Bereinigung des Laptops

brainInfect · 14.02.2014, 13:57

Hallo liebe Forengemeinde,

ich bin nun schon seit einiger Zeit hier angemeldet und bin immer wieder begeistert über euren Service und bin dementsprechend arg froh, dass es dieses Forum gibt.

Zuletzt habe ich meinen Laptop, natürlich mit eurer Hilfe, im August letzten Jahres bereinigt.

Aktuell kommt es mir so vor, als ob der Rechner immer langsamer arbeitet. Ich habe deswegen Malwarebytes durchlaufen lassen und der hat direkt mal sechs Bedrohungen gefunden. Allerdings habe ich irgendwie das Gefühl, dass da noch mehr ist. Deswegen erbitte ich quasi um Audienz und würde gerne mit einem eurer Techniker mein Windows mal durchpusten.

Liebe Grüße
brainInfect

Aneri · 14.02.2014, 14:23

Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.

Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

brainInfect · 14.02.2014, 14:57

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01
Ran by smoking caterpillar (administrator) on SMOKINGCATERPIL on 14-02-2014 14:54:15
Running from C:\Users\smoking caterpillar\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Box Inc.) C:\Program Files\Box\Box Sync\SyncUpdaterService.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
() C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
(Spotify Ltd) C:\Users\smoking caterpillar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Last.fm) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe [384232 2012-07-13] (BillP Studios)
HKLM\...\Run: [BoxSync] - C:\Program Files\Box\Box Sync\BoxSync.exe [11187400 2013-09-26] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [384232 2012-07-13] (BillP Studios)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3093878258-50056534-2936666279-1000\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-15] (SUPERAntiSpyware)
HKU\S-1-5-21-3093878258-50056534-2936666279-1000\...\Run: [Java(TM) Platform SE binary] - C:\Program Files (x86)\Java\jre7\bin\java.exe [6563608 2014-01-15] (SUPERAntiSpyware)
HKU\S-1-5-21-3093878258-50056534-2936666279-1000\...\Run: [Rainlendar2] - C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2598496 2013-03-10] ()
HKU\S-1-5-21-3093878258-50056534-2936666279-1000\...\Run: [Spotify Web Helper] - C:\Users\smoking caterpillar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-20] (Spotify Ltd)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCC88C238B0A0CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&k=0
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&k=0
SearchScopes: HKCU - {28413F52-C3C2-46DB-B1CB-368141F6C2FF} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {3F751673-DDA5-4D1E-B8DC-3468E47EA37F} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {4623BECF-5FAB-4FED-8378-F2CAA48B6FCE} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {85BF947F-DD9F-4C9E-B0D6-73AA3A22E83D} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {8E02FD86-005F-44A7-BBB8-BF74A430A7AB} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {DF4FDD1E-FDAC-4A22-BB8B-EFE3D030728C} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&mode=bounce&k=0
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Flagfox - {BA7B8F39-DF7F-4A98-83E9-57CE6ED9CA24} - C:\Users\smoking caterpillar\AppData\LocalLow\Flagfox\IE\Flagfox.dll (Dave G)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default
FF DefaultSearchEngine: Startpage HTTPS - Deutsch
FF SelectedSearchEngine: Startpage HTTPS - Deutsch
FF Homepage: hxxp://google.de
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 445
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\searchplugins\startpage-https---deutsch.xml
FF SearchPlugin: C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\Extensions\ich@maltegoetz.de [2013-12-12]
FF Extension: LavaFox V2 - C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\Extensions\info@djzig.com [2014-01-14]
FF Extension: LavaFox V2-Purple - C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\Extensions\zigboom555@aol.com [2014-01-13]
FF Extension: WOT - C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: Block site - C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2013-10-09]
FF Extension: ReloadEvery - C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2013-07-23]
FF Extension: Adblock Plus - C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-29]
FF HKLM-x32\...\Firefox\Extensions: [gamescenter@gamescenter.com] - C:\Program Files (x86)\GamesCenter\GamesCenter.xpi
FF Extension: Games Center - C:\Program Files (x86)\GamesCenter\GamesCenter.xpi [2013-02-11]

Chrome: 
=======
CHR Extension: (Flagfox) - C:\Users\smoking caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfdfamfnacokbbbnmpdfmhonipnhmbid [2013-06-21]
CHR HKLM-x32\...\Chrome\Extension: [cfdfamfnacokbbbnmpdfmhonipnhmbid] - C:\Users\smoking caterpillar\AppData\LocalLow\Flagfox\CHROME\Flagfox.crx [2013-04-28]
CHR HKLM-x32\...\Chrome\Extension: [dehjbbcmklelglapfndfbomoaooippkb] - C:\Program Files (x86)\GamesCenter\GamesCenter.crx [2013-04-28]

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
R2 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [18944 2013-09-26] (Box Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)

==================== Drivers (Whitelisted) ====================

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-14 14:54 - 2014-02-14 14:54 - 00016664 _____ () C:\Users\smoking caterpillar\Desktop\FRST.txt
2014-02-14 14:54 - 2014-02-14 14:54 - 00000000 ____D () C:\FRST
2014-02-14 14:53 - 2014-02-14 14:53 - 02152960 _____ (Farbar) C:\Users\smoking caterpillar\Desktop\FRST64.exe
2014-02-12 17:36 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 17:36 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 17:35 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 17:35 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 17:35 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 17:35 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 17:35 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 17:35 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 17:35 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 17:35 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 17:35 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 17:35 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 17:35 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 17:35 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 17:35 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 17:35 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 17:35 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 17:35 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 17:35 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 17:35 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 17:35 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 17:35 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 17:35 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 17:35 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 17:35 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 17:35 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 17:35 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 17:35 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 17:35 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 17:35 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 17:35 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 17:35 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 17:35 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 17:35 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 17:35 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 17:35 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 17:35 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 17:35 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 17:35 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 17:35 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 17:35 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 17:34 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 17:34 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 17:34 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 17:34 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 17:34 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 17:34 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 17:34 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 17:34 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 17:34 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 17:34 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 17:34 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 17:34 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 17:34 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 17:34 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 17:34 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 17:34 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 17:34 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 17:34 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 17:34 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 17:34 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 17:34 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 17:34 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-12 17:33 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 17:33 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 17:33 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 17:33 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 17:33 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 17:33 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-01-26 16:50 - 2014-01-27 23:32 - 00000000 ____D () C:\Users\smoking caterpillar\Documents\Dream on
2014-01-21 20:08 - 2014-01-21 20:08 - 00008544 _____ () C:\Users\smoking caterpillar\AppData\Local\recently-used.xbel
2014-01-18 14:43 - 2014-01-18 14:43 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
2014-01-15 19:53 - 2014-01-15 19:53 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-15 19:53 - 2014-01-15 19:53 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-15 19:53 - 2014-01-15 19:53 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-15 19:53 - 2014-01-15 19:53 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-15 19:53 - 2014-01-15 19:53 - 00000000 ____D () C:\Program Files\Java
2014-01-15 19:05 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-15 19:05 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-15 19:05 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-15 19:05 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-15 19:04 - 2014-01-15 19:05 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-15 11:52 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 11:52 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 11:52 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 11:52 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 11:52 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 11:52 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 11:52 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 11:52 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 11:52 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

2014-02-14 14:55 - 2012-10-02 19:00 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Local\Last.fm
2014-02-14 14:54 - 2014-02-14 14:54 - 00016664 _____ () C:\Users\smoking caterpillar\Desktop\FRST.txt
2014-02-14 14:54 - 2014-02-14 14:54 - 00000000 ____D () C:\FRST
2014-02-14 14:53 - 2014-02-14 14:53 - 02152960 _____ (Farbar) C:\Users\smoking caterpillar\Desktop\FRST64.exe
2014-02-14 14:53 - 2012-10-01 20:19 - 01756841 _____ () C:\Windows\WindowsUpdate.log
2014-02-14 14:24 - 2012-10-02 17:24 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-14 13:05 - 2013-08-20 00:22 - 00000000 ____D () C:\Users\smoking caterpillar\.rainlendar2
2014-02-14 12:25 - 2012-10-02 19:10 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\vlc
2014-02-14 10:42 - 2012-10-03 23:02 - 01594964 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-14 10:42 - 2010-11-21 07:50 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-02-14 10:42 - 2010-11-21 07:50 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-02-14 10:42 - 2009-07-14 06:13 - 01594964 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-14 10:42 - 2009-07-14 05:45 - 00022512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-14 10:42 - 2009-07-14 05:45 - 00022512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-14 10:35 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-14 10:35 - 2009-07-14 05:51 - 00108075 _____ () C:\Windows\setupact.log
2014-02-13 22:02 - 2012-11-15 19:11 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\Mipony
2014-02-13 03:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-12 19:58 - 2010-11-21 04:47 - 00038728 _____ () C:\Windows\PFRO.log
2014-02-12 17:59 - 2013-04-15 19:44 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\Notepad++
2014-02-12 17:59 - 2013-04-15 19:44 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-02-12 17:56 - 2012-10-02 17:24 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-12 17:56 - 2012-10-02 17:24 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-12 17:56 - 2012-10-02 17:24 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-12 17:47 - 2013-07-24 07:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-12 17:44 - 2012-10-02 16:28 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-06 13:16 - 2014-02-12 17:35 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 17:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 17:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 17:35 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 17:35 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 17:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 17:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 17:35 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 17:35 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 17:35 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 17:35 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 17:35 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 17:35 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 17:35 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 17:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 17:35 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 17:35 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 17:35 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 17:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 17:35 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 17:35 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 17:35 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 17:35 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 17:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 17:35 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 17:35 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 17:35 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 17:35 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 17:35 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 17:35 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 17:35 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 17:35 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 17:35 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 17:35 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 17:35 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 17:35 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 17:35 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 17:35 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 17:35 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-06 02:36 - 2012-10-02 16:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-05 18:53 - 2012-10-06 20:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-05 14:37 - 2013-08-02 09:23 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\Spotify
2014-02-05 14:35 - 2013-08-02 09:24 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Local\Spotify
2014-02-04 13:13 - 2013-11-25 15:17 - 00000057 _____ () C:\Users\smoking caterpillar\Desktop\Anke Adresse.txt
2014-02-02 01:35 - 2013-11-04 16:53 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\Aquamarin Haushaltsbuch
2014-01-30 22:39 - 2013-11-10 19:18 - 00000000 _____ () C:\Users\smoking caterpillar\Desktop\KAMPFKOLOSS !!!!!.txt
2014-01-28 08:36 - 2012-10-10 19:02 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Local\Adobe
2014-01-27 23:32 - 2014-01-26 16:50 - 00000000 ____D () C:\Users\smoking caterpillar\Documents\Dream on
2014-01-21 21:20 - 2013-11-15 14:03 - 00000102 _____ () C:\Users\smoking caterpillar\Desktop\BaföG.txt
2014-01-21 20:17 - 2012-11-27 02:58 - 00000000 ____D () C:\Users\smoking caterpillar\.gimp-2.8
2014-01-21 20:08 - 2014-01-21 20:08 - 00008544 _____ () C:\Users\smoking caterpillar\AppData\Local\recently-used.xbel
2014-01-20 09:44 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-19 08:33 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-18 14:43 - 2014-01-18 14:43 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
2014-01-18 14:43 - 2013-04-24 15:18 - 00000000 ____D () C:\Program Files (x86)\MP3Gain
2014-01-16 20:20 - 2013-02-11 16:57 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\FileZilla
2014-01-15 19:53 - 2014-01-15 19:53 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-15 19:53 - 2014-01-15 19:53 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-15 19:53 - 2014-01-15 19:53 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-15 19:53 - 2014-01-15 19:53 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-15 19:53 - 2014-01-15 19:53 - 00000000 ____D () C:\Program Files\Java
2014-01-15 19:36 - 2009-07-14 05:45 - 00379552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-15 19:32 - 2013-06-21 12:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-15 19:05 - 2014-01-15 19:04 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-15 19:05 - 2013-10-16 12:28 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-15 19:05 - 2013-10-16 12:27 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-15 00:53 - 2012-12-10 19:46 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-13 03:12

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2014 01
Ran by smoking caterpillar at 2014-02-14 14:55:16
Running from C:\Users\smoking caterpillar\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Aquamarin Haushaltsbuch 2.9.2 b (x32 Version:  - makasy.com)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.14.8.0 - Asmedia Technology)
ASUS AI Recovery (x32 Version: 1.0.24 - ASUS)
Atheros Driver Installation Program (x32 Version: 9.0 - Atheros)
Box Sync (Version: 4.0.3234.0 - Box, Inc.)
Box Sync (x32 Version: 4.0.3234.0 - Box Inc.) Hidden
calibre (x32 Version: 0.9.14 - Kovid Goyal)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (Version:  - Microsoft)
DivX-Setup (x32 Version: 2.6.1.87 - DivX, LLC)
FileZilla Client 3.7.3 (x32 Version: 3.7.3 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GamesCenter (x32 Version:  - GamesCenter)
GIMP 2.8.2 (Version: 2.8.2 - The GIMP Team)
Intel PROSet Wireless (Version:  - ) Hidden
Intel WiMAX Tutorial (Version: 1.5.3.1 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2361 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (Version: 6.05.0000 - Intel Corporation)
Java 7 Update 51 (64-bit) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Last.fm Scrobbler 2.1.36 (x32 Version:  - Last.fm)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
MiPony 2.1.1 (x32 Version: 2.1.1 - )
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 24.3.0 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (x32 Version: 24.3.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Panda USB Vaccine 1.0.1.4 (x32 Version:  - Panda Security)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Rainlendar2 (remove only) (x32 Version:  - )
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Secunia PSI (3.0.0.4001) (x32 Version: 3.0.0.4001 - Secunia)
Shutdown Timer (Version: 3.3.4 - Sinvise Systems)
Skype™ 6.1 (x32 Version: 6.1.129 - Skype Technologies S.A.)
Sonic Focus (x32 Version: 1.0.0.4 - Synopsys )
Spotify (HKCU Version: 0.9.6.81.gd359a796 - Spotify AB)
SpywareBlaster 5.0 (x32 Version: 5.0.0 - BrightFort LLC)
SUPERAntiSpyware (Version: 5.6.1012 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (Version: 15.3.6.0 - Synaptics Incorporated)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2850061) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.2 (Version: 2.0.2 - VideoLAN)
Winamp (x32 Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinPatrol (Version: 25.0.2012.5 - BillP Studios)
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)
WOW Slider (x32 Version:  - )

==================== Restore Points  =========================

14-02-2014 09:39:29 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {7FA54300-76BF-4D55-BFE8-CC77F2ABC8F6} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {93D4FC5F-7D3A-416D-B519-86CC4444D154} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {9773D4EB-C093-49EE-8EA0-B92FA58910CD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {BB96A6BA-9DA6-45A5-A3D8-10449F0F449A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {DAD3D603-9F91-45DE-A964-3BE34A3FE9BF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {E536B87C-E6DD-4174-A34C-774BC2C65C2D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {FC9D033E-8999-4D68-A0AF-6B55808F5B0B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-12] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-09-26 13:40 - 2013-09-26 13:40 - 00080896 _____ () C:\Program Files\Box\Box Sync\SystemWrapper.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-03-10 18:58 - 2013-03-10 18:58 - 02598496 _____ () C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
2013-08-29 01:23 - 2013-08-29 01:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2012-12-10 18:43 - 2012-06-20 22:23 - 00599419 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2012-05-16 20:01 - 2012-05-16 20:01 - 00140800 _____ () C:\Program Files (x86)\Rainlendar2\lua52.dll
2013-03-10 18:59 - 2013-03-10 18:59 - 00215648 _____ () C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll
2012-06-17 14:22 - 2012-06-17 14:22 - 00012800 _____ () C:\Program Files (x86)\Rainlendar2\lfs.dll
2013-08-29 01:25 - 2013-08-29 01:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00417280 _____ () C:\Program Files (x86)\Winamp\nsutil.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00078848 _____ () C:\Program Files (x86)\Winamp\nde.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00064512 _____ () C:\Program Files (x86)\Winamp\zlib.dll
2014-02-14 10:36 - 2014-02-14 10:36 - 00010752 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\auth.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00069120 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\burnlib.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00013824 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\dsp_sps.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00006656 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\enc_fhgaac.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00004096 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\enc_flac.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00005632 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\enc_lame.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00004096 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\enc_vorbis.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00004096 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\enc_wav.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00006144 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\enc_wma.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00023552 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\gen_classicart.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00007168 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\gen_crasher.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00023040 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\gen_ff.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00004096 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\gen_find_on_disk.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00011776 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\gen_hotkeys.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00041984 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\gen_jumpex.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00041984 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\gen_jumpex_original.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00021504 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\gen_ml.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00009728 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\gen_nopro.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00007168 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\gen_orgler.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00014848 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\gen_play_remove.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00011776 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\gen_skinmanager.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00010240 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\gen_timerestore.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00008192 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\gen_tray.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00010752 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\gen_undo.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00005120 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\in_avi.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00014336 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\in_cdda.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00006656 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\in_dshow.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00005632 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\in_flac.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00003584 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\in_flv.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00003584 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\in_linein.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00020480 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\in_midi.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00004608 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\in_mkv.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00018944 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\in_mod.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00023040 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\in_mp3.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00005120 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\in_mp4.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00011776 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\in_nsv.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00003584 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\in_swf.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00011264 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\in_vorbis.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00006656 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\in_wav.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00005632 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\in_wave.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00015360 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\in_wm.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00004608 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\in_wv.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00003584 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\ml_addons.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00006656 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\ml_autotag.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00005120 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\ml_bookmarks.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00008704 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\ml_devices.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00047616 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\ml_disc.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00009728 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\ml_downloads.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00004608 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\ml_enqplay.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00008704 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\ml_history.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00005120 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\ml_impex.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00056320 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\ml_local.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00003584 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\ml_nowplaying.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00014336 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\ml_online.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00004096 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\ml_orb.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00012800 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\ml_playlists.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00034816 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\ml_plg.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00047104 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\ml_pmp.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00005120 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\ml_rg.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00008192 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\ml_transcode.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00014848 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\ml_wire.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00036352 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\ombrowser.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00006144 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\out_disk.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00016384 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\out_ds.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00007680 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\out_wave.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00003072 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\playlist.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00004608 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\pmp_activesync.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00020480 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\pmp_android.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00036864 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\pmp_ipod.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00003584 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\pmp_njb.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00004096 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\pmp_p4s.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00011776 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\pmp_usb.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00039424 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\pmp_wifi.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00006144 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\tagz.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00088064 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\vis_avs.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00156160 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\vis_milk2.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00007680 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\vis_nsfs.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00206336 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\winamp.lng
2014-02-14 10:36 - 2014-02-14 10:36 - 00004096 _____ () C:\Users\smoking caterpillar\AppData\Local\Temp\WLZ5E64.tmp\winampa.lng
2012-06-20 17:14 - 2012-10-02 18:02 - 00023552 _____ () C:\Program Files (x86)\Winamp\System\albumart.w5s
2012-06-20 17:14 - 2012-10-02 18:02 - 00174080 _____ () C:\Program Files (x86)\Winamp\System\auth.w5s
2012-06-20 17:14 - 2012-10-02 18:02 - 00019456 _____ () C:\Program Files (x86)\Winamp\System\bmp.w5s
2012-06-20 17:14 - 2012-10-02 18:02 - 00044544 _____ () C:\Program Files (x86)\Winamp\System\devices.w5s
2012-06-20 17:14 - 2012-10-02 18:02 - 00016896 _____ () C:\Program Files (x86)\Winamp\System\dlmgr.w5s
2012-06-20 17:14 - 2012-10-02 18:02 - 00014336 _____ () C:\Program Files (x86)\Winamp\System\filereader.w5s
2012-06-20 17:14 - 2012-10-02 18:02 - 00019456 _____ () C:\Program Files (x86)\Winamp\System\gif.w5s
2012-06-20 17:14 - 2012-10-02 18:02 - 00016384 _____ () C:\Program Files (x86)\Winamp\System\gracenote.w5s
2012-06-20 17:14 - 2012-10-02 18:02 - 00623616 _____ () C:\Program Files (x86)\Winamp\System\jnetlib.w5s
2012-06-20 17:14 - 2012-10-02 18:02 - 00154624 _____ () C:\Program Files (x86)\Winamp\System\jpeg.w5s
2012-06-20 17:14 - 2012-10-02 18:02 - 00084480 _____ () C:\Program Files (x86)\Winamp\System\playlist.w5s
2012-06-20 17:14 - 2012-10-02 18:02 - 00087552 _____ () C:\Program Files (x86)\Winamp\System\png.w5s
2012-06-20 17:14 - 2012-10-02 18:02 - 00013824 _____ () C:\Program Files (x86)\Winamp\System\primo.w5s
2012-06-20 17:14 - 2012-10-02 18:02 - 00021504 _____ () C:\Program Files (x86)\Winamp\System\tagz.w5s
2012-06-20 17:14 - 2012-10-02 18:02 - 00035328 _____ () C:\Program Files (x86)\Winamp\System\timer.w5s
2012-06-20 17:14 - 2012-10-02 18:02 - 00091136 _____ () C:\Program Files (x86)\Winamp\System\xml.w5s
2012-06-20 17:14 - 2012-10-02 18:02 - 00068608 _____ () C:\Program Files (x86)\Winamp\Plugins\in_avi.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00102400 _____ () C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00072192 _____ () C:\Program Files (x86)\Winamp\Plugins\in_dshow.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00061440 _____ () C:\Program Files (x86)\Winamp\Plugins\in_flac.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00043008 _____ () C:\Program Files (x86)\Winamp\Plugins\in_flv.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00007168 _____ () C:\Program Files (x86)\Winamp\Plugins\in_linein.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00109568 _____ () C:\Program Files (x86)\Winamp\Plugins\in_midi.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00049152 _____ () C:\Program Files (x86)\Winamp\Plugins\in_mkv.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00164864 _____ () C:\Program Files (x86)\Winamp\Plugins\in_mod.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00290816 _____ () C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00052736 _____ () C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00075264 _____ () C:\Program Files (x86)\Winamp\Plugins\in_nsv.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00023552 _____ () C:\Program Files (x86)\Winamp\Plugins\in_swf.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00253440 _____ () C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00016896 _____ () C:\Program Files (x86)\Winamp\Plugins\in_wave.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00253440 _____ () C:\Program Files (x86)\Winamp\libsndfile.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00313344 _____ () C:\Program Files (x86)\Winamp\Plugins\in_wm.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00022528 _____ () C:\Program Files (x86)\Winamp\Plugins\out_disk.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00052224 _____ () C:\Program Files (x86)\Winamp\Plugins\out_ds.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00018432 _____ () C:\Program Files (x86)\Winamp\Plugins\out_wave.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 01737728 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_ff.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00083968 _____ () C:\Program Files (x86)\Winamp\tataki.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00340992 _____ () C:\Program Files (x86)\Winamp\Plugins\freeform\wacs\freetype\freetype.wac
2012-06-20 17:14 - 2012-10-02 18:02 - 00028160 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_hotkeys.dll
2004-04-25 23:09 - 2004-04-25 23:09 - 00372736 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_httpq.dll
2011-11-10 23:10 - 2012-10-02 18:02 - 00185344 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00318976 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00294912 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_local.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00084480 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_playlists.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00249856 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_devices.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00201728 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_disc.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00240640 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00060928 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_android.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00170496 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_ipod.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00020480 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_njb.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00118272 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_p4s.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00053760 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_usb.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00113664 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_wifi.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00028672 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_bookmarks.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00052224 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_history.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00028672 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_autotag.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00057344 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_impex.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00033792 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_rg.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00032256 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_transcode.dll
2012-06-20 17:14 - 2012-10-02 18:02 - 00025600 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_tray.dll
2012-10-02 16:13 - 2013-12-16 23:19 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-16 12:27 - 2013-12-18 21:05 - 00016808 _____ () C:\Program Files (x86)\Java\jre7\bin\jp2native.dll
2013-01-16 13:55 - 2013-09-03 13:01 - 00736768 _____ () C:\Program Files (x86)\Last.fm\unicorn.dll
2013-01-16 13:55 - 2013-09-03 13:01 - 00032768 _____ () C:\Program Files (x86)\Last.fm\logger.dll
2013-01-16 13:55 - 2013-09-03 09:54 - 00351232 _____ () C:\Program Files (x86)\Last.fm\lastfm.dll
2013-01-16 13:55 - 2013-09-03 13:01 - 00126976 _____ () C:\Program Files (x86)\Last.fm\listener.dll
2013-01-16 13:55 - 2013-01-18 11:39 - 00302592 _____ () C:\Program Files (x86)\Last.fm\phonon.dll
2013-09-04 09:52 - 2013-01-18 11:49 - 00182784 _____ () C:\Program Files (x86)\Last.fm\plugins\phonon_backend\phonon_vlc.dll
2013-01-16 13:55 - 2012-12-13 00:12 - 00111104 _____ () C:\Program Files (x86)\Last.fm\libvlc.dll
2013-01-16 13:55 - 2012-12-13 00:13 - 02286592 _____ () C:\Program Files (x86)\Last.fm\libvlccore.dll
2013-09-04 09:52 - 2012-12-13 00:13 - 00049664 _____ () C:\Program Files (x86)\Last.fm\plugins\audio_output\libaout_directx_plugin.dll
2014-02-12 17:56 - 2014-02-12 17:56 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: DMAgent => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Secunia PSI Agent => 2
MSCONFIG\Services: Secunia Update Agent => 2
MSCONFIG\Services: WiMAXAppSrv => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupreg: FileHippo.com => "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: IntelWirelessWiMAX => "C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash
MSCONFIG\startupreg: Ocs_SM => C:\Users\smoking caterpillar\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SonicMasterTray => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
MSCONFIG\startupreg: Spotify => "C:\Users\smoking caterpillar\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\smoking caterpillar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynAsusAcpi => %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/14/2014 10:36:56 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/14/2014 01:56:15 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (02/13/2014 06:30:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/13/2014 09:16:09 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/13/2014 03:14:33 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (02/13/2014 03:14:33 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (02/13/2014 00:06:00 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (02/12/2014 08:15:36 PM) (Source: Application Error) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm DivX Update wurde wegen dieses Fehlers geschlossen.

Programm: DivX Update
Datei: 

Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
	- diese sich im Netzwerk befindet, 
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
	- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt. 
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.

Zusätzliche Daten
Fehlerwert: 00000000
Datenträgertyp: 0

Error: (02/12/2014 08:15:36 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DivXUpdate.exe, Version: 1.0.6.105, Zeitstempel: 0x521e9486
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000096
Fehleroffset: 0x00048665
ID des fehlerhaften Prozesses: 0xe60
Startzeit der fehlerhaften Anwendung: 0xDivXUpdate.exe0
Pfad der fehlerhaften Anwendung: DivXUpdate.exe1
Pfad des fehlerhaften Moduls: DivXUpdate.exe2
Berichtskennung: DivXUpdate.exe3

Error: (02/12/2014 08:15:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (02/13/2014 08:35:30 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (02/12/2014 08:03:39 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/06/2014 08:53:48 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (02/06/2014 02:36:36 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎06.‎02.‎2014 um 02:35:44 unerwartet heruntergefahren.

Error: (01/31/2014 04:47:09 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

Error: (01/31/2014 04:47:08 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

Error: (01/31/2014 04:47:07 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

Error: (01/31/2014 04:47:07 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

Error: (01/31/2014 00:44:01 AM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (01/29/2014 02:32:02 AM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}


Microsoft Office Sessions:
=========================
Error: (02/14/2014 10:36:56 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/14/2014 01:56:15 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073418154

Error: (02/13/2014 06:30:57 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/13/2014 09:16:09 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/13/2014 03:14:33 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"c:\program files (x86)\Last.fm\ext_skypenotify.dll

Error: (02/13/2014 03:14:33 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"c:\program files (x86)\Last.fm\ext_messengernotify.dll

Error: (02/13/2014 00:06:00 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073418154

Error: (02/12/2014 08:15:36 PM) (Source: Application Error)(User: )
Description: DivX Update000000000

Error: (02/12/2014 08:15:36 PM) (Source: Application Error)(User: )
Description: DivXUpdate.exe1.0.6.105521e9486ole32.dll6.1.7601.175144ce7b96fc000009600048665e6001cf28269d72df04C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exeC:\Windows\syswow64\ole32.dll0cd747be-941a-11e3-b684-5404a63486d1

Error: (02/12/2014 08:15:07 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 46%
Total physical RAM: 4000.13 MB
Available physical RAM: 2122.85 MB
Total Pagefile: 7998.43 MB
Available Pagefile: 5844.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.24 GB) (Free:42 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (layby) (Fixed) (Total:153.85 GB) (Free:127.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 496B9619)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=119 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=154 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Aneri · 14.02.2014, 15:29

Hi

gibt es das Logfile von MBAM noch? wenn ja bitte hier posten.

Wie verhällt sich der Rechner genau. Wo liegen die Probleme

brainInfect · 14.02.2014, 15:36

Naja, es ist kein greifbares Problem. Ich habe nur das Gefühl, dass er seit neuestem etwas langsamer arbeitet. Und bevor ich nachher den Rechner komplett formatieren muss wollte ich auf Nummer sicher gehen und ihn von euch komplett bereinigen lassen.

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.08.17.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
smoking caterpillar :: SMOKINGCATERPIL [Administrator]

12.02.2014 19:49:29
MBAM-log-2014-02-12 (19-57-38).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 247414
Laufzeit: 6 Minute(n), 46 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 6
C:\Users\smoking caterpillar\AppData\Local\Temp\is1052428094\cor_ar_2013729172639_qvo6.exe (PUP.Optional.Elex) -> Keine Aktion durchgeführt.
C:\Users\smoking caterpillar\AppData\Local\Temp\is1052428094\wajam_download.exe (PUP.Optional.Wajam) -> Keine Aktion durchgeführt.
C:\Users\smoking caterpillar\AppData\Local\Temp\is1052428094\216735_stp\DeltaTB.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\smoking caterpillar\AppData\Local\Temp\is1052428094\216861_stp\rcpsetup_adppi_adppi.exe (PUP.Optional.RegCleanerPro) -> Keine Aktion durchgeführt.
C:\Users\smoking caterpillar\AppData\Local\Temp\is1052428094\35081556_stp\DeltaTB.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\smoking caterpillar\Downloads\winamp563_full_emusic-7plus_de-de.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.

(Ende)

Aneri · 18.02.2014, 16:49

hi

sry dass ich so lange nicht geantwortet habe.
Hab grad etwas Stress

Schritt 1

Lade dir

TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.

Öffne die TFC.exe.
Vista und Win 7 User mit Rechtsklick "als Administrator starten".
Schließe alle anderen Programme.
Drücke auf den Button Start.
Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.

Schritt 2

Defragmentiere dein System einmal. Nutze dazu folgendes Programm:

Teile mir mit, ob das System dadurch schneller wird.

Schritt 3

erstelle ein neues FRST Logfile und poste es hier

brainInfect · 18.02.2014, 18:28

Okay, also Schritt eins habe ich gemacht. Bei Schritt zwei hast du vergessen, dass Programm anzugeben. Deswegen warte ich noch lieber mit Schritt drei.^^

PS: Kein Problem. Mir ist nur wichtig, nicht vergessen zu werden. Ein paar Tage Wartezeit sind schon in Ordnung.

Gruß

Aneri · 20.02.2014, 14:46

Hi

oh da hab ich dn Link vergessen sry.

http://filepony.de/download-auslogics_disk_defrag/

brainInfect · 20.02.2014, 16:26

Okay, defragmentierung durchgeführt mit 37 "junk" Dateien.

Hier der Log

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014
Ran by smoking caterpillar (administrator) on SMOKINGCATERPIL on 20-02-2014 16:22:57
Running from C:\Users\smoking caterpillar\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Box Inc.) C:\Program Files\Box\Box Sync\SyncUpdaterService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
() C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
(Spotify Ltd) C:\Users\smoking caterpillar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Last.fm) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe [384232 2012-07-13] (BillP Studios)
HKLM\...\Run: [BoxSync] - C:\Program Files\Box\Box Sync\BoxSync.exe [11187400 2013-09-26] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [384232 2012-07-13] (BillP Studios)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3093878258-50056534-2936666279-1000\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-15] (SUPERAntiSpyware)
HKU\S-1-5-21-3093878258-50056534-2936666279-1000\...\Run: [Java(TM) Platform SE binary] - C:\Program Files (x86)\Java\jre7\bin\java.exe [6563608 2014-01-15] (SUPERAntiSpyware)
HKU\S-1-5-21-3093878258-50056534-2936666279-1000\...\Run: [Rainlendar2] - C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2598496 2013-03-10] ()
HKU\S-1-5-21-3093878258-50056534-2936666279-1000\...\Run: [Spotify Web Helper] - C:\Users\smoking caterpillar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-20] (Spotify Ltd)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCC88C238B0A0CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&k=0
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&k=0
SearchScopes: HKCU - {28413F52-C3C2-46DB-B1CB-368141F6C2FF} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {3F751673-DDA5-4D1E-B8DC-3468E47EA37F} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {4623BECF-5FAB-4FED-8378-F2CAA48B6FCE} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {85BF947F-DD9F-4C9E-B0D6-73AA3A22E83D} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {8E02FD86-005F-44A7-BBB8-BF74A430A7AB} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {DF4FDD1E-FDAC-4A22-BB8B-EFE3D030728C} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&mode=bounce&k=0
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Flagfox - {BA7B8F39-DF7F-4A98-83E9-57CE6ED9CA24} - C:\Users\smoking caterpillar\AppData\LocalLow\Flagfox\IE\Flagfox.dll (Dave G)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default
FF DefaultSearchEngine: Startpage HTTPS - Deutsch
FF SelectedSearchEngine: Startpage HTTPS - Deutsch
FF Homepage: hxxp://google.de
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 445
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\searchplugins\startpage-https---deutsch.xml
FF SearchPlugin: C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\Extensions\ich@maltegoetz.de [2013-12-12]
FF Extension: LavaFox V2 - C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\Extensions\info@djzig.com [2014-01-14]
FF Extension: LavaFox V2-Purple - C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\Extensions\zigboom555@aol.com [2014-01-13]
FF Extension: WOT - C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: Block site - C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2013-10-09]
FF Extension: ReloadEvery - C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2013-07-23]
FF Extension: Adblock Plus - C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-29]
FF HKLM-x32\...\Firefox\Extensions: [gamescenter@gamescenter.com] - C:\Program Files (x86)\GamesCenter\GamesCenter.xpi
FF Extension: Games Center - C:\Program Files (x86)\GamesCenter\GamesCenter.xpi [2013-02-11]

Chrome: 
=======
CHR Extension: (Flagfox) - C:\Users\smoking caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfdfamfnacokbbbnmpdfmhonipnhmbid [2013-06-21]
CHR HKLM-x32\...\Chrome\Extension: [cfdfamfnacokbbbnmpdfmhonipnhmbid] - C:\Users\smoking caterpillar\AppData\LocalLow\Flagfox\CHROME\Flagfox.crx [2013-04-28]
CHR HKLM-x32\...\Chrome\Extension: [dehjbbcmklelglapfndfbomoaooippkb] - C:\Program Files (x86)\GamesCenter\GamesCenter.crx [2013-04-28]

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
R2 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [18944 2013-09-26] (Box Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)

==================== Drivers (Whitelisted) ====================

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-20 16:22 - 2014-02-20 16:22 - 00000000 ____D () C:\Users\smoking caterpillar\Desktop\FRST-OlderVersion
2014-02-20 16:07 - 2014-02-20 16:07 - 00001169 _____ () C:\Users\smoking caterpillar\Desktop\Auslogics DiskDefrag.lnk
2014-02-20 16:07 - 2014-02-20 16:07 - 00000000 ____D () C:\ProgramData\Auslogics
2014-02-20 16:06 - 2014-02-20 16:06 - 06204024 _____ (Auslogics Labs Pty Ltd ) C:\Users\smoking caterpillar\Desktop\disk-defrag-setup.exe
2014-02-20 16:06 - 2014-02-20 16:06 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-02-20 15:34 - 2014-02-20 15:34 - 00008009 _____ () C:\Users\smoking caterpillar\AppData\Local\recently-used.xbel
2014-02-18 18:18 - 2014-02-18 18:18 - 00448512 _____ (OldTimer Tools) C:\Users\smoking caterpillar\Desktop\TFC.exe
2014-02-16 04:04 - 2013-11-27 00:29 - 05693440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-16 04:04 - 2013-11-26 23:49 - 06573056 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-16 01:17 - 2014-02-16 01:22 - 00000000 ____D () C:\Users\smoking caterpillar\Desktop\21. Spieltag - BVB vs. Eintracht
2014-02-15 08:23 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-02-15 08:23 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-02-15 08:23 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-02-15 08:23 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-02-15 08:23 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-02-15 08:23 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-02-15 08:23 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-02-15 08:23 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-02-15 08:23 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-02-15 08:23 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-02-15 08:23 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-02-15 08:23 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-02-15 08:23 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-02-15 08:23 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-02-15 08:23 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-02-15 08:23 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-02-15 08:22 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-02-15 08:22 - 2012-08-23 15:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-02-15 08:22 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-02-15 08:21 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-02-15 08:21 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-02-15 08:21 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-02-15 08:21 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-02-15 08:20 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-02-15 08:20 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-02-15 08:20 - 2012-05-04 12:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-02-15 08:20 - 2012-05-04 10:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-02-14 14:55 - 2014-02-14 14:55 - 00045187 _____ () C:\Users\smoking caterpillar\Desktop\Addition.txt
2014-02-14 14:54 - 2014-02-20 16:22 - 00016340 _____ () C:\Users\smoking caterpillar\Desktop\FRST.txt
2014-02-14 14:54 - 2014-02-20 16:22 - 00000000 ____D () C:\FRST
2014-02-14 14:53 - 2014-02-20 16:22 - 02153472 _____ (Farbar) C:\Users\smoking caterpillar\Desktop\FRST64.exe
2014-02-13 21:25 - 2014-02-15 22:26 - 00000000 ____D () C:\Users\smoking caterpillar\Desktop\20. Spieltag - Bremen vs. BVB
2014-02-13 21:00 - 2014-02-15 22:25 - 00000000 ____D () C:\Users\smoking caterpillar\Desktop\4. Runde - Eintracht vs. BVB
2014-02-12 17:36 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 17:36 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 17:35 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 17:35 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 17:35 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 17:35 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 17:35 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 17:35 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 17:35 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 17:35 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 17:35 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 17:35 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 17:35 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 17:35 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 17:35 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 17:35 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 17:35 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 17:35 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 17:35 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 17:35 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 17:35 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 17:35 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 17:35 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 17:35 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 17:35 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 17:35 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 17:35 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 17:35 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 17:35 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 17:35 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 17:35 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 17:35 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 17:35 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 17:35 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 17:35 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 17:35 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 17:35 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 17:35 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 17:35 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 17:35 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 17:35 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 17:34 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 17:34 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 17:34 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 17:34 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 17:34 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 17:34 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 17:34 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 17:34 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 17:34 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 17:34 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 17:34 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 17:34 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 17:34 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 17:34 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 17:34 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 17:34 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 17:34 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 17:34 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 17:34 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 17:34 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 17:34 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 17:34 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-12 17:33 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 17:33 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 17:33 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 17:33 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 17:33 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 17:33 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 13031424 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 12859392 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 12617216 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 10812928 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 09007616 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 05904856 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 05363200 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-01-29 23:02 - 2014-01-29 23:02 - 03511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 03121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 01040384 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00963452 _____ () C:\Windows\SysWOW64\igcodeckrng600.bin
2014-01-29 23:02 - 2014-01-29 23:02 - 00963452 _____ () C:\Windows\system32\igcodeckrng600.bin
2014-01-29 23:02 - 2014-01-29 23:02 - 00931840 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00524800 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00519680 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00515544 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00442328 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00410624 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00399832 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00279000 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00272928 _____ () C:\Windows\SysWOW64\igvpkrng600.bin
2014-01-29 23:02 - 2014-01-29 23:02 - 00272928 _____ () C:\Windows\system32\igvpkrng600.bin
2014-01-29 23:02 - 2014-01-29 23:02 - 00254936 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00223664 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00216064 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00210106 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00194245 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00185816 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00180224 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00171992 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00166170 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00163421 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00159008 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00149682 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00148042 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00147393 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00147288 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00146004 _____ () C:\Windows\system32\Gfxres.ro-RO.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00145491 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144645 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144260 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144020 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00143932 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142882 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142877 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142717 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00142289 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142008 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00141838 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00141049 _____ () C:\Windows\system32\Gfxres.hr-HR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137889 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137784 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137141 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00132623 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-01-29 23:02 - 2014-01-29 23:02 - 00126300 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00124650 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3347.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00110592 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00098304 _____ () C:\Windows\system32\igdde64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00077312 _____ () C:\Windows\SysWOW64\igdde32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00064000 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00059425 _____ () C:\Windows\system32\iglhxo64.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00059398 _____ () C:\Windows\system32\iglhxg64.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00059230 _____ () C:\Windows\system32\iglhxc64.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00059104 _____ () C:\Windows\system32\iglhxc64_dev.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00058796 _____ () C:\Windows\system32\iglhxg64_dev.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00058109 _____ () C:\Windows\system32\iglhxo64_dev.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00028672 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00017058 _____ () C:\Windows\system32\iglhxs64.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-01-26 16:50 - 2014-01-27 23:32 - 00000000 ____D () C:\Users\smoking caterpillar\Documents\Dream on

==================== One Month Modified Files and Folders =======

2014-02-20 16:24 - 2012-10-02 17:24 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-20 16:23 - 2014-02-14 14:54 - 00016340 _____ () C:\Users\smoking caterpillar\Desktop\FRST.txt
2014-02-20 16:22 - 2014-02-20 16:22 - 00000000 ____D () C:\Users\smoking caterpillar\Desktop\FRST-OlderVersion
2014-02-20 16:22 - 2014-02-14 14:54 - 00000000 ____D () C:\FRST
2014-02-20 16:22 - 2014-02-14 14:53 - 02153472 _____ (Farbar) C:\Users\smoking caterpillar\Desktop\FRST64.exe
2014-02-20 16:22 - 2012-11-27 02:58 - 00000000 ____D () C:\Users\smoking caterpillar\.gimp-2.8
2014-02-20 16:22 - 2012-10-02 19:00 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Local\Last.fm
2014-02-20 16:07 - 2014-02-20 16:07 - 00001169 _____ () C:\Users\smoking caterpillar\Desktop\Auslogics DiskDefrag.lnk
2014-02-20 16:07 - 2014-02-20 16:07 - 00000000 ____D () C:\ProgramData\Auslogics
2014-02-20 16:07 - 2012-10-01 20:19 - 01870791 _____ () C:\Windows\WindowsUpdate.log
2014-02-20 16:06 - 2014-02-20 16:06 - 06204024 _____ (Auslogics Labs Pty Ltd ) C:\Users\smoking caterpillar\Desktop\disk-defrag-setup.exe
2014-02-20 16:06 - 2014-02-20 16:06 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-02-20 15:34 - 2014-02-20 15:34 - 00008009 _____ () C:\Users\smoking caterpillar\AppData\Local\recently-used.xbel
2014-02-20 14:35 - 2009-07-14 05:45 - 00022512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-20 14:35 - 2009-07-14 05:45 - 00022512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-20 14:28 - 2013-08-20 00:22 - 00000000 ____D () C:\Users\smoking caterpillar\.rainlendar2
2014-02-20 14:28 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-02-20 14:28 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-20 14:28 - 2009-07-14 05:51 - 00109419 _____ () C:\Windows\setupact.log
2014-02-20 11:48 - 2012-10-02 19:10 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\vlc
2014-02-19 17:18 - 2012-11-15 19:11 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\Mipony
2014-02-19 15:41 - 2013-07-28 13:24 - 00000000 ____D () C:\Program Files (x86)\MiPony
2014-02-18 18:18 - 2014-02-18 18:18 - 00448512 _____ (OldTimer Tools) C:\Users\smoking caterpillar\Desktop\TFC.exe
2014-02-16 11:01 - 2012-10-02 16:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 01:22 - 2014-02-16 01:17 - 00000000 ____D () C:\Users\smoking caterpillar\Desktop\21. Spieltag - BVB vs. Eintracht
2014-02-16 01:01 - 2012-12-10 18:43 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\WinPatrol
2014-02-15 23:12 - 2012-10-02 16:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 22:26 - 2014-02-13 21:25 - 00000000 ____D () C:\Users\smoking caterpillar\Desktop\20. Spieltag - Bremen vs. BVB
2014-02-15 22:25 - 2014-02-13 21:00 - 00000000 ____D () C:\Users\smoking caterpillar\Desktop\4. Runde - Eintracht vs. BVB
2014-02-15 08:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-02-14 14:55 - 2014-02-14 14:55 - 00045187 _____ () C:\Users\smoking caterpillar\Desktop\Addition.txt
2014-02-14 10:42 - 2012-10-03 23:02 - 01594964 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-14 10:42 - 2010-11-21 07:50 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-02-14 10:42 - 2010-11-21 07:50 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-02-14 10:42 - 2009-07-14 06:13 - 01594964 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-13 03:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-12 19:58 - 2010-11-21 04:47 - 00038728 _____ () C:\Windows\PFRO.log
2014-02-12 17:59 - 2013-04-15 19:44 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\Notepad++
2014-02-12 17:59 - 2013-04-15 19:44 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-02-12 17:56 - 2012-10-02 17:24 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-12 17:56 - 2012-10-02 17:24 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-12 17:56 - 2012-10-02 17:24 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-12 17:47 - 2013-07-24 07:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-12 17:44 - 2012-10-02 16:28 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-06 13:16 - 2014-02-12 17:35 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 17:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 17:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 17:35 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 17:35 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 17:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 17:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 17:35 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 17:35 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 17:35 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 17:35 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 17:35 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 17:35 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 17:35 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 17:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 17:35 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 17:35 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 17:35 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 17:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 17:35 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 17:35 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 17:35 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 17:35 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 17:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 17:35 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 17:35 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 17:35 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 17:35 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 17:35 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 17:35 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 17:35 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 17:35 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 17:35 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 17:35 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 17:35 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 17:35 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 17:35 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 17:35 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 17:35 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 18:53 - 2012-10-06 20:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-05 14:37 - 2013-08-02 09:23 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\Spotify
2014-02-05 14:35 - 2013-08-02 09:24 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Local\Spotify
2014-02-04 13:13 - 2013-11-25 15:17 - 00000057 _____ () C:\Users\smoking caterpillar\Desktop\Anke Adresse.txt
2014-02-02 01:35 - 2013-11-04 16:53 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\Aquamarin Haushaltsbuch
2014-01-30 22:39 - 2013-11-10 19:18 - 00000000 _____ () C:\Users\smoking caterpillar\Desktop\KAMPFKOLOSS !!!!!.txt
2014-01-29 23:02 - 2014-01-29 23:02 - 13031424 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 12859392 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 12617216 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 10812928 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 09007616 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 05904856 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 05363200 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-01-29 23:02 - 2014-01-29 23:02 - 03511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 03121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 01040384 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00963452 _____ () C:\Windows\SysWOW64\igcodeckrng600.bin
2014-01-29 23:02 - 2014-01-29 23:02 - 00963452 _____ () C:\Windows\system32\igcodeckrng600.bin
2014-01-29 23:02 - 2014-01-29 23:02 - 00931840 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00524800 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00519680 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00515544 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00442328 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00410624 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00399832 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00279000 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00272928 _____ () C:\Windows\SysWOW64\igvpkrng600.bin
2014-01-29 23:02 - 2014-01-29 23:02 - 00272928 _____ () C:\Windows\system32\igvpkrng600.bin
2014-01-29 23:02 - 2014-01-29 23:02 - 00254936 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00223664 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00216064 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00210106 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00194245 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00185816 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00180224 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00171992 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00166170 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00163421 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00159008 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00149682 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00148042 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00147393 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00147288 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00146004 _____ () C:\Windows\system32\Gfxres.ro-RO.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00145491 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144645 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144260 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144020 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00143932 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142882 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142877 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142717 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00142289 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142008 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00141838 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00141049 _____ () C:\Windows\system32\Gfxres.hr-HR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137889 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137784 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137141 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00132623 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-01-29 23:02 - 2014-01-29 23:02 - 00126300 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00124650 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3347.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00110592 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00098304 _____ () C:\Windows\system32\igdde64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00077312 _____ () C:\Windows\SysWOW64\igdde32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00064000 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00059425 _____ () C:\Windows\system32\iglhxo64.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00059398 _____ () C:\Windows\system32\iglhxg64.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00059230 _____ () C:\Windows\system32\iglhxc64.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00059104 _____ () C:\Windows\system32\iglhxc64_dev.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00058796 _____ () C:\Windows\system32\iglhxg64_dev.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00058109 _____ () C:\Windows\system32\iglhxo64_dev.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00028672 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00017058 _____ () C:\Windows\system32\iglhxs64.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-01-29 23:02 - 2011-04-10 10:44 - 11049472 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2014-01-29 23:02 - 2011-04-10 10:31 - 11176448 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2014-01-28 08:36 - 2012-10-10 19:02 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Local\Adobe
2014-01-27 23:32 - 2014-01-26 16:50 - 00000000 ____D () C:\Users\smoking caterpillar\Documents\Dream on
2014-01-21 21:20 - 2013-11-15 14:03 - 00000102 _____ () C:\Users\smoking caterpillar\Desktop\BaföG.txt

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-18 10:24

==================== End Of Log ============================

--- --- ---

Eine Verbesserung habe ich aber noch nicht gespürt.

Aneri · 21.02.2014, 13:12

Hi

bitte lies aufmerksam meine Anweisungen:

Schritt 1:

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

reg: reg query "HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0"
reg: reg query "HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}" /s

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2:
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

brainInfect · 22.02.2014, 01:25

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 20-02-2014
Ran by smoking caterpillar at 2014-02-21 23:15:42 Run:1
Running from C:\Users\smoking caterpillar\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
reg: reg query "HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0"
reg: reg query "HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}" /s
         
*****************


========= reg query "HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0" =========


HKEY_LOCAL_MACHINE\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0
    DMAEnabled    REG_DWORD    0x1
    Driver    REG_SZ    iaStor

HKEY_LOCAL_MACHINE\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 0


========= End of Reg: =========


========= reg query "HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}" /s =========


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}
    Class    REG_SZ    hdc
    ClassDesc    REG_SZ    @%SystemRoot%\System32\SysClass.Dll,-3001
    (Standard)    REG_SZ    IDE ATA/ATAPI controllers
    IconPath    REG_MULTI_SZ    %SystemRoot%\System32\setupapi.dll,-9
    Installer32    REG_SZ    SysClass.Dll,HdcClassInstaller

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0000
    InfPath    REG_SZ    oem14.inf
    InfSection    REG_SZ    iaStor_Install
    ProviderName    REG_SZ    Intel
    DriverDateData    REG_BINARY    00C0128E457DCB01
    DriverDate    REG_SZ    11-6-2010
    DriverVersion    REG_SZ    10.1.0.1008
    MatchingDeviceId    REG_SZ    pci\ven_8086&dev_1c03&cc_0106
    DriverDesc    REG_SZ    Intel(R) Mobile Express Chipset SATA AHCI Controller
    Migrated    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0001
    CoInstallers32    REG_MULTI_SZ    storprop.dll,HdcCoInstaller
    EnumPropPages32    REG_SZ    storprop.dll,AtaPropPageProvider
    InfPath    REG_SZ    mshdc.inf
    InfSection    REG_SZ    atapi_Inst
    ProviderName    REG_SZ    Microsoft
    DriverDateData    REG_BINARY    00808CA3C594C601
    DriverDate    REG_SZ    6-21-2006
    DriverVersion    REG_SZ    6.1.7601.18231
    MatchingDeviceId    REG_SZ    internal_ide_channel
    DriverDesc    REG_SZ    IDE-Kanal
    Migrated    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0002
    CoInstallers32    REG_MULTI_SZ    storprop.dll,HdcCoInstaller
    EnumPropPages32    REG_SZ    storprop.dll,AtaPropPageProvider
    InfPath    REG_SZ    mshdc.inf
    InfSection    REG_SZ    atapi_Inst
    ProviderName    REG_SZ    Microsoft
    DriverDateData    REG_BINARY    00808CA3C594C601
    DriverDate    REG_SZ    6-21-2006
    DriverVersion    REG_SZ    6.1.7601.18231
    MatchingDeviceId    REG_SZ    internal_ide_channel
    DriverDesc    REG_SZ    IDE-Kanal
    Migrated    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties


========= End of Reg: =========


==== End of Fixlog ====

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.21.12

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
smoking caterpillar :: SMOKINGCATERPIL [Administrator]

21.02.2014 23:20:53
MBAM-log-2014-02-21 (23-29-26).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 243057
Laufzeit: 5 Minute(n), 38 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\qvo6.xml (PUP.Optional.qvo6.A) -> Keine Aktion durchgeführt.

(Ende)

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=8e5493fd3d290c4da224e543520ec91d
# engine=17174
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-22 12:12:14
# local_time=2014-02-22 01:12:14 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5893 16776574 100 94 18686154 144657784 0 0
# scanned=144772
# found=0
# cleaned=0
# scan_time=5392

Aneri · 23.02.2014, 22:03

hi

du solltest die Malwarebytes Funde löschen lassen

hat sich das Systemverhalten verbessert?

brainInfect · 26.02.2014, 15:06

Hab ich auch gemacht?! Keine Ahnung, wieso das nicht angezeigt wird. Ich habe Malwarebytes nochmal durchlaufen lassen:

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.26.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
smoking caterpillar :: SMOKINGCATERPIL [Administrator]

26.02.2014 14:56:13
mbam-log-2014-02-26 (14-56-13).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 244799
Laufzeit: 5 Minute(n), 50 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Ja, Systemverhalten hat sich verbessert. Vielen lieben Dank für deine Hilfe.

Gruß
brainInfect

Aneri · 26.02.2014, 15:11

hi wunderbar...

dann sichern wir das System noch ab.

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

bitte poste mir ein finales FRST Logfile, wenn alles passt räumen wir noch auf

brainInfect · 26.02.2014, 16:49

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.79  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 SpywareBlaster 5.0    
 Secunia PSI (3.0.0.4001)   
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 51  
  Adobe Flash Player 12.0.0.70 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Firefox (27.0.1) 
 Mozilla Thunderbird (24.3.0) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 WinPatrol winpatrol.exe 
 BillP Studios WinPatrol WinPatrol.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-02-2014 01
Ran by smoking caterpillar (administrator) on SMOKINGCATERPIL on 26-02-2014 16:47:32
Running from C:\Users\smoking caterpillar\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Box Inc.) C:\Program Files\Box\Box Sync\SyncUpdaterService.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
() C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
(Spotify Ltd) C:\Users\smoking caterpillar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Last.fm) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
() C:\Program Files\VideoLAN\VLC\vlc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe [384232 2012-07-13] (BillP Studios)
HKLM\...\Run: [BoxSync] - C:\Program Files\Box\Box Sync\BoxSync.exe [11187400 2013-09-26] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [384232 2012-07-13] (BillP Studios)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3093878258-50056534-2936666279-1000\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-15] (SUPERAntiSpyware)
HKU\S-1-5-21-3093878258-50056534-2936666279-1000\...\Run: [Java(TM) Platform SE binary] - C:\Program Files (x86)\Java\jre7\bin\java.exe [6563608 2014-01-15] (SUPERAntiSpyware)
HKU\S-1-5-21-3093878258-50056534-2936666279-1000\...\Run: [Rainlendar2] - C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2598496 2013-03-10] ()
HKU\S-1-5-21-3093878258-50056534-2936666279-1000\...\Run: [Spotify Web Helper] - C:\Users\smoking caterpillar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-20] (Spotify Ltd)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCC88C238B0A0CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&k=0
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&k=0
SearchScopes: HKCU - {28413F52-C3C2-46DB-B1CB-368141F6C2FF} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {3F751673-DDA5-4D1E-B8DC-3468E47EA37F} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {4623BECF-5FAB-4FED-8378-F2CAA48B6FCE} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {85BF947F-DD9F-4C9E-B0D6-73AA3A22E83D} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {8E02FD86-005F-44A7-BBB8-BF74A430A7AB} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {DF4FDD1E-FDAC-4A22-BB8B-EFE3D030728C} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=d0f5499a-49a6-4941-be1e-ad6f0ab4a4e7&pid=murb&mode=bounce&k=0
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Flagfox - {BA7B8F39-DF7F-4A98-83E9-57CE6ED9CA24} - C:\Users\smoking caterpillar\AppData\LocalLow\Flagfox\IE\Flagfox.dll (Dave G)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default
FF DefaultSearchEngine: Startpage HTTPS - Deutsch
FF SelectedSearchEngine: Startpage HTTPS - Deutsch
FF Homepage: hxxp://google.de
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 445
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\searchplugins\startpage-https---deutsch.xml
FF SearchPlugin: C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\Extensions\ich@maltegoetz.de [2013-12-12]
FF Extension: LavaFox V2 - C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\Extensions\info@djzig.com [2014-01-14]
FF Extension: LavaFox V2-Purple - C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\Extensions\zigboom555@aol.com [2014-01-13]
FF Extension: WOT - C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: Block site - C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2013-10-09]
FF Extension: ReloadEvery - C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2013-07-23]
FF Extension: Adblock Plus - C:\Users\smoking caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\smf00mp5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-29]
FF HKLM-x32\...\Firefox\Extensions: [gamescenter@gamescenter.com] - C:\Program Files (x86)\GamesCenter\GamesCenter.xpi
FF Extension: Games Center - C:\Program Files (x86)\GamesCenter\GamesCenter.xpi [2013-02-11]

Chrome: 
=======
CHR Extension: (Flagfox) - C:\Users\smoking caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfdfamfnacokbbbnmpdfmhonipnhmbid [2013-06-21]
CHR HKLM-x32\...\Chrome\Extension: [cfdfamfnacokbbbnmpdfmhonipnhmbid] - C:\Users\smoking caterpillar\AppData\LocalLow\Flagfox\CHROME\Flagfox.crx [2013-04-28]
CHR HKLM-x32\...\Chrome\Extension: [dehjbbcmklelglapfndfbomoaooippkb] - C:\Program Files (x86)\GamesCenter\GamesCenter.crx [2013-04-28]

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
R2 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [18944 2013-09-26] (Box Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)

==================== Drivers (Whitelisted) ====================

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-26 16:47 - 2014-02-26 16:47 - 02155008 _____ (Farbar) C:\Users\smoking caterpillar\Desktop\FRST64.exe
2014-02-26 16:47 - 2014-02-26 16:47 - 00016487 _____ () C:\Users\smoking caterpillar\Desktop\FRST.txt
2014-02-26 16:46 - 2014-02-26 16:46 - 00001030 _____ () C:\Users\smoking caterpillar\Desktop\checkup.txt
2014-02-26 16:44 - 2014-02-26 16:44 - 00987425 _____ () C:\Users\smoking caterpillar\Desktop\SecurityCheck.exe
2014-02-26 14:48 - 2014-02-26 14:48 - 00000000 ____D () C:\Users\smoking caterpillar\Desktop\Berlin Connection
2014-02-26 14:46 - 2014-02-26 14:46 - 00063554 _____ () C:\Users\smoking caterpillar\AppData\Local\recently-used.xbel
2014-02-21 20:07 - 2014-02-25 18:35 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Local\gtk-2.0
2014-02-21 18:38 - 2014-02-26 14:49 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\inkscape
2014-02-21 18:34 - 2014-02-26 14:50 - 00000000 ____D () C:\Program Files (x86)\Inkscape
2014-02-20 16:07 - 2014-02-20 16:07 - 00000000 ____D () C:\ProgramData\Auslogics
2014-02-20 16:06 - 2014-02-20 16:06 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-02-16 04:04 - 2013-11-27 00:29 - 05693440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-16 04:04 - 2013-11-26 23:49 - 06573056 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-15 08:23 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-02-15 08:23 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-02-15 08:23 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-02-15 08:23 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-02-15 08:23 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-02-15 08:23 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-02-15 08:23 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-02-15 08:23 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-02-15 08:23 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-02-15 08:23 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-02-15 08:23 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-02-15 08:23 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-02-15 08:23 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-02-15 08:23 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-02-15 08:23 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-02-15 08:23 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-02-15 08:22 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-02-15 08:22 - 2012-08-23 15:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-02-15 08:22 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-02-15 08:21 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-02-15 08:21 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-02-15 08:21 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-02-15 08:21 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-02-15 08:20 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-02-15 08:20 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-02-15 08:20 - 2012-05-04 12:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-02-15 08:20 - 2012-05-04 10:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-02-14 14:54 - 2014-02-26 16:47 - 00000000 ____D () C:\FRST
2014-02-12 17:36 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 17:36 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 17:35 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 17:35 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 17:35 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 17:35 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 17:35 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 17:35 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 17:35 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 17:35 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 17:35 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 17:35 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 17:35 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 17:35 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 17:35 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 17:35 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 17:35 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 17:35 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 17:35 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 17:35 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 17:35 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 17:35 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 17:35 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 17:35 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 17:35 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 17:35 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 17:35 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 17:35 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 17:35 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 17:35 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 17:35 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 17:35 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 17:35 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 17:35 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 17:35 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 17:35 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 17:35 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 17:35 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 17:35 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 17:35 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 17:35 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 17:34 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 17:34 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 17:34 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 17:34 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 17:34 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 17:34 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 17:34 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 17:34 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 17:34 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 17:34 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 17:34 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 17:34 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 17:34 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 17:34 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 17:34 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 17:34 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 17:34 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 17:34 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 17:34 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 17:34 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 17:34 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 17:34 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-12 17:33 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 17:33 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 17:33 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 17:33 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 17:33 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 17:33 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 13031424 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 12859392 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 12617216 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 10812928 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 09007616 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 05904856 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 05363200 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-01-29 23:02 - 2014-01-29 23:02 - 03511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 03121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 01040384 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00963452 _____ () C:\Windows\SysWOW64\igcodeckrng600.bin
2014-01-29 23:02 - 2014-01-29 23:02 - 00963452 _____ () C:\Windows\system32\igcodeckrng600.bin
2014-01-29 23:02 - 2014-01-29 23:02 - 00931840 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00524800 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00519680 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00515544 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00442328 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00410624 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00399832 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00279000 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00272928 _____ () C:\Windows\SysWOW64\igvpkrng600.bin
2014-01-29 23:02 - 2014-01-29 23:02 - 00272928 _____ () C:\Windows\system32\igvpkrng600.bin
2014-01-29 23:02 - 2014-01-29 23:02 - 00254936 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00223664 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00216064 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00210106 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00194245 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00185816 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00180224 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00171992 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00166170 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00163421 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00159008 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00149682 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00148042 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00147393 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00147288 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00146004 _____ () C:\Windows\system32\Gfxres.ro-RO.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00145491 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144645 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144260 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144020 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00143932 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142882 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142877 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142717 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00142289 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142008 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00141838 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00141049 _____ () C:\Windows\system32\Gfxres.hr-HR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137889 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137784 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137141 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00132623 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-01-29 23:02 - 2014-01-29 23:02 - 00126300 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00124650 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3347.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00110592 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00098304 _____ () C:\Windows\system32\igdde64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00077312 _____ () C:\Windows\SysWOW64\igdde32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00064000 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00059425 _____ () C:\Windows\system32\iglhxo64.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00059398 _____ () C:\Windows\system32\iglhxg64.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00059230 _____ () C:\Windows\system32\iglhxc64.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00059104 _____ () C:\Windows\system32\iglhxc64_dev.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00058796 _____ () C:\Windows\system32\iglhxg64_dev.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00058109 _____ () C:\Windows\system32\iglhxo64_dev.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00028672 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00017058 _____ () C:\Windows\system32\iglhxs64.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll

==================== One Month Modified Files and Folders =======

2014-02-26 16:47 - 2014-02-26 16:47 - 02155008 _____ (Farbar) C:\Users\smoking caterpillar\Desktop\FRST64.exe
2014-02-26 16:47 - 2014-02-26 16:47 - 00016487 _____ () C:\Users\smoking caterpillar\Desktop\FRST.txt
2014-02-26 16:47 - 2014-02-14 14:54 - 00000000 ____D () C:\FRST
2014-02-26 16:46 - 2014-02-26 16:46 - 00001030 _____ () C:\Users\smoking caterpillar\Desktop\checkup.txt
2014-02-26 16:44 - 2014-02-26 16:44 - 00987425 _____ () C:\Users\smoking caterpillar\Desktop\SecurityCheck.exe
2014-02-26 16:24 - 2012-10-02 17:24 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-26 16:11 - 2012-10-01 20:19 - 01164193 _____ () C:\Windows\WindowsUpdate.log
2014-02-26 15:40 - 2012-10-02 19:00 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Local\Last.fm
2014-02-26 15:17 - 2013-02-11 16:57 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\FileZilla
2014-02-26 14:54 - 2012-12-10 18:49 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\#1 Sicherheit
2014-02-26 14:52 - 2013-01-21 21:58 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\Skype
2014-02-26 14:52 - 2013-01-21 21:58 - 00000000 ____D () C:\ProgramData\Skype
2014-02-26 14:50 - 2014-02-21 18:34 - 00000000 ____D () C:\Program Files (x86)\Inkscape
2014-02-26 14:49 - 2014-02-21 18:38 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\inkscape
2014-02-26 14:48 - 2014-02-26 14:48 - 00000000 ____D () C:\Users\smoking caterpillar\Desktop\Berlin Connection
2014-02-26 14:47 - 2012-11-27 02:58 - 00000000 ____D () C:\Users\smoking caterpillar\.gimp-2.8
2014-02-26 14:46 - 2014-02-26 14:46 - 00063554 _____ () C:\Users\smoking caterpillar\AppData\Local\recently-used.xbel
2014-02-26 11:17 - 2012-11-15 19:11 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\Mipony
2014-02-26 11:10 - 2009-07-14 05:45 - 00022512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-26 11:10 - 2009-07-14 05:45 - 00022512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-26 11:05 - 2012-10-02 17:24 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-26 11:05 - 2012-10-02 17:24 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-26 11:05 - 2012-10-02 17:24 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-26 11:04 - 2013-08-20 00:22 - 00000000 ____D () C:\Users\smoking caterpillar\.rainlendar2
2014-02-26 11:03 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-26 11:03 - 2009-07-14 05:51 - 00110315 _____ () C:\Windows\setupact.log
2014-02-25 18:35 - 2014-02-21 20:07 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Local\gtk-2.0
2014-02-25 13:54 - 2012-10-02 19:10 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\vlc
2014-02-24 23:51 - 2013-12-20 21:26 - 00000000 ____D () C:\Users\smoking caterpillar\Documents\Calibre Bibliothek
2014-02-23 04:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-22 10:57 - 2010-11-21 04:47 - 00039562 _____ () C:\Windows\PFRO.log
2014-02-22 10:57 - 2009-07-14 05:45 - 00379584 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-21 15:41 - 2012-10-01 20:43 - 00088768 _____ () C:\Users\smoking caterpillar\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-20 19:32 - 2013-02-16 12:53 - 00000000 ____D () C:\Users\smoking caterpillar\Documents\sXeXa
2014-02-20 16:07 - 2014-02-20 16:07 - 00000000 ____D () C:\ProgramData\Auslogics
2014-02-20 16:06 - 2014-02-20 16:06 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-02-20 14:28 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-02-19 15:41 - 2013-07-28 13:24 - 00000000 ____D () C:\Program Files (x86)\MiPony
2014-02-16 11:01 - 2012-10-02 16:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 01:01 - 2012-12-10 18:43 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\WinPatrol
2014-02-15 23:12 - 2012-10-02 16:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 08:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-02-14 10:42 - 2012-10-03 23:02 - 01594964 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-14 10:42 - 2010-11-21 07:50 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-02-14 10:42 - 2010-11-21 07:50 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-02-14 10:42 - 2009-07-14 06:13 - 01594964 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-12 17:59 - 2013-04-15 19:44 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\Notepad++
2014-02-12 17:59 - 2013-04-15 19:44 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-02-12 17:47 - 2013-07-24 07:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-12 17:44 - 2012-10-02 16:28 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-06 13:16 - 2014-02-12 17:35 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 17:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 17:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 17:35 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 17:35 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 17:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 17:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 17:35 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 17:35 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 17:35 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 17:35 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 17:35 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 17:35 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 17:35 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 17:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 17:35 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 17:35 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 17:35 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 17:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 17:35 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 17:35 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 17:35 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 17:35 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 17:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 17:35 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 17:35 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 17:35 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 17:35 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 17:35 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 17:35 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 17:35 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 17:35 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 17:35 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 17:35 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 17:35 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 17:35 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 17:35 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 17:35 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 17:35 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 18:53 - 2012-10-06 20:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-05 14:37 - 2013-08-02 09:23 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\Spotify
2014-02-05 14:35 - 2013-08-02 09:24 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Local\Spotify
2014-02-04 13:13 - 2013-11-25 15:17 - 00000057 _____ () C:\Users\smoking caterpillar\Desktop\Anke Adresse.txt
2014-02-02 01:35 - 2013-11-04 16:53 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Roaming\Aquamarin Haushaltsbuch
2014-01-30 22:39 - 2013-11-10 19:18 - 00000000 _____ () C:\Users\smoking caterpillar\Desktop\KAMPFKOLOSS !!!!!.txt
2014-01-29 23:02 - 2014-01-29 23:02 - 13031424 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 12859392 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 12617216 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 10812928 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 09007616 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 05904856 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 05363200 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-01-29 23:02 - 2014-01-29 23:02 - 03511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 03121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 01040384 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00963452 _____ () C:\Windows\SysWOW64\igcodeckrng600.bin
2014-01-29 23:02 - 2014-01-29 23:02 - 00963452 _____ () C:\Windows\system32\igcodeckrng600.bin
2014-01-29 23:02 - 2014-01-29 23:02 - 00931840 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00524800 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00519680 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00515544 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00442328 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00410624 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00399832 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00279000 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00272928 _____ () C:\Windows\SysWOW64\igvpkrng600.bin
2014-01-29 23:02 - 2014-01-29 23:02 - 00272928 _____ () C:\Windows\system32\igvpkrng600.bin
2014-01-29 23:02 - 2014-01-29 23:02 - 00254936 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00223664 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00216064 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00210106 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00194245 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00185816 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00180224 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00171992 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00166170 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00163421 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00159008 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00149682 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00148042 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00147393 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00147288 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00146004 _____ () C:\Windows\system32\Gfxres.ro-RO.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00145491 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144645 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144260 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144020 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00143932 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142882 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142877 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142717 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00142289 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142008 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00141838 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00141049 _____ () C:\Windows\system32\Gfxres.hr-HR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137889 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137784 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137141 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00132623 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-01-29 23:02 - 2014-01-29 23:02 - 00126300 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00124650 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3347.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00110592 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00098304 _____ () C:\Windows\system32\igdde64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00077312 _____ () C:\Windows\SysWOW64\igdde32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00064000 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00059425 _____ () C:\Windows\system32\iglhxo64.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00059398 _____ () C:\Windows\system32\iglhxg64.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00059230 _____ () C:\Windows\system32\iglhxc64.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00059104 _____ () C:\Windows\system32\iglhxc64_dev.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00058796 _____ () C:\Windows\system32\iglhxg64_dev.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00058109 _____ () C:\Windows\system32\iglhxo64_dev.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00028672 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00017058 _____ () C:\Windows\system32\iglhxs64.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-01-29 23:02 - 2011-04-10 10:44 - 11049472 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2014-01-29 23:02 - 2011-04-10 10:31 - 11176448 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2014-01-28 08:36 - 2012-10-10 19:02 - 00000000 ____D () C:\Users\smoking caterpillar\AppData\Local\Adobe
2014-01-27 23:32 - 2014-01-26 16:50 - 00000000 ____D () C:\Users\smoking caterpillar\Documents\Dream on

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-18 10:24

==================== End Of Log ============================

--- --- ---

14.02.2014, 15:29	#4
Aneri /// Malwareteam	Bereinigung des Laptops Hi gibt es das Logfile von MBAM noch? wenn ja bitte hier posten. Wie verhällt sich der Rechner genau. Wo liegen die Probleme __________________ Gruß Aneri Mitglied von UNITE Lob oder Kritik? hier wirst du es los

20.02.2014, 14:46	#8
Aneri /// Malwareteam	Bereinigung des Laptops Hi oh da hab ich dn Link vergessen sry. http://filepony.de/download-auslogics_disk_defrag/ __________________ Gruß Aneri Mitglied von UNITE Lob oder Kritik? hier wirst du es los

23.02.2014, 22:03	#12
Aneri /// Malwareteam	Bereinigung des Laptops hi du solltest die Malwarebytes Funde löschen lassen hat sich das Systemverhalten verbessert? __________________ Gruß Aneri Mitglied von UNITE Lob oder Kritik? hier wirst du es los

Bereinigung des Laptops

Plagegeister aller Art und deren Bekämpfung: Bereinigung des Laptops