenOffice 2013-10-22 16:19 - 2013-10-22 16:19 - 00000000 ____D C:\Program Files\7-Zip 2013-10-22 16:15 - 2013-10-22 16:14 - 00000000 ____D C:\Users\H\Documents\Calibre-Bibliothek 2013-10-22 16:15 - 2013-10-22 16:14 - 00000000 ____D C:\Users\H\AppData\Roaming\calibre 2013-10-22 16:14 - 2013-10-22 16:14 - 00000000 ____D C:\Users\H\AppData\Local\calibre-cache 2013-10-22 15:57 - 2013-10-22 15:57 - 00000000 ____D C:\Users\H\AppData\Local\StarsHelper 2013-10-22 15:55 - 2013-10-22 15:55 - 00000956 _____ C:\Users\H\Desktop\Audio Converter.lnk 2013-10-22 15:55 - 2013-10-22 15:55 - 00000000 ____D C:\Program Files (x86)\Tools 2013-10-22 15:55 - 2013-10-22 15:53 - 30100565 _____ C:\Program Files (x86)\AudioConverterTools.ZIP 2013-10-22 15:49 - 2013-10-22 15:28 - 00000000 ____D C:\Users\H\AppData\Local\PokerTracker 4 2013-10-22 15:49 - 2013-10-22 15:22 - 00000000 ____D C:\Users\H\AppData\Local\FullTiltPoker.eu 2013-10-22 15:33 - 2013-10-22 15:33 - 00000020 ___SH C:\Users\postgres\ntuser.ini 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Vorlagen 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Startmenü 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Netzwerkumgebung 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Lokale Einstellungen 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Eigene Dateien 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Druckumgebung 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Documents\Eigene Musik 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Documents\Eigene Bilder 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\AppData\Local\Verlauf 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\AppData\Local\Anwendungsdaten 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 _SHDL C:\Users\postgres\Anwendungsdaten 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Users\H\Desktop\Uni 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Users\H\Desktop\Txt 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Users\H\Desktop\Musik 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Program Files\PostgreSQL 2013-10-22 15:28 - 2013-10-22 15:28 - 00005002 _____ C:\ProgramData\flwjycbm.bab 2013-10-22 15:28 - 2013-10-22 15:28 - 00001090 _____ C:\Users\H\Desktop\PokerTracker 4.lnk 2013-10-22 15:28 - 2013-10-22 15:28 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4 2013-10-22 15:23 - 2013-10-22 15:23 - 00000814 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\William Hill Poker.lnk 2013-10-22 15:23 - 2013-10-22 15:23 - 00000784 _____ C:\Users\H\Desktop\William Hill Poker.lnk 2013-10-22 15:23 - 2013-10-22 15:18 - 00000000 ____D C:\Poker 2013-10-22 15:22 - 2013-10-22 15:22 - 00000000 ____D C:\Users\H\AppData\Local\cache 2013-10-22 15:21 - 2013-10-22 15:21 - 00001094 _____ C:\Users\Public\Desktop\Full Tilt Poker.Eu.lnk 2013-10-22 15:21 - 2013-10-22 15:18 - 00000772 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winner Poker.lnk 2013-10-22 15:21 - 2013-10-22 15:18 - 00000742 _____ C:\Users\H\Desktop\Winner Poker.lnk 2013-10-22 15:20 - 2013-10-22 15:20 - 00000751 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Poker 770.lnk 2013-10-22 15:20 - 2013-10-22 15:20 - 00000721 _____ C:\Users\H\Desktop\Poker 770.lnk 2013-10-22 15:19 - 2013-10-22 15:19 - 00001100 _____ C:\Users\Public\Desktop\PokerStars.eu.lnk 2013-10-22 15:18 - 2013-10-22 15:18 - 00001713 _____ C:\Users\H\Desktop\partypoker.lnk 2013-10-22 15:18 - 2013-10-22 15:18 - 00000000 ____D C:\Users\H\AppData\Roaming\Party 2013-10-22 15:18 - 2013-10-22 15:18 - 00000000 ____D C:\Users\H\AppData\Roaming\cef-cache 2013-10-22 15:17 - 2013-10-22 15:17 - 00000000 ____D C:\Program Files (x86)\Partypoker 2013-10-22 14:53 - 2013-10-22 14:53 - 00000000 ____D C:\Program Files\ffdshow 2013-10-22 14:52 - 2013-10-22 14:52 - 00002099 _____ C:\Users\H\Desktop\JDownloader 2.lnk 2013-10-22 14:52 - 2013-10-22 14:52 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader 2013-10-22 14:46 - 2013-10-22 14:46 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2013-10-22 14:46 - 2013-10-22 14:28 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-10-22 14:45 - 2013-10-22 14:45 - 00000000 ____D C:\Users\H\Documents\ProcAlyzer Dumps 2013-10-22 14:43 - 2013-10-22 14:43 - 00005900 _____ C:\Users\H\Desktop\install.txt 2013-10-22 14:42 - 2013-10-22 13:59 - 00000000 ____D C:\Windows\Panther 2013-10-22 14:39 - 2013-10-22 14:38 - 00000000 ___RD C:\Windows\BrowserChoice 2013-10-22 14:39 - 2013-10-22 14:24 - 00000000 ____D C:\Users\H\AppData\Roaming\Skype 2013-10-22 14:39 - 2013-10-22 14:19 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-10-22 14:39 - 2013-10-22 14:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-10-22 14:39 - 2013-10-22 14:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Dropbox 2013-10-22 14:39 - 2013-10-22 14:10 - 00000000 ____D C:\Program Files\Avast 2013-10-22 14:39 - 2013-10-22 13:06 - 00000000 ___RD C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-10-22 14:39 - 2013-10-22 13:06 - 00000000 ___RD C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-10-22 14:39 - 2013-08-22 15:44 - 00360936 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-22 14:38 - 2013-10-22 14:38 - 00000000 ____D C:\Program Files\Intel 2013-10-22 14:38 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData 2013-10-22 14:38 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel 2013-10-22 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\MediaViewer 2013-10-22 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\FileManager 2013-10-22 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Camera 2013-10-22 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Defender 2013-10-22 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2013-10-22 14:38 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\SysWOW64\Dism 2013-10-22 14:38 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\oobe 2013-10-22 14:38 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Dism 2013-10-22 14:31 - 2013-10-22 14:31 - 00001132 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk 2013-10-22 14:31 - 2013-10-22 14:31 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4 2013-10-22 14:30 - 2013-10-22 14:30 - 00000000 ____D C:\Program Files (x86)\Biet-O-Matic 2013-10-22 14:26 - 2013-10-22 14:26 - 00000000 ____D C:\Program Files\Tracker Software 2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ____D C:\ProgramData\Skype 2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2013-10-22 14:23 - 2013-10-22 14:23 - 00000000 ____D C:\Program Files (x86)\Veetle 2013-10-22 14:22 - 2013-10-22 14:22 - 00000995 _____ C:\Users\Public\Desktop\Winamp.lnk 2013-10-22 14:22 - 2013-10-22 14:22 - 00000000 ____D C:\Program Files (x86)\Winamp 2013-10-22 14:21 - 2013-10-22 14:21 - 00002764 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2013-10-22 14:21 - 2013-10-22 14:21 - 00000000 ____D C:\Program Files\CCleaner 2013-10-22 14:19 - 2013-10-22 14:19 - 00000000 ____D C:\Users\H\AppData\Roaming\Malwarebytes 2013-10-22 14:18 - 2013-10-22 14:18 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-10-22 14:18 - 2013-10-22 14:18 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-22 14:17 - 2013-10-22 14:17 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2 2013-10-22 14:16 - 2013-10-22 14:16 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-10-22 14:16 - 2013-10-22 14:16 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-10-22 14:16 - 2013-10-22 14:16 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-10-22 14:16 - 2013-10-22 14:16 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-22 14:16 - 2013-10-22 14:16 - 00000000 ____D C:\ProgramData\Sun 2013-10-22 14:16 - 2013-10-22 14:16 - 00000000 ____D C:\Program Files (x86)\Java 2013-10-22 14:16 - 2013-10-22 14:15 - 00000000 ____D C:\ProgramData\Oracle 2013-10-22 14:15 - 2013-10-22 14:15 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2013-10-22 14:15 - 2013-10-22 14:15 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2013-10-22 14:15 - 2013-10-22 14:15 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2013-10-22 14:15 - 2013-10-22 14:15 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2013-10-22 14:15 - 2013-10-22 14:15 - 00000000 ____D C:\Program Files\Java 2013-10-22 14:15 - 2013-10-22 14:15 - 00000000 ____D C:\Program Files\Image Resizer for Windows 2013-10-22 14:15 - 2013-10-22 14:15 - 00000000 ____D C:\Program Files (x86)\Image Resizer for Windows 2013-10-22 14:15 - 2013-10-22 13:28 - 00000000 ____D C:\ProgramData\Package Cache 2013-10-22 14:14 - 2013-10-22 14:14 - 00001714 _____ C:\Users\H\Desktop\MPC-HC x64.lnk 2013-10-22 14:14 - 2013-10-22 14:14 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2013-10-22 14:14 - 2013-10-22 14:14 - 00000000 ____D C:\Program Files\MPC-HC 2013-10-22 14:14 - 2013-10-22 14:14 - 00000000 ____D C:\Program Files (x86)\Haali 2013-10-22 14:13 - 2013-10-22 14:13 - 00002232 _____ C:\Users\Public\Desktop\Google Earth.lnk 2013-10-22 14:13 - 2013-10-22 13:11 - 00000000 ____D C:\Users\H\AppData\Local\Google 2013-10-22 14:13 - 2013-10-22 13:11 - 00000000 ____D C:\Program Files (x86)\Google 2013-10-22 14:11 - 2013-10-22 14:11 - 00001965 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk 2013-10-22 14:11 - 2013-10-22 14:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2013-10-22 14:11 - 2013-10-22 14:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Canneverbe Limited 2013-10-22 14:11 - 2013-10-22 14:11 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP 2013-10-22 14:10 - 2013-10-22 14:10 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2013-10-22 14:10 - 2013-10-22 14:10 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2013-10-22 14:10 - 2013-10-22 14:10 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys 2013-10-22 14:10 - 2013-10-22 14:10 - 00000000 ____D C:\Users\H\AppData\Roaming\AVAST Software 2013-10-22 14:10 - 2013-10-22 14:10 - 00000000 ____D C:\Program Files\Calibre2 2013-10-22 14:09 - 2013-10-22 14:09 - 00000000 ____D C:\ProgramData\AVAST Software 2013-10-22 14:06 - 2013-10-22 14:06 - 00000394 _____ C:\InstallHelper.log 2013-10-22 14:06 - 2013-10-22 14:06 - 00000000 ____D C:\Windows\SysWOW64\Adobe 2013-10-22 14:06 - 2013-10-22 14:06 - 00000000 ____D C:\ProgramData\eBay 2013-10-22 14:06 - 2013-10-22 14:06 - 00000000 ____D C:\Program Files (x86)\eBay 2013-10-22 14:05 - 2013-10-22 15:33 - 00000000 ____D C:\Users\postgres\AppData\Roaming\Macromedia 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Users\H\AppData\Local\Adobe 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\ProgramData\Adobe 2013-10-22 14:05 - 2013-10-22 14:05 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-10-22 14:05 - 2013-10-22 13:06 - 00000000 ____D C:\Users\H\AppData\Roaming\Adobe 2013-10-22 13:59 - 2013-08-22 16:36 - 00262144 _____ C:\Windows\system32\config\BCD-Template 2013-10-22 13:36 - 2013-10-22 13:36 - 00000000 ____D C:\Users\H\AppData\Roaming\ATI 2013-10-22 13:36 - 2013-10-22 13:36 - 00000000 ____D C:\Users\H\AppData\Local\ATI 2013-10-22 13:36 - 2013-10-22 13:36 - 00000000 ____D C:\ProgramData\ATI 2013-10-22 13:34 - 2013-10-22 13:34 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2013-10-22 13:34 - 2013-10-22 13:34 - 00000000 ____D C:\Program Files\Realtek 2013-10-22 13:34 - 2013-10-22 13:16 - 00000000 ____D C:\Program Files (x86)\Realtek 2013-10-22 13:28 - 2013-10-22 13:28 - 00061389 _____ C:\Windows\SysWOW64\CCCInstall_201310221428519465.log 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\ProgramData\AMD 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files\ATI 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files (x86)\ATI Technologies 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 ____D C:\Program Files (x86)\AMD AVT 2013-10-22 13:28 - 2013-10-22 13:28 - 00000000 _____ C:\Windows\ativpsrm.bin 2013-10-22 13:28 - 2013-10-22 13:27 - 00000000 ____D C:\Program Files\ATI Technologies 2013-10-22 13:18 - 2013-10-22 13:18 - 00000000 ____D C:\Program Files (x86)\ASM106xSATA 2013-10-22 13:11 - 2013-10-22 13:11 - 00004086 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-10-22 13:11 - 2013-10-22 13:11 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-10-22 13:11 - 2013-10-22 13:11 - 00000000 ____D C:\Users\H\AppData\Roaming\Macromedia 2013-10-22 13:07 - 2013-10-22 13:07 - 00000000 ____D C:\Users\H\AppData\Local\PackageStaging 2013-10-22 13:06 - 2013-10-22 13:06 - 00001454 _____ C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-10-22 13:06 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\WinStore 2013-10-22 13:05 - 2013-10-22 13:05 - 00000020 ___SH C:\Users\H\ntuser.ini 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Vorlagen 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Startmenü 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Netzwerkumgebung 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Lokale Einstellungen 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Eigene Dateien 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Druckumgebung 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Documents\Eigene Musik 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Documents\Eigene Bilder 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\AppData\Local\Verlauf 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\AppData\Local\Anwendungsdaten 2013-10-22 13:05 - 2013-10-22 13:05 - 00000000 _SHDL C:\Users\H\Anwendungsdaten 2013-10-22 13:04 - 2013-10-22 13:04 - 00000000 ____D C:\Windows\CSC 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Vorlagen 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Startmenü 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Programme 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Vorlagen 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Startmenü 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Dokumente 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _SHDL C:\Dokumente und Einstellungen 2013-10-22 13:00 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Recovery 2013-10-22 13:00 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows NT 2013-10-22 13:00 - 2013-08-22 14:36 - 00000000 __RHD C:\Users\Default 2013-10-22 12:59 - 2013-10-22 12:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2013-10-22 11:47 - 2013-10-22 15:31 - 00006094 _____ C:\Program Files (x86)\Keepass.kdbx 2013-10-21 21:31 - 2013-10-22 15:31 - 00000147 _____ C:\Users\H\Desktop\Neues Textdokument.txt 2013-10-18 17:43 - 2013-10-22 15:31 - 00014741 _____ C:\Users\H\Desktop\Bankgebühren.odt 2013-10-16 12:39 - 2013-10-22 15:31 - 00000112 _____ C:\Users\H\Desktop\Neues Textdokument (2).txt 2013-10-03 22:43 - 2013-10-03 22:43 - 04067328 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 04010144 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAAC64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 02813952 _____ C:\Windows\system32\iglhxa64.cpa 2013-10-03 22:43 - 2013-10-03 22:43 - 02474832 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiVAD64.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 01423520 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSecureSourceFilter64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 01127424 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 01123328 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00844760 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 00750752 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiWinNextAgent64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00632480 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAudioFilter64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00598688 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMux64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00391128 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 00345600 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00344736 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSilenceFilter64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00279000 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe 2013-10-03 22:43 - 2013-10-03 22:43 - 00241664 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00214528 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00209056 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUtils64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00193536 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00180224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3316.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00179712 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00176288 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiDDEAgent64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00121504 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMCUMD64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00094368 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiLogServer64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00066560 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00064000 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll 2013-10-03 22:43 - 2013-10-03 22:43 - 00044025 _____ C:\Windows\system32\iglhxo64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043816 _____ C:\Windows\system32\iglhxc64_dev.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043494 _____ C:\Windows\system32\iglhxc64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043298 _____ C:\Windows\system32\iglhxg64_dev.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00043256 _____ C:\Windows\system32\iglhxg64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00042079 _____ C:\Windows\system32\iglhxo64_dev.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00002940 _____ C:\Windows\system32\iglhxs64.vp 2013-10-03 22:43 - 2013-10-03 22:43 - 00001125 _____ C:\Windows\system32\iglhxa64.vp 2013-10-03 22:43 - 2013-09-26 21:59 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2013-10-03 22:43 - 2013-09-26 21:59 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 25986048 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 20946944 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 13871616 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 13272576 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 12130304 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 11417600 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 09081856 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 07784448 _____ (Intel Corporation) C:\Windows\system32\ig7icd64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 07587800 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 06155264 _____ (Intel Corporation) C:\Windows\SysWOW64\ig7icd32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 04434432 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 04185600 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys 2013-10-03 22:42 - 2013-10-03 22:42 - 03524608 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 03292672 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 02974208 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 02384896 _____ C:\Windows\system32\GfxRes.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 02064896 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 01814016 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00771032 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00769496 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00754648 _____ (Intel Corporation) C:\Windows\system32\GfxUIHotKeyMenu.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00623616 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00548864 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00530392 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00527360 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00522240 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00521728 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00517120 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00516096 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00513536 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00513024 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00492032 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00412160 _____ C:\Windows\system32\igdmd64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00396248 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00393688 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00371200 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc 2013-10-03 22:42 - 2013-10-03 22:42 - 00343040 _____ C:\Windows\SysWOW64\igdmd32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00329216 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00290816 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00279040 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl 2013-10-03 22:42 - 2013-10-03 22:42 - 00265030 _____ C:\Windows\system32\Gfxres.th-TH.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00251250 _____ C:\Windows\system32\Gfxres.el-GR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00243712 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00233293 _____ C:\Windows\system32\Gfxres.ru-RU.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00223744 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00220672 _____ C:\Windows\system32\igdde64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00199323 _____ C:\Windows\system32\Gfxres.ar-SA.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00196855 _____ C:\Windows\system32\Gfxres.ja-JP.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00194048 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00190937 _____ C:\Windows\system32\Gfxres.he-IL.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00180736 _____ C:\Windows\SysWOW64\igdde32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00179235 _____ C:\Windows\system32\Gfxres.ko-KR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00179170 _____ C:\Windows\system32\Gfxres.it-IT.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00176818 _____ C:\Windows\system32\Gfxres.es-ES.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00176555 _____ C:\Windows\system32\Gfxres.fr-FR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00176526 _____ C:\Windows\system32\Gfxres.de-DE.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00175165 _____ C:\Windows\system32\Gfxres.ro-RO.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00174165 _____ C:\Windows\system32\Gfxres.hu-HU.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00173876 _____ C:\Windows\system32\Gfxres.tr-TR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00173626 _____ C:\Windows\system32\Gfxres.pl-PL.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00173401 _____ C:\Windows\system32\Gfxres.nl-NL.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00172630 _____ C:\Windows\system32\Gfxres.pt-BR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171980 _____ C:\Windows\system32\Gfxres.fi-FI.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171631 _____ C:\Windows\system32\Gfxres.sk-SK.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171464 _____ C:\Windows\system32\Gfxres.sv-SE.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00171207 _____ C:\Windows\system32\Gfxres.pt-PT.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00170928 _____ C:\Windows\system32\Gfxres.cs-CZ.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00170073 _____ C:\Windows\system32\Gfxres.hr-HR.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00166591 _____ C:\Windows\system32\Gfxres.sl-SI.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00165303 _____ C:\Windows\system32\Gfxres.nb-NO.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00164653 _____ C:\Windows\system32\Gfxres.da-DK.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00160256 _____ C:\Windows\system32\igdail64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00159945 _____ C:\Windows\system32\Gfxres.en-US.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00158720 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00153231 _____ C:\Windows\system32\Gfxres.zh-TW.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00153048 _____ (Intel Corporation) C:\Windows\system32\difx64.exe 2013-10-03 22:42 - 2013-10-03 22:42 - 00151479 _____ C:\Windows\system32\Gfxres.zh-CN.resources 2013-10-03 22:42 - 2013-10-03 22:42 - 00149504 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00142848 _____ C:\Windows\SysWOW64\igdail32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00133120 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00128000 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00094208 _____ C:\Windows\system32\IccLibDll_x64.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00029184 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll 2013-10-03 22:42 - 2013-10-03 22:42 - 00012288 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll 2013-10-03 15:07 - 2013-10-22 13:41 - 01537880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-10-03 15:07 - 2013-10-22 13:41 - 00382808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2013-10-03 15:05 - 2013-10-22 13:41 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2013-10-03 15:05 - 2013-10-22 13:41 - 00516496 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2013-10-03 13:53 - 2013-10-22 13:41 - 01765384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-10-03 13:53 - 2013-10-22 13:41 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2013-10-03 10:29 - 2013-10-22 13:41 - 02144768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2013-10-03 10:16 - 2013-10-22 13:41 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll 2013-10-03 10:07 - 2013-10-22 13:41 - 01765376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2013-10-03 10:02 - 2013-10-22 13:41 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll 2013-10-02 12:00 - 2013-10-22 13:41 - 01286552 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2013-10-02 10:47 - 2013-10-22 13:41 - 01018960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2013-10-02 02:04 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-10-02 02:04 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-10-01 04:42 - 2013-10-22 13:41 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll 2013-10-01 04:36 - 2013-10-22 13:41 - 00977408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll Some content of TEMP: ==================== C:\Users\H\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe [2013-08-22 10:55] - [2013-08-22 10:55] - 0564736 ____A (Microsoft Corporation) 7C94FDA3809015B8F2208D2E1C221F17 C:\Windows\System32\wininit.exe [2013-08-22 10:58] - [2013-08-22 10:58] - 0144384 ____A (Microsoft Corporation) 48CFA7BE561A7BE144C29BB912055016 C:\Windows\explorer.exe [2013-10-22 13:44] - [2013-09-21 11:54] - 2328328 ____A (Microsoft Corporation) C1400519D76A364E974E47BBA62B95B0 C:\Windows\SysWOW64\explorer.exe [2013-10-22 13:44] - [2013-09-21 10:37] - 2065960 ____A (Microsoft Corporation) 712B0D2ADE5297563168C997DDC2DD13 C:\Windows\System32\svchost.exe [2013-08-22 10:54] - [2013-08-22 13:45] - 0037768 ____A (Microsoft Corporation) E4CA434F251681590D0538BC21C32D2F C:\Windows\SysWOW64\svchost.exe [2013-08-22 03:48] - [2013-08-22 06:30] - 0031552 ____A (Microsoft Corporation) 425E22D9F5C01616AFC92987791B19E9 C:\Windows\System32\services.exe [2013-08-22 14:25] - [2013-08-22 14:25] - 0405488 ____A (Microsoft Corporation) B4B610BBCB002EC478C6FD80CF915697 C:\Windows\System32\User32.dll [2013-08-22 10:56] - [2013-08-22 13:39] - 1517984 ____A (Microsoft Corporation) 1A811BAFA2114C2FC878507F9F86566C C:\Windows\SysWOW64\User32.dll [2013-08-22 03:51] - [2013-08-22 03:51] - 1363456 ____A (Microsoft Corporation) 170A3370144196F72A04038B652732EF C:\Windows\System32\userinit.exe [2013-08-22 11:03] - [2013-08-22 11:03] - 0025088 ____A (Microsoft Corporation) 08C191B2917862BE90C33E31CB6B6D79 C:\Windows\SysWOW64\userinit.exe [2013-08-22 03:54] - [2013-08-22 03:54] - 0021504 ____A (Microsoft Corporation) 41636F77AD6D9A396EA34E4786B96F2B C:\Windows\System32\Drivers\volsnap.sys [2013-08-22 12:40] - [2013-08-22 13:39] - 0312160 ____A (Microsoft Corporation) 9F9CE33B50611A1C61A46B8911E0B30B LastRegBack: 2013-10-22 12:59 ==================== End Of Log ============================ Oben sind die Logfiles zu sehen. Ne, ich kann keine Probleme mehr feststellen, läuft wieder wie gewohnt. Kannst du noch etwas aus den Logfiles herauslesen? Nochmal großes Dankeschön für die Arbeit! |
![]() | #13 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Befall von Maleware nach Download (u.a. Serach.New.Tab). GMER meldet Rootkit Fertig ![]() Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() | #14 |
![]() ![]() | ![]() Befall von Maleware nach Download (u.a. Serach.New.Tab). GMER meldet Rootkit Alles gemacht wie angewiesen. Rechner läuft wieder normal. Vielen Dank für die Arbeit! |
![]() | #15 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Befall von Maleware nach Download (u.a. Serach.New.Tab). GMER meldet Rootkit Gern Geschehen ![]()
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() |
Themen zu Befall von Maleware nach Download (u.a. Serach.New.Tab). GMER meldet Rootkit |
.dll, administrator, autostart, browser, desktop, dllhost.exe, download, explorer, google, maleware, malwarebytes, memory management, nach download, neue, pup.optional.installrex, pup.optional.multiplug, pup.optional.multiplug.a, pup.optional.searchnewtab, pup.optional.tarma.a, refresh, sekunden, software, stick, teredo, win32k.sys, windows |