Hallo ;)
mein erstes mal hier.
Ich hab einen Virus der immer wieder kommt.
hab versucht diesen mit HiJackThis, Avira Free Antivirus, Malwarebytes und Microsoft Safety Scanner zu bekämpfen.
Meine Firewall wird immer vom Virus deaktiviert.
Nachdem alle viren gelöscht sind aktiviert sich die Firewall wieder.
(seitdem ich Microsoft Safety Scanner benutze)
mit Malwarebytes war die Firewall hinterher immernoch deaktiviert.
Nachdem alles gelöscht ist geht alles wieder aber irgendwann fängt der spaß von neu an.
Ich weiß nicht was es auslöst...
Hab Java und Java 64 Bit installiert. (vlt kommt der virus von java?)
Malwarebytes sagt was von "Trojan.0Access"
Die von Malwarebytes gefundenen Viren werden im Papierkorb entdeckt. (?!.. C:\$Recycle.Bin)
MS Safety Scanner sagt was von
"Trojan:Win64/Sirefef.P" (Teilweise entfernt, neustart erforderlich)
"Trojan:Win64/Sirefef.AI"
"Trojan:Win64/Sirefef.AK"
"Trojan:Win64/Sirefef.AN"
"Trojan:Win32/Sirefef!cfg" (Teilweise entfernt, neustart erforderlich)
"Trojan:Win32/Sirefef.AB" (Teilweise entfernt, neustart erforderlich)
"Trojan:Win32/Sirefef.AN"
Avira Free Antivir fand dxmovs.exe "WORM/Phorpiex.B.128"
und folgende Fehler:
Zitat:
C:\Program Files\Windows Defender\MpAsDesc.dll
[WARNUNG] Die Datei konnte nicht geöffnet werden!
C:\Program Files\Windows Defender\MpClient.dll
[WARNUNG] Die Datei konnte nicht geöffnet werden!
C:\Program Files\Windows Defender\MpCmdRun.exe
[WARNUNG] Die Datei konnte nicht geöffnet werden!
C:\Program Files\Windows Defender\MpCommu.dll
[WARNUNG] Die Datei konnte nicht geöffnet werden!
C:\Program Files\Windows Defender\MpEvMsg.dll
[WARNUNG] Die Datei konnte nicht geöffnet werden!
C:\Program Files\Windows Defender\MpOAV.dll
[WARNUNG] Die Datei konnte nicht geöffnet werden!
C:\Program Files\Windows Defender\MpRTP.dll
[WARNUNG] Die Datei konnte nicht geöffnet werden!
C:\Program Files\Windows Defender\MpSvc.dll
[WARNUNG] Die Datei konnte nicht geöffnet werden!
C:\Program Files\Windows Defender\MSASCui.exe
[WARNUNG] Die Datei konnte nicht geöffnet werden!
C:\Program Files\Windows Defender\MsMpCom.dll
[WARNUNG] Die Datei konnte nicht geöffnet werden!
C:\Program Files\Windows Defender\MsMpLics.dll
[WARNUNG] Die Datei konnte nicht geöffnet werden!
C:\Program Files\Windows Defender\MsMpRes.dll
[WARNUNG] Die Datei konnte nicht geöffnet werden!
|
HiJackThis findet diese Datei jedes mal wenns los geht.
O4 - HKLM\..\Policies\Explorer\Run: [29797] c:\progra~3\dxajpxgzx.exe (schädlich 2.29/5)
hatte es noch nie mit so einem hartnäckigen virus zu tun.
hoffe jemand kennt sich aus. :headbang:
edit: habs nun auch mit FRST64 gescannt
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-07-2013
Ran by Dredglol (administrator) on 24-07-2013 13:22:22
Running from C:\Users\Dredglol\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTSched.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Users\Dredglol\Downloads\msert.exe
(Trend Micro Inc.) C:\Users\Dredglol\Downloads\HiJackThis204.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer\Run: [29797] c:\progra~3\dxajpxgzx.exe [948736 2010-11-21] ( (DAMN))
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess?
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [CreativeTaskScheduler] - C:\Program Files (x86)\Creative\Shared Files\CTSched.exe [53341 2006-11-17] (Creative Technology Ltd)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1672616 2013-07-10] (Valve Corporation)
MountPoints2: {2530f524-ee06-11e2-851c-20cf3021426f} - E:\ME2_DE.exe
HKLM-x32\...\Run: [NUSB3MON] - "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [676608 2013-06-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [CTxfiHlp] - CTXFIHLP.EXE [24576 2012-12-19] (Creative Technology Ltd)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Razer Synapse] - "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" [610152 2013-06-21] (Razer Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Startup: C:\Users\Dredglol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MSI Afterburner.lnk
ShortcutTarget: MSI Afterburner.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9 01 mswsock.dll File Not found ()
Winsock: Catalog9 02 mswsock.dll File Not found ()
Winsock: Catalog9 03 mswsock.dll File Not found ()
Winsock: Catalog9 04 mswsock.dll File Not found ()
Winsock: Catalog9 05 mswsock.dll File Not found ()
Winsock: Catalog9 06 mswsock.dll File Not found ()
Winsock: Catalog9 07 mswsock.dll File Not found ()
Winsock: Catalog9 08 mswsock.dll File Not found ()
Winsock: Catalog9 09 mswsock.dll File Not found ()
Winsock: Catalog9 10 mswsock.dll File Not found ()
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9-x64 01 mswsock.dll File Not found ()
Winsock: Catalog9-x64 02 mswsock.dll File Not found ()
Winsock: Catalog9-x64 03 mswsock.dll File Not found ()
Winsock: Catalog9-x64 04 mswsock.dll File Not found ()
Winsock: Catalog9-x64 05 mswsock.dll File Not found ()
Winsock: Catalog9-x64 06 mswsock.dll File Not found ()
Winsock: Catalog9-x64 07 mswsock.dll File Not found ()
Winsock: Catalog9-x64 08 mswsock.dll File Not found ()
Winsock: Catalog9-x64 09 mswsock.dll File Not found ()
Winsock: Catalog9-x64 10 mswsock.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Dredglol\AppData\Roaming\Mozilla\Firefox\Profiles\1wlwa6vl.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: No Name - C:\Users\Dredglol\AppData\Roaming\Mozilla\Firefox\Profiles\1wlwa6vl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-06-04] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-26] (Avira Operations GmbH & Co. KG)
S4 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-26] (Avira Operations GmbH & Co. KG)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-02-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG)
S3 CYUSB; C:\Windows\System32\Drivers\CYUSB.sys [47104 2009-08-10] (Cypress Semiconductor)
S3 DAdderFltr; C:\Windows\System32\drivers\dadder.sys [12032 2010-04-19] (Razer (Asia-Pacific) Pte Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-19] (DT Soft Ltd)
S1 kkpvbxdj; C:\Windows\system32\drivers\kkpvbxdj.sys [49872 2013-07-24] (Microsoft Corporation)
R1 MpKslcfd174bc; C:\Windows\Temp\MpKslcfd174bc.sys [35664 2013-07-24] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-07-15] ()
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-07-15] ()
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [31232 2013-06-07] (Razer Inc)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 athr; system32\DRIVERS\athrx.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-24 13:22 - 2013-07-24 13:22 - 00000000 ____D C:\FRST
2013-07-24 13:21 - 2013-07-24 13:22 - 01779757 _____ (Farbar) C:\Users\Dredglol\Downloads\FRST64.exe
2013-07-24 12:49 - 2013-07-24 12:49 - 00049872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kkpvbxdj.sys
2013-07-24 01:57 - 2013-07-24 02:00 - 10401792 _____ C:\Users\Dredglol\Downloads\pso-pr-sample.avi
2013-07-23 06:19 - 2013-07-23 06:19 - 00013312 _____ (Loghain) C:\Users\Dredglol\Downloads\giveme2entitlements(1).exe
2013-07-23 05:03 - 2013-07-23 05:03 - 00013312 _____ (Loghain) C:\Users\Dredglol\Downloads\giveme2entitlements.exe
2013-07-23 01:10 - 2013-07-24 12:49 - 00000000 ____D C:\Windows\system32\MpEngineStore
2013-07-23 01:08 - 2013-07-23 01:08 - 00000000 ____D C:\Users\Dredglol\Downloads\backups
2013-07-23 01:06 - 2013-07-24 12:58 - 00009199 _____ C:\Users\Dredglol\Downloads\hijackthis.log
2013-07-23 01:05 - 2013-07-23 01:06 - 00388608 _____ (Trend Micro Inc.) C:\Users\Dredglol\Downloads\HiJackThis204.exe
2013-07-23 00:59 - 2013-07-23 00:59 - 00000402 _____ C:\Users\Dredglol\Desktop\Repair.bat
2013-07-23 00:56 - 2013-07-23 00:57 - 88568592 _____ (Microsoft Corporation) C:\Users\Dredglol\Downloads\msert.exe
2013-07-21 12:02 - 2013-07-21 12:02 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-21 12:02 - 2013-07-21 12:02 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-21 12:02 - 2013-07-21 12:02 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-21 12:02 - 2013-07-21 12:02 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-21 12:02 - 2013-07-21 12:02 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-21 12:02 - 2013-07-21 12:02 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-21 12:02 - 2013-07-21 12:02 - 00000000 ____D C:\Program Files\Java
2013-07-20 22:12 - 2013-07-23 04:20 - 00000000 ____D C:\Users\Dredglol\Documents\BioWare
2013-07-20 12:42 - 2013-07-15 13:33 - 15960440 _____ C:\Users\Dredglol\Desktop\MSIAfterburnerSetup300Beta11.exe
2013-07-19 19:15 - 2013-07-23 00:57 - 00000236 _____ C:\Users\Dredglol\Neues Textdokument.txt
2013-07-19 18:52 - 2013-07-19 18:52 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\LolClient
2013-07-19 17:08 - 2013-07-20 14:05 - 00000000 ____D C:\Users\Dredglol\AppData\Local\PMB Files
2013-07-19 17:08 - 2013-07-19 17:08 - 00001613 _____ C:\Users\Public\Desktop\Play League of Legends.lnk
2013-07-19 17:08 - 2013-07-19 17:08 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-07-19 17:08 - 2013-07-19 17:08 - 00000000 ____D C:\Riot Games
2013-07-19 17:08 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-07-19 17:08 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-07-19 17:08 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-07-19 17:07 - 2013-07-20 14:05 - 00000000 ____D C:\ProgramData\PMB Files
2013-07-19 17:07 - 2013-07-19 17:07 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\Riot Games
2013-07-19 17:07 - 2013-07-19 17:07 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-07-18 21:32 - 2013-07-18 21:36 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\.minecraft
2013-07-18 21:31 - 2013-07-18 21:31 - 00675988 _____ C:\Users\Dredglol\Desktop\Minecraft.exe
2013-07-18 03:57 - 2013-07-23 06:25 - 00000282 _____ C:\Windows\Tasks\MSIAfterburner.job
2013-07-17 15:50 - 2013-07-17 15:50 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\Malwarebytes
2013-07-17 15:49 - 2013-07-17 15:49 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-17 15:49 - 2013-07-17 15:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-17 15:49 - 2013-07-17 15:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-17 15:49 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-17 15:30 - 2013-07-17 15:30 - 00001696 _____ C:\AdwCleaner[S1].txt
2013-07-17 14:14 - 2013-07-17 14:14 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\Ubisoft
2013-07-17 12:30 - 2013-07-17 19:52 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-17 12:30 - 2013-07-17 12:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-17 12:16 - 2013-07-17 12:16 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2013-07-17 12:08 - 2013-07-20 22:24 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-07-16 15:56 - 2013-07-16 15:56 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\Notepad++
2013-07-16 15:56 - 2013-07-16 15:56 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-07-16 15:56 - 2013-07-16 15:56 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-07-15 19:01 - 2013-07-15 19:01 - 00002106 _____ C:\Users\Public\Desktop\Path of Exile.lnk
2013-07-15 19:01 - 2013-07-15 19:01 - 00000000 ____D C:\Program Files (x86)\Grinding Gear Games
2013-07-15 12:57 - 2013-07-15 12:57 - 00000000 ____D C:\Users\Dredglol\AppData\Local\Chromium
2013-07-15 12:56 - 2013-07-23 00:24 - 00000000 ____D C:\Users\Dredglol\Documents\Rockstar Games
2013-07-15 12:56 - 2013-07-15 12:56 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2013-07-15 12:51 - 2013-07-15 12:51 - 00000000 ____D C:\ProgramData\Rockstar Games
2013-07-14 15:49 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2013-07-14 15:49 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2013-07-14 15:49 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2013-07-14 15:49 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2013-07-14 15:49 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2013-07-14 15:49 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2013-07-14 11:24 - 2013-07-14 11:24 - 00000219 _____ C:\Users\Dredglol\Desktop\Dota 2.url
2013-07-13 16:30 - 2013-07-13 16:30 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-13 16:30 - 2013-07-13 16:30 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-13 16:30 - 2013-07-13 16:30 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-13 16:30 - 2013-07-13 16:30 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-13 16:30 - 2013-07-13 16:30 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-13 16:30 - 2013-07-13 16:30 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-13 16:30 - 2013-07-13 16:30 - 00000000 ____D C:\ProgramData\Sun
2013-07-13 16:30 - 2013-07-13 16:30 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-13 12:17 - 2013-07-13 12:17 - 00000000 ____D C:\Users\Dredglol\AppData\Local\My Games
2013-07-13 12:17 - 2013-07-13 12:17 - 00000000 ____D C:\ProgramData\REVOLT
2013-07-13 12:11 - 2013-07-13 12:37 - 00000000 ____D C:\Program Files (x86)\Games
2013-07-12 17:50 - 2013-07-17 15:04 - 00000000 ____D C:\Windows\system32\appmgmt
2013-07-12 16:32 - 2013-07-12 16:32 - 00000000 ____D C:\Users\Dredglol\AppData\Local\SmartFTP
2013-07-12 15:09 - 2013-07-12 15:09 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\SmartFTP
2013-07-12 15:09 - 2013-07-12 15:09 - 00000000 ____D C:\Users\Dredglol\AppData\Local\SmartFTP Client 4.1 Setup
2013-07-11 13:21 - 2013-07-11 13:21 - 00000000 ____D C:\Program Files (x86)\dumps
2013-07-11 13:20 - 2013-07-24 12:30 - 00000000 ____D C:\Program Files (x86)\Steam
2013-07-11 13:20 - 2013-07-11 13:20 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk
2013-07-11 13:15 - 2013-07-11 13:15 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-11 02:15 - 2013-07-11 02:15 - 00387832 _____ C:\Users\Dredglol\Documents\Stapelverarbeitung.veg
2013-07-11 02:08 - 2013-07-12 16:14 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\Audacity
2013-07-11 02:08 - 2013-07-11 02:08 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-07-11 02:04 - 2013-07-11 02:04 - 00004984 _____ C:\Users\Dredglol\Documents\Track 2 - 26.sfk
2013-07-11 02:03 - 2013-07-11 02:04 - 01261942 _____ C:\Users\Dredglol\Documents\Track 2 - 26.wav
2013-07-11 02:03 - 2013-07-11 02:03 - 00634986 _____ C:\Users\Dredglol\Documents\Track 2 - 25.wav
2013-07-11 02:03 - 2013-07-11 02:03 - 00002608 _____ C:\Users\Dredglol\Documents\Track 2 - 24.sfk
2013-07-11 02:03 - 2013-07-11 02:03 - 00002536 _____ C:\Users\Dredglol\Documents\Track 2 - 25.sfk
2013-07-11 01:59 - 2013-07-11 02:03 - 00654110 _____ C:\Users\Dredglol\Documents\Track 2 - 24.wav
2013-07-11 01:59 - 2013-07-11 01:59 - 00871726 _____ C:\Users\Dredglol\Documents\Track 2 - 23.wav
2013-07-11 01:59 - 2013-07-11 01:59 - 00003656 _____ C:\Users\Dredglol\Documents\Track 2 - 22.sfk
2013-07-11 01:59 - 2013-07-11 01:59 - 00003464 _____ C:\Users\Dredglol\Documents\Track 2 - 23.sfk
2013-07-11 01:58 - 2013-07-11 01:59 - 00922070 _____ C:\Users\Dredglol\Documents\Track 2 - 22.wav
2013-07-11 01:58 - 2013-07-11 01:58 - 00004920 _____ C:\Users\Dredglol\Documents\Track 2 - 21.sfk
2013-07-11 01:56 - 2013-07-11 01:58 - 01245214 _____ C:\Users\Dredglol\Documents\Track 2 - 21.wav
2013-07-11 01:56 - 2013-07-11 01:56 - 01890618 _____ C:\Users\Dredglol\Documents\Track 2 - 20.wav
2013-07-11 01:56 - 2013-07-11 01:56 - 00007440 _____ C:\Users\Dredglol\Documents\Track 2 - 20.sfk
2013-07-11 01:56 - 2013-07-11 01:56 - 00007000 _____ C:\Users\Dredglol\Documents\Track 2 - 19.sfk
2013-07-11 01:53 - 2013-07-11 01:56 - 01777526 _____ C:\Users\Dredglol\Documents\Track 2 - 19.wav
2013-07-11 01:53 - 2013-07-11 01:53 - 00002912 _____ C:\Users\Dredglol\Documents\Track 2 - 18.sfk
2013-07-11 01:52 - 2013-07-11 01:53 - 00731650 _____ C:\Users\Dredglol\Documents\Track 2 - 18.wav
2013-07-11 01:52 - 2013-07-11 01:52 - 01821362 _____ C:\Users\Dredglol\Documents\Track 2 - 17.wav
2013-07-11 01:52 - 2013-07-11 01:52 - 00007176 _____ C:\Users\Dredglol\Documents\Track 2 - 16.sfk
2013-07-11 01:52 - 2013-07-11 01:52 - 00007168 _____ C:\Users\Dredglol\Documents\Track 2 - 17.sfk
2013-07-11 01:47 - 2013-07-11 01:52 - 01823250 _____ C:\Users\Dredglol\Documents\Track 2 - 16.wav
2013-07-11 01:47 - 2013-07-11 01:47 - 00003800 _____ C:\Users\Dredglol\Documents\Track 2 - 15.sfk
2013-07-11 01:46 - 2013-07-11 01:47 - 00958394 _____ C:\Users\Dredglol\Documents\Track 2 - 15.wav
2013-07-11 01:46 - 2013-07-11 01:46 - 00003272 _____ C:\Users\Dredglol\Documents\Track 2 - 14.sfk
2013-07-11 01:43 - 2013-07-11 01:46 - 00822954 _____ C:\Users\Dredglol\Documents\Track 2 - 14.wav
2013-07-11 01:43 - 2013-07-11 01:43 - 00003856 _____ C:\Users\Dredglol\Documents\Track 2 - 13.sfk
2013-07-11 01:42 - 2013-07-11 01:43 - 00972002 _____ C:\Users\Dredglol\Documents\Track 2 - 13.wav
2013-07-11 01:42 - 2013-07-11 01:42 - 00005008 _____ C:\Users\Dredglol\Documents\Track 2 - 12.sfk
2013-07-11 01:40 - 2013-07-11 01:42 - 01268326 _____ C:\Users\Dredglol\Documents\Track 2 - 12.wav
2013-07-11 01:40 - 2013-07-11 01:40 - 00005680 _____ C:\Users\Dredglol\Documents\Track 2 - 11.sfk
2013-07-11 01:39 - 2013-07-11 01:40 - 01440038 _____ C:\Users\Dredglol\Documents\Track 2 - 11.wav
2013-07-11 01:39 - 2013-07-11 01:39 - 00004568 _____ C:\Users\Dredglol\Documents\Track 2 - 10.sfk
2013-07-11 01:38 - 2013-07-11 01:39 - 01154574 _____ C:\Users\Dredglol\Documents\Track 2 - 10.wav
2013-07-11 01:38 - 2013-07-11 01:38 - 01283462 _____ C:\Users\Dredglol\Documents\Track 2 - 9.wav
2013-07-11 01:38 - 2013-07-11 01:38 - 00006248 _____ C:\Users\Dredglol\Documents\Track 2 - 8.sfk
2013-07-11 01:38 - 2013-07-11 01:38 - 00005072 _____ C:\Users\Dredglol\Documents\Track 2 - 9.sfk
2013-07-11 01:37 - 2013-07-11 01:38 - 01585114 _____ C:\Users\Dredglol\Documents\Track 2 - 8.wav
2013-07-11 01:37 - 2013-07-11 01:37 - 00005896 _____ C:\Users\Dredglol\Documents\Track 2 - 7.sfk
2013-07-11 01:36 - 2013-07-11 01:37 - 01494226 _____ C:\Users\Dredglol\Documents\Track 2 - 7.wav
2013-07-11 01:36 - 2013-07-11 01:36 - 01216010 _____ C:\Users\Dredglol\Documents\Track 2 - 6.wav
2013-07-11 01:36 - 2013-07-11 01:36 - 00004808 _____ C:\Users\Dredglol\Documents\Track 2 - 6.sfk
2013-07-11 01:36 - 2013-07-11 01:36 - 00002496 _____ C:\Users\Dredglol\Documents\Track 2 - 5.sfk
2013-07-11 01:34 - 2013-07-11 01:36 - 00624658 _____ C:\Users\Dredglol\Documents\Track 2 - 5.wav
2013-07-11 01:34 - 2013-07-11 01:34 - 01004106 _____ C:\Users\Dredglol\Documents\Track 2 - 4.wav
2013-07-11 01:34 - 2013-07-11 01:34 - 00004600 _____ C:\Users\Dredglol\Documents\Track 2 - 3.sfk
2013-07-11 01:34 - 2013-07-11 01:34 - 00003976 _____ C:\Users\Dredglol\Documents\Track 2 - 4.sfk
2013-07-11 01:31 - 2013-07-11 01:34 - 01164114 _____ C:\Users\Dredglol\Documents\Track 2 - 3.wav
2013-07-11 01:31 - 2013-07-11 01:31 - 00002144 _____ C:\Users\Dredglol\Documents\Track 2 - 2.sfk
2013-07-11 01:30 - 2013-07-11 01:31 - 00535390 _____ C:\Users\Dredglol\Documents\Track 2 - 2.wav
2013-07-11 01:30 - 2013-07-11 01:30 - 00478590 _____ C:\Users\Dredglol\Documents\Track 2 - 1.wav
2013-07-11 01:30 - 2013-07-11 01:30 - 00001928 _____ C:\Users\Dredglol\Documents\Track 2 - 1.sfk
2013-07-11 00:59 - 2013-07-11 01:23 - 00004519 _____ C:\Users\Dredglol\AppData\Roaming\CamStudio.cfg
2013-07-11 00:59 - 2013-07-11 01:23 - 00000408 _____ C:\Users\Dredglol\AppData\Roaming\CamShapes.ini
2013-07-11 00:59 - 2013-07-11 01:23 - 00000408 _____ C:\Users\Dredglol\AppData\Roaming\CamLayout.ini
2013-07-11 00:59 - 2013-07-11 01:23 - 00000100 _____ C:\Users\Dredglol\AppData\Roaming\Camdata.ini
2013-07-11 00:56 - 2013-07-11 00:59 - 00000000 ____D C:\Program Files (x86)\CamStudio 2.7
2013-07-10 23:56 - 2013-07-12 16:21 - 00699120 _____ C:\Users\Dredglol\Documents\GhettoFinalProjekt4.veg
2013-07-10 23:56 - 2013-07-11 00:33 - 00698648 _____ C:\Users\Dredglol\Documents\GhettoFinalProjekt4.veg.bak
2013-07-10 21:41 - 2005-07-14 12:31 - 00032256 ___SH C:\Windows\SysWOW64\AVSredirect.dll
2013-07-10 21:41 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2013-07-10 21:41 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\i420vfw.dll
2013-07-10 21:34 - 2013-07-10 21:55 - 00000000 ____D C:\Program Files (x86)\eRightSoft
2013-07-10 21:34 - 2013-07-10 21:34 - 00000000 ____D C:\Users\Dredglol\Documents\eRightSoft
2013-07-10 21:34 - 2004-10-10 09:50 - 00278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2013-07-10 21:34 - 2004-07-02 17:33 - 00327749 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drvc.dll
2013-07-10 19:18 - 2013-07-10 21:13 - 00527080 _____ C:\Users\Dredglol\Documents\GhettoFinalProjekt3.veg
2013-07-10 19:18 - 2013-07-10 20:08 - 00506728 _____ C:\Users\Dredglol\Documents\GhettoFinalProjekt3.veg.bak
2013-07-10 18:41 - 2013-07-10 18:41 - 00268936 _____ C:\Users\Dredglol\Documents\GhettoFinalProjekt2.veg
2013-07-10 16:50 - 2013-07-10 16:51 - 00015364 ____H C:\Users\Public\.DS_Store
2013-07-10 16:31 - 2013-07-10 16:31 - 02329530 _____ C:\Users\Dredglol\Documents\Track 5 - 4.wav
2013-07-10 16:31 - 2013-07-10 16:31 - 00009152 _____ C:\Users\Dredglol\Documents\Track 5 - 4.sfk
2013-07-10 16:31 - 2013-07-10 16:31 - 00008592 _____ C:\Users\Dredglol\Documents\Track 5 - 3.sfk
2013-07-10 16:30 - 2013-07-10 16:31 - 02185378 _____ C:\Users\Dredglol\Documents\Track 5 - 3.wav
2013-07-10 16:30 - 2013-07-10 16:30 - 01093546 _____ C:\Users\Dredglol\Documents\Track 5 - 1.wav
2013-07-10 16:30 - 2013-07-10 16:30 - 00578446 _____ C:\Users\Dredglol\Documents\Track 5 - 2.wav
2013-07-10 16:30 - 2013-07-10 16:30 - 00004328 _____ C:\Users\Dredglol\Documents\Track 5 - 1.sfk
2013-07-10 16:30 - 2013-07-10 16:30 - 00002312 _____ C:\Users\Dredglol\Documents\Track 5 - 2.sfk
2013-07-10 16:14 - 2013-07-10 18:35 - 00261888 _____ C:\Users\Dredglol\Documents\GhettoFinalProjekt.veg.bak
2013-07-10 16:14 - 2013-07-10 18:35 - 00261888 _____ C:\Users\Dredglol\Documents\GhettoFinalProjekt.veg
2013-07-10 15:02 - 2013-07-11 01:21 - 00000000 ____D C:\Users\Dredglol\Datentausch
2013-07-10 14:53 - 2013-07-10 14:53 - 00159512 _____ C:\Users\Dredglol\Documents\Untitled-5.psd
2013-07-10 01:37 - 2013-07-10 01:37 - 03900120 _____ C:\Users\Dredglol\Documents\whatever.psd
2013-07-10 01:37 - 2013-07-10 01:37 - 01593778 _____ C:\Users\Dredglol\Documents\crazy doc.psd
2013-07-09 15:18 - 2013-07-09 15:18 - 01091710 _____ C:\Users\Dredglol\Documents\Track 1 - 3.wav
2013-07-09 15:18 - 2013-07-09 15:18 - 00004320 _____ C:\Users\Dredglol\Documents\Track 1 - 3.sfk
2013-07-09 15:18 - 2013-07-09 15:18 - 00004200 _____ C:\Users\Dredglol\Documents\Track 1 - 2.sfk
2013-07-09 15:17 - 2013-07-09 15:18 - 01061134 _____ C:\Users\Dredglol\Documents\Track 1 - 2.wav
2013-07-09 15:17 - 2013-07-09 15:17 - 01054238 _____ C:\Users\Dredglol\Documents\Track 1 - 1.wav
2013-07-09 15:17 - 2013-07-09 15:17 - 00004176 _____ C:\Users\Dredglol\Documents\Track 1 - 1.sfk
2013-07-09 15:01 - 2013-07-09 15:01 - 11837897 _____ C:\Users\Dredglol\Documents\Untitled-2.psd
2013-07-09 15:00 - 2013-07-09 15:00 - 00189864 _____ C:\Users\Dredglol\Documents\Untitled.veg
2013-07-09 13:58 - 2013-07-09 13:58 - 11834737 _____ C:\Users\Dredglol\Documents\Untitled-1.psd
2013-07-09 12:35 - 2013-07-09 12:35 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2013-07-09 12:35 - 2013-07-09 12:35 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\WTablet
2013-07-09 12:35 - 2013-07-09 12:35 - 00000000 ____D C:\Program Files\TabletPlugins
2013-07-09 12:35 - 2013-07-09 12:35 - 00000000 ____D C:\Program Files\Tablet
2013-07-09 12:35 - 2013-07-09 12:35 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2013-07-09 12:35 - 2012-12-11 13:07 - 01981312 _____ (Wacom Technology, Corp.) C:\Windows\system32\Pen_Tablet.dll
2013-07-09 12:35 - 2012-12-11 13:07 - 01974144 _____ (Wacom Technology, Corp.) C:\Windows\system32\Pen_Touch_Tablet.dll
2013-07-09 12:35 - 2012-12-11 13:07 - 01843584 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2013-07-09 12:35 - 2012-12-11 13:07 - 01840000 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2013-07-09 12:35 - 2012-12-11 13:07 - 01628544 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Pen_Tablet.dll
2013-07-09 12:35 - 2012-12-11 13:07 - 01621888 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Pen_Touch_Tablet.dll
2013-07-09 12:35 - 2012-12-11 13:07 - 01509760 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2013-07-09 12:35 - 2012-12-11 13:07 - 01505664 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2013-07-09 12:35 - 2012-12-03 16:36 - 00081824 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2013-07-09 12:35 - 2012-12-03 16:36 - 00013728 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys
2013-07-09 12:35 - 2012-11-15 09:41 - 00015776 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2013-07-09 02:28 - 2013-07-10 18:19 - 00001456 _____ C:\Users\Dredglol\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-07-09 02:00 - 2013-07-09 02:00 - 00000132 _____ C:\Users\Dredglol\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-07-09 01:56 - 2013-07-09 01:56 - 00000000 ____D C:\Users\Dredglol\Documents\Adobe
2013-07-09 01:47 - 2013-07-09 01:47 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2013-07-09 01:44 - 2013-07-09 01:44 - 00003514 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Dredglol-PC-Dredglol
2013-07-09 01:41 - 2013-07-09 01:45 - 00000000 ____D C:\Program Files\Adobe
2013-07-09 01:41 - 2013-07-09 01:45 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-09 01:41 - 2013-07-09 01:41 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-07-09 01:40 - 2013-07-09 01:41 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-07-09 01:38 - 2013-07-09 02:00 - 00000000 ____D C:\ProgramData\Adobe
2013-07-07 11:40 - 2013-07-07 11:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2013-07-07 11:40 - 2013-07-07 11:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_rzendpt_01009.Wdf
2013-07-07 11:31 - 2013-07-07 11:40 - 00000000 ____D C:\Program Files (x86)\Razer
2013-07-07 11:31 - 2013-07-07 11:31 - 00000000 ____D C:\Users\Dredglol\AppData\Local\Razer
2013-07-07 11:31 - 2013-07-07 11:31 - 00000000 ____D C:\ProgramData\Razer
2013-07-04 13:50 - 2013-07-04 13:50 - 00000000 ____D C:\Users\Dredglol\AppData\Local\The Witcher 2
2013-07-03 12:20 - 2013-07-04 12:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 13:15 - 2013-07-02 13:15 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-07-02 00:44 - 2013-07-02 00:44 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-07-01 15:10 - 2013-07-01 19:44 - 00000000 ____D C:\Program Files (x86)\Arab-GB
2013-06-30 13:41 - 2013-07-15 19:05 - 00000000 ____D C:\Users\Dredglol\Documents\My Games
2013-06-30 04:23 - 2013-06-30 04:23 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-06-30 00:17 - 2013-06-30 00:17 - 00000000 ____D C:\ProgramData\ZeniMax Online Studios
2013-06-29 14:08 - 2013-06-29 14:08 - 00000000 ____D C:\Users\Dredglol\Documents\CAPCOM
2013-06-29 14:08 - 2013-06-29 14:08 - 00000000 ____D C:\ProgramData\Steam
2013-06-24 13:20 - 2013-06-24 13:20 - 00768000 _____ (Razer Inc) C:\Windows\SysWOW64\rzdevicedll.dll
2013-06-24 03:50 - 2013-06-24 03:50 - 00258048 _____ (Flo) C:\Users\Dredglol\Downloads\Vista-ShutdownTimer.exe
==================== One Month Modified Files and Folders =======
2013-07-24 13:22 - 2013-07-24 13:22 - 00000000 ____D C:\FRST
2013-07-24 13:22 - 2013-07-24 13:21 - 01779757 _____ (Farbar) C:\Users\Dredglol\Downloads\FRST64.exe
2013-07-24 12:58 - 2013-07-23 01:06 - 00009199 _____ C:\Users\Dredglol\Downloads\hijackthis.log
2013-07-24 12:49 - 2013-07-24 12:49 - 00049872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kkpvbxdj.sys
2013-07-24 12:49 - 2013-07-23 01:10 - 00000000 ____D C:\Windows\system32\MpEngineStore
2013-07-24 12:30 - 2013-07-11 13:20 - 00000000 ____D C:\Program Files (x86)\Steam
2013-07-24 11:34 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-24 11:34 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-24 11:31 - 2011-04-12 09:43 - 00696620 _____ C:\Windows\system32\perfh007.dat
2013-07-24 11:31 - 2011-04-12 09:43 - 00147916 _____ C:\Windows\system32\perfc007.dat
2013-07-24 11:31 - 2009-07-14 07:13 - 01612310 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-24 11:27 - 2012-12-13 11:36 - 00024227 _____ C:\Windows\setupact.log
2013-07-24 02:32 - 2013-06-19 17:15 - 00305721 _____ C:\Windows\WindowsUpdate.log
2013-07-24 02:00 - 2013-07-24 01:57 - 10401792 _____ C:\Users\Dredglol\Downloads\pso-pr-sample.avi
2013-07-23 06:25 - 2013-07-18 03:57 - 00000282 _____ C:\Windows\Tasks\MSIAfterburner.job
2013-07-23 04:43 - 2013-06-19 19:23 - 00170558 _____ C:\Windows\DirectX.log
2013-07-23 04:20 - 2013-07-20 22:12 - 00000000 ____D C:\Users\Dredglol\Documents\BioWare
2013-07-23 01:08 - 2013-07-23 01:08 - 00000000 ____D C:\Users\Dredglol\Downloads\backups
2013-07-23 01:06 - 2013-07-23 01:05 - 00388608 _____ (Trend Micro Inc.) C:\Users\Dredglol\Downloads\HiJackThis204.exe
2013-07-23 00:59 - 2013-07-23 00:59 - 00000402 _____ C:\Users\Dredglol\Desktop\Repair.bat
2013-07-23 00:57 - 2013-07-23 00:56 - 88568592 _____ (Microsoft Corporation) C:\Users\Dredglol\Downloads\msert.exe
2013-07-23 00:57 - 2013-07-19 19:15 - 00000236 _____ C:\Users\Dredglol\Neues Textdokument.txt
2013-07-23 00:53 - 2013-06-19 17:13 - 00000000 ____D C:\Users\Dredglol
2013-07-23 00:24 - 2013-07-16 15:07 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2013-07-23 00:24 - 2013-07-15 12:56 - 00000000 ____D C:\Users\Dredglol\Documents\Rockstar Games
2013-07-22 22:31 - 2013-06-19 19:14 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\Skype
2013-07-22 05:20 - 2013-06-21 12:07 - 00001080 _____ C:\Windows\system32\settingsbkup.sfm
2013-07-22 05:20 - 2013-06-21 12:07 - 00001080 _____ C:\Windows\system32\settings.sfm
2013-07-21 17:30 - 2013-06-19 18:33 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2013-07-21 12:02 - 2013-07-21 12:02 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-21 12:02 - 2013-07-21 12:02 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-21 12:02 - 2013-07-21 12:02 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-21 12:02 - 2013-07-21 12:02 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-21 12:02 - 2013-07-21 12:02 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-21 12:02 - 2013-07-21 12:02 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-21 12:02 - 2013-07-21 12:02 - 00000000 ____D C:\Program Files\Java
2013-07-21 01:10 - 2010-11-21 05:47 - 00202978 _____ C:\Windows\PFRO.log
2013-07-20 22:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-20 22:24 - 2013-07-17 12:08 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-07-20 18:52 - 2013-06-19 18:05 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-20 14:05 - 2013-07-19 17:08 - 00000000 ____D C:\Users\Dredglol\AppData\Local\PMB Files
2013-07-20 14:05 - 2013-07-19 17:07 - 00000000 ____D C:\ProgramData\PMB Files
2013-07-19 18:52 - 2013-07-19 18:52 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\LolClient
2013-07-19 17:08 - 2013-07-19 17:08 - 00001613 _____ C:\Users\Public\Desktop\Play League of Legends.lnk
2013-07-19 17:08 - 2013-07-19 17:08 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-07-19 17:08 - 2013-07-19 17:08 - 00000000 ____D C:\Riot Games
2013-07-19 17:07 - 2013-07-19 17:07 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\Riot Games
2013-07-19 17:07 - 2013-07-19 17:07 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-07-19 16:55 - 2013-06-19 19:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-19 16:55 - 2013-06-19 19:14 - 00000000 ____D C:\ProgramData\Skype
2013-07-19 02:19 - 2013-06-20 21:32 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\BitTorrent
2013-07-18 21:36 - 2013-07-18 21:32 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\.minecraft
2013-07-18 21:31 - 2013-07-18 21:31 - 00675988 _____ C:\Users\Dredglol\Desktop\Minecraft.exe
2013-07-17 20:51 - 2013-06-19 20:31 - 00003034 _____ C:\Windows\System32\Tasks\MSIAfterburner
2013-07-17 19:52 - 2013-07-17 12:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-17 16:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-17 15:50 - 2013-07-17 15:50 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\Malwarebytes
2013-07-17 15:49 - 2013-07-17 15:49 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-17 15:49 - 2013-07-17 15:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-17 15:49 - 2013-07-17 15:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-17 15:30 - 2013-07-17 15:30 - 00001696 _____ C:\AdwCleaner[S1].txt
2013-07-17 15:04 - 2013-07-12 17:50 - 00000000 ____D C:\Windows\system32\appmgmt
2013-07-17 14:14 - 2013-07-17 14:14 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\Ubisoft
2013-07-17 12:30 - 2013-07-17 12:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-17 12:30 - 2013-06-19 18:41 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-17 12:30 - 2013-06-19 18:41 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-17 12:16 - 2013-07-17 12:16 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2013-07-17 02:00 - 2013-06-19 18:40 - 00000000 ____D C:\Users\Dredglol\AppData\Local\Adobe
2013-07-16 23:07 - 2013-06-19 23:39 - 00000000 ____D C:\Program Files (x86)\MKVToolNix
2013-07-16 15:56 - 2013-07-16 15:56 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\Notepad++
2013-07-16 15:56 - 2013-07-16 15:56 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-07-16 15:56 - 2013-07-16 15:56 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-07-15 19:05 - 2013-06-30 13:41 - 00000000 ____D C:\Users\Dredglol\Documents\My Games
2013-07-15 19:01 - 2013-07-15 19:01 - 00002106 _____ C:\Users\Public\Desktop\Path of Exile.lnk
2013-07-15 19:01 - 2013-07-15 19:01 - 00000000 ____D C:\Program Files (x86)\Grinding Gear Games
2013-07-15 13:33 - 2013-07-20 12:42 - 15960440 _____ C:\Users\Dredglol\Desktop\MSIAfterburnerSetup300Beta11.exe
2013-07-15 12:57 - 2013-07-15 12:57 - 00000000 ____D C:\Users\Dredglol\AppData\Local\Chromium
2013-07-15 12:56 - 2013-07-15 12:56 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2013-07-15 12:51 - 2013-07-15 12:51 - 00000000 ____D C:\ProgramData\Rockstar Games
2013-07-14 11:24 - 2013-07-14 11:24 - 00000219 _____ C:\Users\Dredglol\Desktop\Dota 2.url
2013-07-14 04:17 - 2013-06-19 20:59 - 00000000 ____D C:\Users\Dredglol\Documents\Heroes of Newerth
2013-07-13 16:30 - 2013-07-13 16:30 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-13 16:30 - 2013-07-13 16:30 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-13 16:30 - 2013-07-13 16:30 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-13 16:30 - 2013-07-13 16:30 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-13 16:30 - 2013-07-13 16:30 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-13 16:30 - 2013-07-13 16:30 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-13 16:30 - 2013-07-13 16:30 - 00000000 ____D C:\ProgramData\Sun
2013-07-13 16:30 - 2013-07-13 16:30 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-13 12:37 - 2013-07-13 12:11 - 00000000 ____D C:\Program Files (x86)\Games
2013-07-13 12:17 - 2013-07-13 12:17 - 00000000 ____D C:\Users\Dredglol\AppData\Local\My Games
2013-07-12 16:48 - 2013-06-19 23:37 - 00000000 ____D C:\Program Files (x86)\Megui 32 Bit
2013-07-12 16:32 - 2013-07-12 16:32 - 00000000 ____D C:\Users\Dredglol\AppData\Local\SmartFTP
2013-07-12 16:21 - 2013-07-10 23:56 - 00699120 _____ C:\Users\Dredglol\Documents\GhettoFinalProjekt4.veg
2013-07-12 16:14 - 2013-07-11 02:08 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\Audacity
2013-07-12 15:09 - 2013-07-12 15:09 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\SmartFTP
2013-07-12 15:09 - 2013-07-12 15:09 - 00000000 ____D C:\Users\Dredglol\AppData\Local\SmartFTP Client 4.1 Setup
2013-07-12 14:15 - 2013-06-19 20:59 - 00000000 ____D C:\Program Files (x86)\Heroes of Newerth
2013-07-11 13:21 - 2013-07-11 13:21 - 00000000 ____D C:\Program Files (x86)\dumps
2013-07-11 13:20 - 2013-07-11 13:20 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk
2013-07-11 13:15 - 2013-07-11 13:15 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-11 13:15 - 2013-06-19 18:30 - 00000000 ____D C:\Program Files\WinRAR-x64
2013-07-11 02:15 - 2013-07-11 02:15 - 00387832 _____ C:\Users\Dredglol\Documents\Stapelverarbeitung.veg
2013-07-11 02:08 - 2013-07-11 02:08 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-07-11 02:04 - 2013-07-11 02:04 - 00004984 _____ C:\Users\Dredglol\Documents\Track 2 - 26.sfk
2013-07-11 02:04 - 2013-07-11 02:03 - 01261942 _____ C:\Users\Dredglol\Documents\Track 2 - 26.wav
2013-07-11 02:03 - 2013-07-11 02:03 - 00634986 _____ C:\Users\Dredglol\Documents\Track 2 - 25.wav
2013-07-11 02:03 - 2013-07-11 02:03 - 00002608 _____ C:\Users\Dredglol\Documents\Track 2 - 24.sfk
2013-07-11 02:03 - 2013-07-11 02:03 - 00002536 _____ C:\Users\Dredglol\Documents\Track 2 - 25.sfk
2013-07-11 02:03 - 2013-07-11 01:59 - 00654110 _____ C:\Users\Dredglol\Documents\Track 2 - 24.wav
2013-07-11 01:59 - 2013-07-11 01:59 - 00871726 _____ C:\Users\Dredglol\Documents\Track 2 - 23.wav
2013-07-11 01:59 - 2013-07-11 01:59 - 00003656 _____ C:\Users\Dredglol\Documents\Track 2 - 22.sfk
2013-07-11 01:59 - 2013-07-11 01:59 - 00003464 _____ C:\Users\Dredglol\Documents\Track 2 - 23.sfk
2013-07-11 01:59 - 2013-07-11 01:58 - 00922070 _____ C:\Users\Dredglol\Documents\Track 2 - 22.wav
2013-07-11 01:58 - 2013-07-11 01:58 - 00004920 _____ C:\Users\Dredglol\Documents\Track 2 - 21.sfk
2013-07-11 01:58 - 2013-07-11 01:56 - 01245214 _____ C:\Users\Dredglol\Documents\Track 2 - 21.wav
2013-07-11 01:56 - 2013-07-11 01:56 - 01890618 _____ C:\Users\Dredglol\Documents\Track 2 - 20.wav
2013-07-11 01:56 - 2013-07-11 01:56 - 00007440 _____ C:\Users\Dredglol\Documents\Track 2 - 20.sfk
2013-07-11 01:56 - 2013-07-11 01:56 - 00007000 _____ C:\Users\Dredglol\Documents\Track 2 - 19.sfk
2013-07-11 01:56 - 2013-07-11 01:53 - 01777526 _____ C:\Users\Dredglol\Documents\Track 2 - 19.wav
2013-07-11 01:53 - 2013-07-11 01:53 - 00002912 _____ C:\Users\Dredglol\Documents\Track 2 - 18.sfk
2013-07-11 01:53 - 2013-07-11 01:52 - 00731650 _____ C:\Users\Dredglol\Documents\Track 2 - 18.wav
2013-07-11 01:52 - 2013-07-11 01:52 - 01821362 _____ C:\Users\Dredglol\Documents\Track 2 - 17.wav
2013-07-11 01:52 - 2013-07-11 01:52 - 00007176 _____ C:\Users\Dredglol\Documents\Track 2 - 16.sfk
2013-07-11 01:52 - 2013-07-11 01:52 - 00007168 _____ C:\Users\Dredglol\Documents\Track 2 - 17.sfk
2013-07-11 01:52 - 2013-07-11 01:47 - 01823250 _____ C:\Users\Dredglol\Documents\Track 2 - 16.wav
2013-07-11 01:47 - 2013-07-11 01:47 - 00003800 _____ C:\Users\Dredglol\Documents\Track 2 - 15.sfk
2013-07-11 01:47 - 2013-07-11 01:46 - 00958394 _____ C:\Users\Dredglol\Documents\Track 2 - 15.wav
2013-07-11 01:46 - 2013-07-11 01:46 - 00003272 _____ C:\Users\Dredglol\Documents\Track 2 - 14.sfk
2013-07-11 01:46 - 2013-07-11 01:43 - 00822954 _____ C:\Users\Dredglol\Documents\Track 2 - 14.wav
2013-07-11 01:43 - 2013-07-11 01:43 - 00003856 _____ C:\Users\Dredglol\Documents\Track 2 - 13.sfk
2013-07-11 01:43 - 2013-07-11 01:42 - 00972002 _____ C:\Users\Dredglol\Documents\Track 2 - 13.wav
2013-07-11 01:42 - 2013-07-11 01:42 - 00005008 _____ C:\Users\Dredglol\Documents\Track 2 - 12.sfk
2013-07-11 01:42 - 2013-07-11 01:40 - 01268326 _____ C:\Users\Dredglol\Documents\Track 2 - 12.wav
2013-07-11 01:40 - 2013-07-11 01:40 - 00005680 _____ C:\Users\Dredglol\Documents\Track 2 - 11.sfk
2013-07-11 01:40 - 2013-07-11 01:39 - 01440038 _____ C:\Users\Dredglol\Documents\Track 2 - 11.wav
2013-07-11 01:39 - 2013-07-11 01:39 - 00004568 _____ C:\Users\Dredglol\Documents\Track 2 - 10.sfk
2013-07-11 01:39 - 2013-07-11 01:38 - 01154574 _____ C:\Users\Dredglol\Documents\Track 2 - 10.wav
2013-07-11 01:38 - 2013-07-11 01:38 - 01283462 _____ C:\Users\Dredglol\Documents\Track 2 - 9.wav
2013-07-11 01:38 - 2013-07-11 01:38 - 00006248 _____ C:\Users\Dredglol\Documents\Track 2 - 8.sfk
2013-07-11 01:38 - 2013-07-11 01:38 - 00005072 _____ C:\Users\Dredglol\Documents\Track 2 - 9.sfk
2013-07-11 01:38 - 2013-07-11 01:37 - 01585114 _____ C:\Users\Dredglol\Documents\Track 2 - 8.wav
2013-07-11 01:37 - 2013-07-11 01:37 - 00005896 _____ C:\Users\Dredglol\Documents\Track 2 - 7.sfk
2013-07-11 01:37 - 2013-07-11 01:36 - 01494226 _____ C:\Users\Dredglol\Documents\Track 2 - 7.wav
2013-07-11 01:36 - 2013-07-11 01:36 - 01216010 _____ C:\Users\Dredglol\Documents\Track 2 - 6.wav
2013-07-11 01:36 - 2013-07-11 01:36 - 00004808 _____ C:\Users\Dredglol\Documents\Track 2 - 6.sfk
2013-07-11 01:36 - 2013-07-11 01:36 - 00002496 _____ C:\Users\Dredglol\Documents\Track 2 - 5.sfk
2013-07-11 01:36 - 2013-07-11 01:34 - 00624658 _____ C:\Users\Dredglol\Documents\Track 2 - 5.wav
2013-07-11 01:34 - 2013-07-11 01:34 - 01004106 _____ C:\Users\Dredglol\Documents\Track 2 - 4.wav
2013-07-11 01:34 - 2013-07-11 01:34 - 00004600 _____ C:\Users\Dredglol\Documents\Track 2 - 3.sfk
2013-07-11 01:34 - 2013-07-11 01:34 - 00003976 _____ C:\Users\Dredglol\Documents\Track 2 - 4.sfk
2013-07-11 01:34 - 2013-07-11 01:31 - 01164114 _____ C:\Users\Dredglol\Documents\Track 2 - 3.wav
2013-07-11 01:31 - 2013-07-11 01:31 - 00002144 _____ C:\Users\Dredglol\Documents\Track 2 - 2.sfk
2013-07-11 01:31 - 2013-07-11 01:30 - 00535390 _____ C:\Users\Dredglol\Documents\Track 2 - 2.wav
2013-07-11 01:30 - 2013-07-11 01:30 - 00478590 _____ C:\Users\Dredglol\Documents\Track 2 - 1.wav
2013-07-11 01:30 - 2013-07-11 01:30 - 00001928 _____ C:\Users\Dredglol\Documents\Track 2 - 1.sfk
2013-07-11 01:23 - 2013-07-11 00:59 - 00004519 _____ C:\Users\Dredglol\AppData\Roaming\CamStudio.cfg
2013-07-11 01:23 - 2013-07-11 00:59 - 00000408 _____ C:\Users\Dredglol\AppData\Roaming\CamShapes.ini
2013-07-11 01:23 - 2013-07-11 00:59 - 00000408 _____ C:\Users\Dredglol\AppData\Roaming\CamLayout.ini
2013-07-11 01:23 - 2013-07-11 00:59 - 00000100 _____ C:\Users\Dredglol\AppData\Roaming\Camdata.ini
2013-07-11 01:21 - 2013-07-10 15:02 - 00000000 ____D C:\Users\Dredglol\Datentausch
2013-07-11 00:59 - 2013-07-11 00:56 - 00000000 ____D C:\Program Files (x86)\CamStudio 2.7
2013-07-11 00:33 - 2013-07-10 23:56 - 00698648 _____ C:\Users\Dredglol\Documents\GhettoFinalProjekt4.veg.bak
2013-07-10 21:55 - 2013-07-10 21:34 - 00000000 ____D C:\Program Files (x86)\eRightSoft
2013-07-10 21:34 - 2013-07-10 21:34 - 00000000 ____D C:\Users\Dredglol\Documents\eRightSoft
2013-07-10 21:13 - 2013-07-10 19:18 - 00527080 _____ C:\Users\Dredglol\Documents\GhettoFinalProjekt3.veg
2013-07-10 20:08 - 2013-07-10 19:18 - 00506728 _____ C:\Users\Dredglol\Documents\GhettoFinalProjekt3.veg.bak
2013-07-10 18:41 - 2013-07-10 18:41 - 00268936 _____ C:\Users\Dredglol\Documents\GhettoFinalProjekt2.veg
2013-07-10 18:35 - 2013-07-10 16:14 - 00261888 _____ C:\Users\Dredglol\Documents\GhettoFinalProjekt.veg.bak
2013-07-10 18:35 - 2013-07-10 16:14 - 00261888 _____ C:\Users\Dredglol\Documents\GhettoFinalProjekt.veg
2013-07-10 18:19 - 2013-07-09 02:28 - 00001456 _____ C:\Users\Dredglol\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-07-10 18:12 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-07-10 16:51 - 2013-07-10 16:50 - 00015364 ____H C:\Users\Public\.DS_Store
2013-07-10 16:31 - 2013-07-10 16:31 - 02329530 _____ C:\Users\Dredglol\Documents\Track 5 - 4.wav
2013-07-10 16:31 - 2013-07-10 16:31 - 00009152 _____ C:\Users\Dredglol\Documents\Track 5 - 4.sfk
2013-07-10 16:31 - 2013-07-10 16:31 - 00008592 _____ C:\Users\Dredglol\Documents\Track 5 - 3.sfk
2013-07-10 16:31 - 2013-07-10 16:30 - 02185378 _____ C:\Users\Dredglol\Documents\Track 5 - 3.wav
2013-07-10 16:30 - 2013-07-10 16:30 - 01093546 _____ C:\Users\Dredglol\Documents\Track 5 - 1.wav
2013-07-10 16:30 - 2013-07-10 16:30 - 00578446 _____ C:\Users\Dredglol\Documents\Track 5 - 2.wav
2013-07-10 16:30 - 2013-07-10 16:30 - 00004328 _____ C:\Users\Dredglol\Documents\Track 5 - 1.sfk
2013-07-10 16:30 - 2013-07-10 16:30 - 00002312 _____ C:\Users\Dredglol\Documents\Track 5 - 2.sfk
2013-07-10 14:53 - 2013-07-10 14:53 - 00159512 _____ C:\Users\Dredglol\Documents\Untitled-5.psd
2013-07-10 01:37 - 2013-07-10 01:37 - 03900120 _____ C:\Users\Dredglol\Documents\whatever.psd
2013-07-10 01:37 - 2013-07-10 01:37 - 01593778 _____ C:\Users\Dredglol\Documents\crazy doc.psd
2013-07-09 15:18 - 2013-07-09 15:18 - 01091710 _____ C:\Users\Dredglol\Documents\Track 1 - 3.wav
2013-07-09 15:18 - 2013-07-09 15:18 - 00004320 _____ C:\Users\Dredglol\Documents\Track 1 - 3.sfk
2013-07-09 15:18 - 2013-07-09 15:18 - 00004200 _____ C:\Users\Dredglol\Documents\Track 1 - 2.sfk
2013-07-09 15:18 - 2013-07-09 15:17 - 01061134 _____ C:\Users\Dredglol\Documents\Track 1 - 2.wav
2013-07-09 15:17 - 2013-07-09 15:17 - 01054238 _____ C:\Users\Dredglol\Documents\Track 1 - 1.wav
2013-07-09 15:17 - 2013-07-09 15:17 - 00004176 _____ C:\Users\Dredglol\Documents\Track 1 - 1.sfk
2013-07-09 15:01 - 2013-07-09 15:01 - 11837897 _____ C:\Users\Dredglol\Documents\Untitled-2.psd
2013-07-09 15:00 - 2013-07-09 15:00 - 00189864 _____ C:\Users\Dredglol\Documents\Untitled.veg
2013-07-09 13:58 - 2013-07-09 13:58 - 11834737 _____ C:\Users\Dredglol\Documents\Untitled-1.psd
2013-07-09 12:35 - 2013-07-09 12:35 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2013-07-09 12:35 - 2013-07-09 12:35 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\WTablet
2013-07-09 12:35 - 2013-07-09 12:35 - 00000000 ____D C:\Program Files\TabletPlugins
2013-07-09 12:35 - 2013-07-09 12:35 - 00000000 ____D C:\Program Files\Tablet
2013-07-09 12:35 - 2013-07-09 12:35 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2013-07-09 11:09 - 2009-07-14 06:45 - 04914048 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-09 02:27 - 2013-06-19 18:41 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\Adobe
2013-07-09 02:00 - 2013-07-09 02:00 - 00000132 _____ C:\Users\Dredglol\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-07-09 02:00 - 2013-07-09 01:38 - 00000000 ____D C:\ProgramData\Adobe
2013-07-09 01:59 - 2013-06-19 19:24 - 00000000 ____D C:\Program Files\MPC-HC
2013-07-09 01:56 - 2013-07-09 01:56 - 00000000 ____D C:\Users\Dredglol\Documents\Adobe
2013-07-09 01:47 - 2013-07-09 01:47 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2013-07-09 01:45 - 2013-07-09 01:41 - 00000000 ____D C:\Program Files\Adobe
2013-07-09 01:45 - 2013-07-09 01:41 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-09 01:44 - 2013-07-09 01:44 - 00003514 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Dredglol-PC-Dredglol
2013-07-09 01:43 - 2013-06-19 18:10 - 00058464 _____ C:\Users\Dredglol\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-09 01:41 - 2013-07-09 01:41 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-07-09 01:41 - 2013-07-09 01:40 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-07-07 11:40 - 2013-07-07 11:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2013-07-07 11:40 - 2013-07-07 11:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_rzendpt_01009.Wdf
2013-07-07 11:40 - 2013-07-07 11:31 - 00000000 ____D C:\Program Files (x86)\Razer
2013-07-07 11:40 - 2013-06-19 18:55 - 00092290 _____ C:\Windows\DPINST.LOG
2013-07-07 11:31 - 2013-07-07 11:31 - 00000000 ____D C:\Users\Dredglol\AppData\Local\Razer
2013-07-07 11:31 - 2013-07-07 11:31 - 00000000 ____D C:\ProgramData\Razer
2013-07-05 12:22 - 2013-06-19 18:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-04 13:50 - 2013-07-04 13:50 - 00000000 ____D C:\Users\Dredglol\AppData\Local\The Witcher 2
2013-07-04 12:54 - 2013-07-03 12:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 13:15 - 2013-07-02 13:15 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-07-02 00:44 - 2013-07-02 00:44 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-07-01 19:44 - 2013-07-01 15:10 - 00000000 ____D C:\Program Files (x86)\Arab-GB
2013-07-01 15:20 - 2013-06-19 19:21 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-07-01 15:09 - 2013-06-19 18:14 - 00000000 ____D C:\Users\Dredglol\AppData\Roaming\DAEMON Tools Lite
2013-06-30 04:23 - 2013-06-30 04:23 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-06-30 00:17 - 2013-06-30 00:17 - 00000000 ____D C:\ProgramData\ZeniMax Online Studios
2013-06-29 14:08 - 2013-06-29 14:08 - 00000000 ____D C:\Users\Dredglol\Documents\CAPCOM
2013-06-29 14:08 - 2013-06-29 14:08 - 00000000 ____D C:\ProgramData\Steam
2013-06-26 12:11 - 2013-06-19 20:21 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-06-24 13:20 - 2013-06-24 13:20 - 00768000 _____ (Razer Inc) C:\Windows\SysWOW64\rzdevicedll.dll
2013-06-24 03:50 - 2013-06-24 03:50 - 00258048 _____ (Flo) C:\Users\Dredglol\Downloads\Vista-ShutdownTimer.exe
ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini
ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-3313348296-2172988495-2078389442-1001\$d2944aef0cd029843f072ca6c1a3ac3f
ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$d2944aef0cd029843f072ca6c1a3ac3f
Files to move or delete:
====================
C:\ProgramData\dxajpxgzx.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-15 05:37
==================== End Of Log ============================
--- --- ---
--- --- ---
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-07-2013
Ran by Dredglol at 2013-07-24 13:22:38
Running from C:\Users\Dredglol\Downloads
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Photoshop CS6 (x32 Version: 13.0)
AMD Accelerated Video Transcoding (Version: 13.10.100.30604)
AMD Catalyst Control Center (x32 Version: 2013.0604.1838.31590)
AMD Catalyst Install Manager (Version: 8.0.915.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2013.0604.1838.31590)
AMD Media Foundation Decoders (Version: 1.0.80604.1838)
AMD Steady Video Plug-In (Version: 2.06.0000)
AMD Wireless Display v3.0 (Version: 1.0.0.12)
Application Profiles (x32 Version: 2.0.4888.34279)
Audacity 2.0.3 (x32 Version: 2.0.3)
Avira Free Antivirus (x32 Version: 13.0.0.3884)
AviSynth 2.5 (x32)
BitTorrent (x32 Version: 7.8.0.29676)
CamStudio Lossless Codec v1.5 (x32 Version: 1.5)
CamStudio version 2.7 (x32 Version: 2.7)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0604.1838.31590)
Catalyst Control Center InstallProxy (x32 Version: 2013.0604.1838.31590)
Catalyst Control Center Localization All (x32 Version: 2013.0604.1838.31590)
CCC Help Chinese Standard (x32 Version: 2013.0604.1837.31590)
CCC Help Chinese Traditional (x32 Version: 2013.0604.1837.31590)
CCC Help Czech (x32 Version: 2013.0604.1837.31590)
CCC Help Danish (x32 Version: 2013.0604.1837.31590)
CCC Help Dutch (x32 Version: 2013.0604.1837.31590)
CCC Help English (x32 Version: 2013.0604.1837.31590)
CCC Help Finnish (x32 Version: 2013.0604.1837.31590)
CCC Help French (x32 Version: 2013.0604.1837.31590)
CCC Help German (x32 Version: 2013.0604.1837.31590)
CCC Help Greek (x32 Version: 2013.0604.1837.31590)
CCC Help Hungarian (x32 Version: 2013.0604.1837.31590)
CCC Help Italian (x32 Version: 2013.0604.1837.31590)
CCC Help Japanese (x32 Version: 2013.0604.1837.31590)
CCC Help Korean (x32 Version: 2013.0604.1837.31590)
CCC Help Norwegian (x32 Version: 2013.0604.1837.31590)
CCC Help Polish (x32 Version: 2013.0604.1837.31590)
CCC Help Portuguese (x32 Version: 2013.0604.1837.31590)
CCC Help Russian (x32 Version: 2013.0604.1837.31590)
CCC Help Spanish (x32 Version: 2013.0604.1837.31590)
CCC Help Swedish (x32 Version: 2013.0604.1837.31590)
CCC Help Thai (x32 Version: 2013.0604.1837.31590)
CCC Help Turkish (x32 Version: 2013.0604.1837.31590)
ccc-utility64 (Version: 2013.0604.1838.31590)
Core Temp 1.0 RC5 (Version: 1.0)
Creative Audio-Systemsteuerung (x32 Version: 3.00)
Creative Software AutoUpdate (x32 Version: 1.41)
Creative Sound Blaster Properties x64 Edition (x32 Version: 1.03)
DAEMON Tools Lite (x32 Version: 4.47.1.0333)
DebugMode FrameServer (x32)
Dota 2 (x32)
Fraps (remove only) (x32)
Heroes of Newerth (x32 Version: 2.3.0)
IrfanView (remove only) (x32 Version: 4.35)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
League of Legends (x32 Version: 3.0.1)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Marvell Miniport Driver (x32 Version: 11.24.10.3)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
MKVToolNix 6.2.0 (x32 Version: 6.2.0)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MPC-HC 1.6.8 (64-bit) (Version: 1.6.8.7417)
MSI Afterburner 3.0.0 Beta 11 (x32 Version: 3.0.0 Beta 11)
MSVCRT Redists (Version: 1.0)
Notepad++ (x32 Version: 6.4.2)
NVIDIA PhysX (x32 Version: 9.12.0213)
Pando Media Booster (x32 Version: 2.6.0.7)
Path of Exile (x32 Version: 0.11.1.25969)
PDF Settings CS6 (x32 Version: 11.0)
Razer Synapse 2.0 (x32 Version: 1.11.3)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0)
Rockstar Games Social Club (x32 Version: 1.1.0.1)
rosoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Skype™ 6.6 (x32 Version: 6.6.106)
Steam (x32 Version: 1.0.0.0)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Vegas Pro 12.0 (64-bit) (Version: 12.0.563)
Wacom (Version: 5.3.2-1)
WebTablet FB Plugin 32 bit (x32 Version: 2.1.0.2)
WebTablet FB Plugin 64 bit (Version: 2.1.0.2)
Winamp (x32 Version: 5.64 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
==================== Restore Points =========================
22-07-2013 22:49:29 DirectX wurde installiert
23-07-2013 02:42:49 DirectX wurde installiert
24-07-2013 10:31:35 Removed Java 7 Update 25
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {29DB5D10-F9E3-4D95-8078-415F12A29554} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-17] (Adobe Systems Incorporated)
Task: {82F72F25-6090-4E9B-A502-4F3206920261} - System32\Tasks\AdobeAAMUpdater-1.0-Dredglol-PC-Dredglol => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {AE8F4FC4-47BA-4BBD-A7AB-97BB5BF3B702} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2013-07-15] ()
Task: {C6B018DD-45D1-4EA5-982F-4C6280ACE431} - System32\Tasks\{D0C0DD2C-599C-4940-B643-997C49BF522B} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-07-03] (Mozilla Corporation)
Task: {ED955356-A149-4303-A34A-E44F86FFB81E} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\MSIAfterburner.job => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/24/2013 11:29:29 AM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (07/23/2013 01:24:34 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (07/23/2013 01:13:33 AM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (07/23/2013 00:52:18 AM) (Source: Application Hang) (User: )
Description: Programm avscan.exe, Version 13.6.0.1722 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 6c0
Startzeit: 01ce872aa42aaa0a
Endzeit: 60000
Anwendungspfad: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
Berichts-ID: 31f04275-f321-11e2-8a70-20cf3021426f
Error: (07/23/2013 00:24:13 AM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (07/22/2013 00:37:25 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (07/21/2013 11:53:50 AM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (07/21/2013 01:25:59 AM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
System errors:
=============
Error: (07/24/2013 11:36:04 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2147024891
Error: (07/24/2013 11:36:04 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891
Error: (07/24/2013 11:27:45 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:
%%1060
Error: (07/24/2013 11:27:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
Error: (07/24/2013 11:27:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
Error: (07/23/2013 00:22:38 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891
Error: (07/23/2013 00:22:38 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2147024891
Error: (07/23/2013 00:22:26 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
Error: (07/23/2013 00:22:26 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
Error: (07/23/2013 00:22:25 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:
%%1060
Microsoft Office Sessions:
=========================
Error: (07/24/2013 11:29:29 AM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/23/2013 01:24:34 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/23/2013 01:13:33 AM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/23/2013 00:52:18 AM) (Source: Application Hang)(User: )
Description: avscan.exe13.6.0.17226c001ce872aa42aaa0a60000C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe31f04275-f321-11e2-8a70-20cf3021426f
Error: (07/23/2013 00:24:13 AM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/22/2013 00:37:25 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/21/2013 11:53:50 AM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/21/2013 01:25:59 AM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2012-12-13 10:29:15.841
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-12-13 10:23:12.616
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-12-13 10:23:12.257
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-12-13 10:23:12.148
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-12-13 10:23:12.023
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-12-13 10:20:10.908
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-12-13 10:15:21.549
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-12-13 10:03:42.638
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-12-13 08:48:30.951
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-12-13 08:33:55.490
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 33%
Total physical RAM: 8174.11 MB
Available physical RAM: 5415.03 MB
Total Pagefile: 16346.42 MB
Available Pagefile: 13199.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:30.58 GB) NTFS (Disk=0 Partition=2)
Drive d: () (Fixed) (Total:931.51 GB) (Free:905.16 GB) NTFS (Disk=1 Partition=1)
Drive f: (USB20FD) (Removable) (Total:30.23 GB) (Free:29.22 GB) NTFS (Disk=2 Partition=1)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 106B4964)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 106B4979)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 30 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=30 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
WARNUNG an die MITLESER: 