Trojaner-Board - Windows update / net framework 4 installation / viren

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-08-2013

Ran by STONED (administrator) on 07-08-2013 14:18:52

Running from F:\Download

Windows Vista (TM) Ultimate Service Pack 2 (X64) OS Language: German Standard

Internet Explorer Version 7

Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

(AMD) C:\Windows\system32\atiesrxx.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(AMD) C:\Windows\system32\atieclxx.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

() C:\Program Files\EslWire\service\WireHelperSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe

(PostgreSQL Global Development Group) F:\psostgresql\bin\pg_ctl.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

(PostgreSQL Global Development Group) F:\psostgresql\bin\postgres.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(PostgreSQL Global Development Group) F:\psostgresql\bin\postgres.exe

(PostgreSQL Global Development Group) F:\psostgresql\bin\postgres.exe

(PostgreSQL Global Development Group) F:\psostgresql\bin\postgres.exe

(PostgreSQL Global Development Group) F:\psostgresql\bin\postgres.exe

(PostgreSQL Global Development Group) F:\psostgresql\bin\postgres.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Valve Corporation) D:\Steam\Steam.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Valve Corporation) D:\Steam\GameOverlayUI.exe

(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\avcenter.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(Turtle Entertainment GmbH) C:\Program Files\EslWire\wire.exe

() C:\Program Files\EslWire\dbus-daemon.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Adobe Systems Incorporated) E:\Adobe Reader\Reader\AcroRd32.exe

(PokerStars) C:\Program Files (x86)\PokerStars\PokerStars.exe

(TeamSpeak Systems GmbH) E:\ts3\ts3client_win32.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [6962720 2009-01-06] (Realtek Semiconductor)

HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-01-06] (Realtek Semiconductor Corp.)

HKLM\...\Run: [C:\Windows\system32\V0230Ext.ax] - C:\Windows\system32\RegSvr32.exe [15872 2006-11-02] (Microsoft Corporation)

MountPoints2: {9969b1b5-c853-11de-8f08-00ff01000001} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL davID.exE

MountPoints2: {b1982cd1-06f7-11e0-a653-00ff01000001} - J:\AutoRun.exe

MountPoints2: {b48894f6-ec02-11df-9894-00ff01000001} - J:\AutoRun.exe

MountPoints2: {c065ebb4-06c5-11e0-a3c5-00ff01000001} - J:\AutoRun.exe

MountPoints2: {e2f14103-eb4d-11df-aaaa-806e6f6e6963} - K:\AutoRun.exe

MountPoints2: {e2f14152-eb4d-11df-aaaa-00ff01000001} - J:\AutoRun.exe

MountPoints2: {eee556b6-4fa0-11de-bd47-001966902c46} - J:\Autorun.exe

HKLM-x32\...\Run: [C:\Windows\SysWOW64\V0230Ext.ax] - C:\Windows\system32\RegSvr32.exe [15872 2006-11-02] (Microsoft Corporation)

HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-12-05] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-25] (Avira Operations GmbH & Co. KG)

HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [2438656 2009-04-11] (Microsoft Corporation)

SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll (Microsoft Corporation)

SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.orbitdownloader.com

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

SearchScopes: HKCU - DefaultScope {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

SearchScopes: HKCU - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = hxxp://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60341

SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\SPYBOT~1\SDHelper.dll (Safer Networking Limited)

BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)

BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL (Symantec Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)

Toolbar: HKCU - No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} -  No File

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File

DPF: HKLM-x32 {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: HKLM-x32 {C212D449-8B3C-41F2-BD9A-047BD770550F} hxxp://www.fiaa.eu/OPLauncher.cab

DPF: HKLM-x32 {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} 

DPF: HKLM-x32 {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
 

Hosts: Hosts file not detected in the default directory

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default

FF user.js: detected! => C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\user.js

FF Homepage: startpage.com

FF Keyword.URL: hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.2&q=

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()

FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File

FF Plugin-x32: @comrade.gamespy.com/comrade - C:\Program Files (x86)\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)

FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)

FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 - C:\Users\STONED\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1002170-0-npoctoshape.dll (Octoshape ApS)

FF SearchPlugin: C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\searchplugins\find-flash-in-web.xml

FF SearchPlugin: C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\searchplugins\searchplugins-backup

FF Extension: No Name - C:\Users\STONED\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

FF Extension: No Name - C:\Users\STONED\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

FF Extension: Battlefield Heroes Updater - C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\Extensions\battlefieldheroespatcher@ea.com

FF Extension: SpeedFox - C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\Extensions\jid1-uabu5A9hduqzCw@jetpack

FF Extension: Yontoo - C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\Extensions\plugin@yontoo.com

FF Extension: EPUBReader - C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}

FF Extension: DownloadHelper - C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

FF Extension: FoxLingo - C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}

FF Extension: No Name - C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi

FF Extension: No Name - C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\Extensions\{29852C08-1E91-4889-A6BF-C77F91D6A8F3}.xpi

FF Extension: No Name - C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\Extensions\{bb117431-63c1-4a4d-8e4e-47f02268b2c6}.xpi

FF Extension: No Name - C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\

FF Extension: Norton IPS - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\

FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6

FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6

FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Nightly\firefox.exe
 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com

CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\gcswf32.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File

CHR Plugin: (Octoshape Streaming Services) - C:\Users\STONED\AppData\Roaming\Mozilla\plugins\npoctoshape.dll (Octoshape ApS)

CHR Plugin: (Octoshape Streaming Services) - C:\Users\STONED\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1002170-0-npoctoshape.dll (Octoshape ApS)

CHR Plugin: (Adobe Acrobat) - E:\Adobe Reader\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - E:\Mozilla Firefox\plugins\npdeployJava1.dll No File

CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

CHR Plugin: (NPOP7Plugin) - E:\Mozilla Firefox\plugins\NPOP7PlugIn.dll (AB)

CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)

CHR Plugin: (Comrade Plugin) - C:\Program Files (x86)\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File

CHR Plugin: (Pay-Per-Frag Game Launcher) - C:\Program Files (x86)\payperfrag\Pay-per-frag\NPPayPerFragPlugin.dll No File

CHR Plugin: (QUAKE LIVE) - C:\ProgramData\id Software\QuakeLive\npquakezero.dll No File

CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
 

==================== Services (Whitelisted) =================
 

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-11-16] (Advanced Micro Devices, Inc.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-25] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-25] (Avira Operations GmbH & Co. KG)

S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-07-25] (Avira Operations GmbH & Co. KG)

S4 Apache2.4; c:\apache\Apache24\bin\httpd.exe [24576 2012-04-10] (Apache Software Foundation)

S4 dlbk_device; C:\Windows\system32\dlbkcoms.exe [567280 2007-03-28] ( )

R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2013-06-11] ()

R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29178224 2007-02-10] (Microsoft Corporation)

R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [126400 2011-08-04] (Symantec Corporation)

S4 nlsvc; E:\NetLimiter 2 Monitor\nlsvc.exe [817152 2010-03-25] (Locktime Software)

S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4330168 2011-05-11] (INCA Internet Co., Ltd.)

R2 pgsql-8.3; F:\psostgresql\bin\pg_ctl.exe [65536 2009-03-13] (PostgreSQL Global Development Group)

R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-11-07] ()

S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)

S4 SBSDWSCService; E:\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)

S4 TuneUp.Defrag; C:\Windows\System32\TuneUpDefragService.exe [506696 2009-12-21] (TuneUp Software)

S4 TuneUp.ProgramStatisticsSvc; C:\Windows\System32\TUProgSt.exe [842056 2009-12-21] (TuneUp Software)

S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [736104 2012-06-01] (Tunngle.net GmbH)

S3 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [427520 2009-04-11] (Microsoft Corporation)

S4 WinAutomation Service; E:\WinAutomation\WinAutomation.ServiceAgent.exe [167936 2011-09-18] (Softomotive)

S3 Apache2.2; "c:\xampp\apache\bin\httpd.exe" -k runservice [x]
 

==================== Drivers (Whitelisted) ====================
 

R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)

S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2009-07-20] ()

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-07-25] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-07-25] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-07-25] (Avira Operations GmbH & Co. KG)

R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2011-04-30] (AVM Berlin)

R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116096 2010-07-02] (AVM Berlin)

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20121030.002\BHDrvx64.sys [1385632 2012-10-05] (Symantec Corporation)

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20121030.002\BHDrvx64.sys [1385632 2012-10-05] (Symantec Corporation)

R1 ccHP; C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [593544 2011-08-04] (Symantec Corporation)

R2 cpuz135; C:\Windows\system32\drivers\cpuz135_x64.sys [21992 2010-11-09] (CPUID)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-10-25] (Symantec Corporation)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-10-25] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-29] (Symantec Corporation)

S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [25528 2009-12-03] (Turtle Entertainment GmbH)

R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [183312 2013-08-02] (<Turtle Entertainment>)

R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20121109.001\IDSvia64.sys [513184 2012-11-09] (Symantec Corporation)

R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20121109.001\IDSvia64.sys [513184 2012-11-09] (Symantec Corporation)

S3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [27648 2008-01-21] (Microsoft Corporation)

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2009-07-20] ()

S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20121111.008\ENG64.SYS [126112 2012-11-08] (Symantec Corporation)

S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20121111.008\ENG64.SYS [126112 2012-11-08] (Symantec Corporation)

S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20121111.008\EX64.SYS [2084000 2012-11-08] (Symantec Corporation)

S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20121111.008\EX64.SYS [2084000 2012-11-08] (Symantec Corporation)

R1 nltdi; C:\Windows\system32\drivers\nltdi.sys [89224 2010-03-25] (Locktime Software)

R1 nltdi; C:\Windows\system32\drivers\nltdi.sys [89224 2010-03-25] (Locktime Software)

R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)

S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.)

S3 Protector; C:\Windows\system32\drivers\Protector.sys [34200 2010-07-05] (PlayAll GmbH)

S3 Protector; C:\Windows\system32\drivers\Protector.sys [34200 2010-07-05] (PlayAll GmbH)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2009-06-02] ()

S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS [505392 2010-04-22] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS [32304 2010-04-22] (Symantec Corporation)

R0 SymDS; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMDS64.SYS [433200 2009-11-06] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [221304 2011-08-22] (Symantec Corporation)

R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [173104 2009-12-22] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [150064 2010-04-29] (Symantec Corporation)

R1 SYMTDIv; C:\Windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [451704 2011-08-22] (Symantec Corporation)

R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)

S3 V0230Vfx; C:\Windows\System32\DRIVERS\V0230Vfx.sys [10752 2006-05-05] (EyePower Games Pte. Ltd.)

S3 V0230VID; C:\Windows\System32\DRIVERS\V0230VID.sys [595488 2007-08-07] (Creative Technology Ltd.)

S3 ALSysIO; \??\C:\Users\STONED\AppData\Local\Temp\ALSysIO64.sys [x]

S1 atitray; \??\C:\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray64.sys [x]

S3 dump_wmimmc; \??\D:\FlyFF\GameGuard\dump_wmimmc.sys [x]

S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]

S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]

S3 IpInIp; system32\DRIVERS\ipinip.sys [x]

S3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [x]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

S3 UCOREW64; \??\C:\Users\STONED\Desktop\UCOREW64.SYS [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-08-07 00:27 - 2013-08-07 00:27 - 00000000 ____D C:\FRST

2013-08-06 15:06 - 2013-08-06 15:06 - 03097071 _____ C:\Users\STONED\Desktop\FixDotNet20130806130604183.cab

2013-08-06 15:02 - 2013-08-06 15:02 - 01010582 _____ C:\Users\STONED\AppData\Local\dd_NET_Framework35_LangPack_MSI2657.txt

2013-08-06 15:01 - 2013-08-06 15:02 - 02377334 _____ C:\Users\STONED\AppData\Local\dd_NET_Framework35_x64_MSI25DA.txt

2013-08-06 14:35 - 2013-08-06 14:48 - 02621440 _____ C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl

2013-08-06 14:35 - 2013-08-06 14:48 - 00393216 _____ C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf

2013-08-06 14:35 - 2013-08-06 14:48 - 00065536 _____ C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx

2013-08-06 14:34 - 2013-08-06 14:48 - 02621440 _____ C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell2.etl

2013-08-06 14:34 - 2013-08-06 14:48 - 00393216 _____ C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell2.perf

2013-08-06 14:34 - 2013-08-06 14:48 - 00065536 _____ C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell2.dpx

2013-08-06 14:18 - 2013-08-06 14:18 - 00001900 _____ C:\Users\STONED\Documents\asdf.pfx

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\Graphics

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\Extended

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\Client

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\3082

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\3076

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\2070

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\2052

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1055

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1053

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1049

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1046

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1045

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1044

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1043

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1042

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1041

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1040

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1038

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1037

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1036

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1035

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1033

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1032

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1031

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1030

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1029

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1028

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1025

2013-08-06 13:47 - 2013-06-24 00:37 - 75733144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe

2013-08-06 13:43 - 2013-08-06 13:43 - 01469446 _____ C:\Users\STONED\AppData\Local\dd_NET_Framework35_LangPack_MSI69C6.txt

2013-08-06 13:42 - 2013-08-06 15:02 - 00165048 _____ C:\Users\STONED\AppData\Local\dd_dotnetfx35install_lp.txt

2013-08-06 13:42 - 2013-08-06 13:42 - 00000002 _____ C:\Users\STONED\AppData\Local\dd_dotnetfx35error_lp.txt

2013-08-06 13:41 - 2013-08-06 13:42 - 02430856 _____ C:\Users\STONED\AppData\Local\dd_NET_Framework35_x64_MSI68E4.txt

2013-08-06 13:40 - 2013-08-06 15:02 - 00525600 _____ C:\Users\STONED\AppData\Local\dd_dotnetfx35install.txt

2013-08-06 13:40 - 2013-08-06 15:02 - 00519688 _____ C:\Users\STONED\AppData\Local\dd_depcheck_NETFX_EXP_35.txt

2013-08-06 13:40 - 2013-08-06 13:40 - 00000002 _____ C:\Users\STONED\AppData\Local\dd_dotnetfx35error.txt

2013-08-03 18:09 - 2013-08-04 04:00 - 00029995 _____ C:\Users\STONED\Documents\hellosurveillance.odt

2013-08-03 17:54 - 2013-08-03 17:54 - 00000687 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Poker 770.lnk

2013-08-03 17:54 - 2013-08-03 17:54 - 00000657 _____ C:\Users\STONED\Desktop\Poker 770.lnk

2013-08-03 11:07 - 2013-08-03 18:09 - 00015804 _____ C:\Users\STONED\Documents\hellosurveillance.txt

2013-08-02 21:51 - 2013-08-02 21:51 - 00000750 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\William Hill Poker.lnk

2013-08-02 21:51 - 2013-08-02 21:51 - 00000720 _____ C:\Users\STONED\Desktop\William Hill Poker.lnk

2013-08-02 21:48 - 2013-08-02 21:48 - 00000708 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MansionPoker.lnk

2013-08-02 21:48 - 2013-08-02 21:48 - 00000678 _____ C:\Users\STONED\Desktop\MansionPoker.lnk

2013-08-02 21:45 - 2013-08-05 19:34 - 00000932 _____ C:\speederr.txt

2013-08-02 21:44 - 2013-08-02 21:44 - 00000701 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Titan Poker.lnk

2013-08-02 21:44 - 2013-08-02 21:44 - 00000695 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Titan Poker.lnk

2013-08-02 21:44 - 2013-08-02 21:44 - 00000671 _____ C:\Users\STONED\Desktop\Titan Poker.lnk

2013-08-02 21:43 - 2013-08-03 17:54 - 00000000 ____D C:\Poker

2013-08-02 08:51 - 2013-08-02 08:51 - 00000000 ____D C:\Users\STONED\AppData\Local\SCE

2013-08-02 08:45 - 2013-08-02 08:45 - 00000582 _____ C:\Users\STONED\Desktop\PlanetSide 2 PSG.lnk

2013-08-02 08:45 - 2013-08-02 08:45 - 00000582 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2 PSG.lnk

2013-08-01 22:25 - 2013-08-03 11:38 - 00012065 _____ C:\Users\STONED\Documents\verschlüsselichnicht_halloueberwachung.txt

2013-08-01 20:17 - 2013-08-01 20:17 - 00000997 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk

2013-07-27 03:53 - 2013-07-27 03:53 - 00000000 ____D C:\ProgramData\ATI

2013-07-27 03:43 - 2013-07-27 03:43 - 00000000 ____D C:\Program Files\ATI

2013-07-27 03:25 - 2013-07-27 03:25 - 05292032 _____ C:\Users\postgres\NTUSER.rhk

2013-07-27 03:01 - 2013-07-27 03:01 - 00000000 ____D C:\Windows\system32\IO

2013-07-27 02:58 - 2013-07-27 02:58 - 00003024 _____ C:\Windows\System32\Tasks\{2C8CF97C-3BF3-4AEA-9F37-7330FDD0B7E4}

2013-07-27 02:41 - 2013-07-27 02:41 - 00000000 ____D C:\Users\STONED\Documents\MyTIData

2013-07-27 02:30 - 2013-07-27 02:30 - 00276290 _____ C:\Windows\msxml4-KB2758694-deu.LOG

2013-07-27 01:33 - 2013-07-27 01:33 - 00000000 ____D C:\Users\STONED\AppData\Roaming\Avira

2013-07-27 01:26 - 2013-07-27 01:26 - 00001901 _____ C:\Users\Public\Desktop\Avira Control Center.lnk

2013-07-27 01:24 - 2013-07-25 19:26 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2013-07-27 01:24 - 2013-07-25 19:26 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2013-07-27 01:24 - 2013-07-25 19:26 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

2013-07-27 01:23 - 2013-07-27 01:26 - 00000000 ____D C:\ProgramData\Avira

2013-07-27 01:23 - 2013-07-27 01:23 - 00000000 ____D C:\Program Files (x86)\Avira

2013-07-25 22:58 - 2013-07-25 22:58 - 00002270 _____ C:\Windows\System32\Tasks\TiltBreaker

2013-07-25 22:58 - 2013-07-25 22:58 - 00001800 _____ C:\Users\Public\Desktop\Configure Tilt Breaker.lnk

2013-07-25 15:20 - 2013-07-25 15:19 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-07-25 15:20 - 2013-07-25 15:19 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-07-25 15:20 - 2013-07-25 15:19 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-07-25 15:20 - 2013-07-25 15:19 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
 

==================== One Month Modified Files and Folders =======
 

2013-08-07 14:18 - 2009-06-03 01:42 - 00000000 ____D C:\Users\STONED\AppData\Roaming\Skype

2013-08-07 14:17 - 2012-07-18 11:25 - 00000000 ____D C:\Users\STONED\AppData\Roaming\TS3Client

2013-08-07 10:51 - 2012-07-19 17:54 - 00000000 ____D C:\Users\STONED\AppData\Local\PokerStars.EU

2013-08-07 00:27 - 2013-08-07 00:27 - 00000000 ____D C:\FRST

2013-08-06 19:50 - 2009-06-14 21:36 - 00000000 ____D C:\Users\STONED\AppData\Local\ESL Wire Game Client

2013-08-06 17:25 - 2009-11-26 13:16 - 00000000 ____D C:\Users\STONED\AppData\Local\CrashDumps

2013-08-06 16:52 - 2008-01-21 03:53 - 01403205 _____ C:\Windows\WindowsUpdate.log

2013-08-06 15:06 - 2013-08-06 15:06 - 03097071 _____ C:\Users\STONED\Desktop\FixDotNet20130806130604183.cab

2013-08-06 15:02 - 2013-08-06 15:02 - 01010582 _____ C:\Users\STONED\AppData\Local\dd_NET_Framework35_LangPack_MSI2657.txt

2013-08-06 15:02 - 2013-08-06 15:01 - 02377334 _____ C:\Users\STONED\AppData\Local\dd_NET_Framework35_x64_MSI25DA.txt

2013-08-06 15:02 - 2013-08-06 13:42 - 00165048 _____ C:\Users\STONED\AppData\Local\dd_dotnetfx35install_lp.txt

2013-08-06 15:02 - 2013-08-06 13:40 - 00525600 _____ C:\Users\STONED\AppData\Local\dd_dotnetfx35install.txt

2013-08-06 15:02 - 2013-08-06 13:40 - 00519688 _____ C:\Users\STONED\AppData\Local\dd_depcheck_NETFX_EXP_35.txt

2013-08-06 14:48 - 2013-08-06 14:35 - 02621440 _____ C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl

2013-08-06 14:48 - 2013-08-06 14:35 - 00393216 _____ C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf

2013-08-06 14:48 - 2013-08-06 14:35 - 00065536 _____ C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx

2013-08-06 14:48 - 2013-08-06 14:34 - 02621440 _____ C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell2.etl

2013-08-06 14:48 - 2013-08-06 14:34 - 00393216 _____ C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell2.perf

2013-08-06 14:48 - 2013-08-06 14:34 - 00065536 _____ C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell2.dpx

2013-08-06 14:44 - 2012-04-08 12:27 - 00001028 _____ C:\Windows\setupact.log

2013-08-06 14:18 - 2013-08-06 14:18 - 00001900 _____ C:\Users\STONED\Documents\asdf.pfx

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\Graphics

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\Extended

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\Client

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\3082

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\3076

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\2070

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\2052

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1055

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1053

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1049

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1046

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1045

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1044

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1043

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1042

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1041

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1040

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1038

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1037

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1036

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1035

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1033

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1032

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1031

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1030

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1029

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1028

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1025

2013-08-06 13:43 - 2013-08-06 13:43 - 01469446 _____ C:\Users\STONED\AppData\Local\dd_NET_Framework35_LangPack_MSI69C6.txt

2013-08-06 13:42 - 2013-08-06 13:42 - 00000002 _____ C:\Users\STONED\AppData\Local\dd_dotnetfx35error_lp.txt

2013-08-06 13:42 - 2013-08-06 13:41 - 02430856 _____ C:\Users\STONED\AppData\Local\dd_NET_Framework35_x64_MSI68E4.txt

2013-08-06 13:40 - 2013-08-06 13:40 - 00000002 _____ C:\Users\STONED\AppData\Local\dd_dotnetfx35error.txt

2013-08-06 13:32 - 2008-01-21 12:46 - 00708232 _____ C:\Windows\system32\perfh007.dat

2013-08-06 13:32 - 2008-01-21 12:46 - 00154838 _____ C:\Windows\system32\perfc007.dat

2013-08-06 13:29 - 2012-04-03 14:44 - 00047417 _____ C:\blitzerr.txt

2013-08-06 13:29 - 2012-04-03 11:02 - 00000000 ____D C:\Users\STONED\AppData\Roaming\HoldemManager

2013-08-06 13:10 - 2008-12-12 23:17 - 01929892 _____ C:\Windows\system32\PerfStringBackup.INI

2013-08-06 13:03 - 2010-12-17 12:59 - 00440646 _____ C:\Windows\PFRO.log

2013-08-06 04:19 - 2009-11-28 05:14 - 00000000 ____D C:\Users\STONED\AppData\Roaming\mIRC

2013-08-05 19:34 - 2013-08-02 21:45 - 00000932 _____ C:\speederr.txt

2013-08-05 02:33 - 2009-01-26 20:18 - 00000000 ____D C:\Users\STONED\AppData\Roaming\HLSW

2013-08-04 13:25 - 2012-04-03 11:07 - 00000000 ____D C:\HM2Archive

2013-08-04 04:00 - 2013-08-03 18:09 - 00029995 _____ C:\Users\STONED\Documents\hellosurveillance.odt

2013-08-03 18:09 - 2013-08-03 11:07 - 00015804 _____ C:\Users\STONED\Documents\hellosurveillance.txt

2013-08-03 17:54 - 2013-08-03 17:54 - 00000687 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Poker 770.lnk

2013-08-03 17:54 - 2013-08-03 17:54 - 00000657 _____ C:\Users\STONED\Desktop\Poker 770.lnk

2013-08-03 17:54 - 2013-08-02 21:43 - 00000000 ____D C:\Poker

2013-08-03 11:38 - 2013-08-01 22:25 - 00012065 _____ C:\Users\STONED\Documents\verschlüsselichnicht_halloueberwachung.txt

2013-08-03 07:04 - 2006-11-02 17:21 - 02190024 _____ C:\Windows\system32\FNTCACHE.DAT

2013-08-02 21:51 - 2013-08-02 21:51 - 00000750 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\William Hill Poker.lnk

2013-08-02 21:51 - 2013-08-02 21:51 - 00000720 _____ C:\Users\STONED\Desktop\William Hill Poker.lnk

2013-08-02 21:48 - 2013-08-02 21:48 - 00000708 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MansionPoker.lnk

2013-08-02 21:48 - 2013-08-02 21:48 - 00000678 _____ C:\Users\STONED\Desktop\MansionPoker.lnk

2013-08-02 21:44 - 2013-08-02 21:44 - 00000701 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Titan Poker.lnk

2013-08-02 21:44 - 2013-08-02 21:44 - 00000695 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Titan Poker.lnk

2013-08-02 21:44 - 2013-08-02 21:44 - 00000671 _____ C:\Users\STONED\Desktop\Titan Poker.lnk

2013-08-02 21:41 - 2010-08-31 01:30 - 00000000 ____D C:\Betfair

2013-08-02 17:00 - 2010-10-17 18:09 - 00183312 _____ (<Turtle Entertainment>) C:\Windows\system32\Drivers\ESLWireACD.sys

2013-08-02 08:51 - 2013-08-02 08:51 - 00000000 ____D C:\Users\STONED\AppData\Local\SCE

2013-08-02 08:45 - 2013-08-02 08:45 - 00000582 _____ C:\Users\STONED\Desktop\PlanetSide 2 PSG.lnk

2013-08-02 08:45 - 2013-08-02 08:45 - 00000582 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2 PSG.lnk

2013-08-01 20:24 - 2009-01-24 14:01 - 00061080 _____ C:\Users\STONED\AppData\Local\GDIPFONTCACHEV1.DAT

2013-08-01 20:17 - 2013-08-01 20:17 - 00000997 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk

2013-08-01 20:16 - 2009-01-24 18:49 - 00000000 ____D C:\Program Files (x86)\TeamViewer

2013-07-28 21:36 - 2006-11-02 17:40 - 00032558 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2013-07-28 21:35 - 2006-11-02 17:40 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-07-28 21:34 - 2012-05-20 00:48 - 00000584 _____ C:\Windows\Tasks\Norton Security Scan for STONED.job

2013-07-28 21:21 - 2012-01-22 01:37 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-07-28 21:09 - 2012-07-07 13:40 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-07-28 21:00 - 2009-12-21 17:18 - 00000534 _____ C:\Windows\Tasks\1-Klick-Wartung.job

2013-07-28 20:21 - 2012-01-22 01:37 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-07-28 18:00 - 2012-05-20 00:48 - 00003566 _____ C:\Windows\System32\Tasks\Norton Security Scan for STONED

2013-07-27 03:53 - 2013-07-27 03:53 - 00000000 ____D C:\ProgramData\ATI

2013-07-27 03:52 - 2011-08-13 04:58 - 00000000 ____D C:\ProgramData\AMD

2013-07-27 03:44 - 2009-01-24 14:47 - 00000000 ___HD C:\Users\STONED\AppData\Local\ATI

2013-07-27 03:44 - 2009-01-24 14:47 - 00000000 ____D C:\Users\STONED\AppData\Roaming\ATI

2013-07-27 03:44 - 2009-01-24 14:01 - 00000000 ____D C:\Users\STONED

2013-07-27 03:43 - 2013-07-27 03:43 - 00000000 ____D C:\Program Files\ATI

2013-07-27 03:25 - 2013-07-27 03:25 - 05292032 _____ C:\Users\postgres\NTUSER.rhk

2013-07-27 03:25 - 2009-01-25 00:31 - 00000000 ____D C:\Users\postgres

2013-07-27 03:01 - 2013-07-27 03:01 - 00000000 ____D C:\Windows\system32\IO

2013-07-27 02:58 - 2013-07-27 02:58 - 00003024 _____ C:\Windows\System32\Tasks\{2C8CF97C-3BF3-4AEA-9F37-7330FDD0B7E4}

2013-07-27 02:58 - 2009-01-24 14:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2013-07-27 02:53 - 2012-05-11 15:56 - 00000000 ____D C:\Program Files (x86)\RobotSoft

2013-07-27 02:42 - 2012-10-12 16:51 - 00000000 ____D C:\Program Files (x86)\Gaming Mouse

2013-07-27 02:42 - 2012-05-11 14:30 - 00000000 ____D C:\Program Files (x86)\Ghost Mouse Auto Clicker

2013-07-27 02:42 - 2010-04-10 17:33 - 00001298 _____ C:\Users\Public\Desktop\TI Connect.lnk

2013-07-27 02:41 - 2013-07-27 02:41 - 00000000 ____D C:\Users\STONED\Documents\MyTIData

2013-07-27 02:39 - 2009-05-04 18:10 - 00000000 ____D C:\ProgramData\TechSmith

2013-07-27 02:36 - 2011-06-28 22:59 - 00000000 ____D C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCsoft

2013-07-27 02:34 - 2012-05-11 15:56 - 00000000 ____D C:\Users\STONED\Documents\RobotSoft

2013-07-27 02:30 - 2013-07-27 02:30 - 00276290 _____ C:\Windows\msxml4-KB2758694-deu.LOG

2013-07-27 02:30 - 2009-10-14 17:00 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0

2013-07-27 01:33 - 2013-07-27 01:33 - 00000000 ____D C:\Users\STONED\AppData\Roaming\Avira

2013-07-27 01:31 - 2012-07-21 21:24 - 00000000 ____D C:\Program Files (x86)\Ray Adams

2013-07-27 01:29 - 2010-06-04 15:16 - 00001356 _____ C:\Users\STONED\AppData\Local\d3d9caps.dat

2013-07-27 01:26 - 2013-07-27 01:26 - 00001901 _____ C:\Users\Public\Desktop\Avira Control Center.lnk

2013-07-27 01:26 - 2013-07-27 01:23 - 00000000 ____D C:\ProgramData\Avira

2013-07-27 01:23 - 2013-07-27 01:23 - 00000000 ____D C:\Program Files (x86)\Avira

2013-07-27 01:19 - 2012-05-08 17:55 - 00000000 ____D C:\Program Files (x86)\Tilt Breaker

2013-07-25 23:11 - 2012-04-14 19:31 - 00000000 ____D C:\Users\STONED\AppData\Local\TiltBreaker

2013-07-25 23:03 - 2012-04-03 11:02 - 00000561 _____ C:\Users\Public\Desktop\HoldemManager2.lnk

2013-07-25 23:01 - 2010-07-27 19:38 - 00000000 ____D C:\Users\STONED\AppData\Local\In The Money

2013-07-25 22:58 - 2013-07-25 22:58 - 00002270 _____ C:\Windows\System32\Tasks\TiltBreaker

2013-07-25 22:58 - 2013-07-25 22:58 - 00001800 _____ C:\Users\Public\Desktop\Configure Tilt Breaker.lnk

2013-07-25 19:26 - 2013-07-27 01:24 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2013-07-25 19:26 - 2013-07-27 01:24 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2013-07-25 19:26 - 2013-07-27 01:24 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

2013-07-25 16:49 - 2012-10-01 22:18 - 00000727 _____ C:\Users\Public\Desktop\ESL Wire.lnk

2013-07-25 16:49 - 2009-06-14 21:36 - 00000000 ____D C:\Program Files\EslWire

2013-07-25 15:19 - 2013-07-25 15:20 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-07-25 15:19 - 2013-07-25 15:20 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-07-25 15:19 - 2013-07-25 15:20 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-07-25 15:19 - 2013-07-25 15:20 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-07-25 15:19 - 2012-07-14 18:37 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll

2013-07-25 15:19 - 2011-07-07 13:21 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll

2013-07-25 15:19 - 2009-02-03 20:18 - 00000000 ____D C:\Program Files (x86)\Java

2013-07-25 10:17 - 2012-06-11 16:35 - 00012125 _____ C:\Users\STONED\Documents\lebenslauf.odt

2013-07-25 01:09 - 2009-05-14 16:32 - 00000000 ____D C:\Program Files (x86)\PokerStars

2013-07-24 21:09 - 2012-07-07 13:40 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-07-24 21:09 - 2012-07-07 13:40 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2013-07-24 21:09 - 2011-06-20 17:54 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-07-24 20:25 - 2012-01-22 01:37 - 00002025 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2013-07-24 20:16 - 2012-01-22 01:37 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2013-07-24 20:16 - 2012-01-22 01:37 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
 

Files to move or delete:

====================

C:\Users\STONED\EasyAntiCheat.exe
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-08-07 13:49
 

==================== End Of Log ============================

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-08-2013

Ran by STONED at 2013-08-07 14:19:55

Running from F:\Download

Boot Mode: Normal

==========================================================
 
 

==================== Installed Programs =======================
 

   

4PL-Insight! (x32)

Adobe AIR (x32 Version: 3.1.0.4880)

Adobe Anchor Service CS3 (x32 Version: 1.0)

Adobe Asset Services CS3 (x32 Version: 3)

Adobe Bridge CS3 (x32 Version: 2)

Adobe Bridge Start Meeting (x32 Version: 1.0)

Adobe Camera Raw 4.0 (x32 Version: 4.0)

Adobe CMaps (x32 Version: 1.0)

Adobe Color - Photoshop Specific (x32 Version: 1.0)

Adobe Color Common Settings (x32 Version: 1.0)

Adobe Color EU Extra Settings (x32 Version: 1.0)

Adobe Color JA Extra Settings (x32 Version: 1.0)

Adobe Color NA Recommended Settings (x32 Version: 1.0)

Adobe Default Language CS3 (x32 Version: 1.0)

Adobe Device Central CS3 (x32 Version: 1.0)

Adobe ExtendScript Toolkit 2 (x32 Version: 2.0)

Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)

Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)

Adobe Fonts All (x32 Version: 1.0)

Adobe Help Viewer CS3 (x32 Version: 1)

Adobe Linguistics CS3 (x32 Version: 3.0.0)

Adobe PDF Library Files (x32 Version: 8.0)

Adobe Photoshop CS3 (x32 Version: 10)

Adobe Photoshop CS3 (x32 Version: 10.0)

Adobe Reader 9.2 - Deutsch (x32 Version: 9.2.0)

Adobe Setup (x32 Version: 1.0)

Adobe Shockwave Player 11.6 (x32 Version: 11.6.3.633)

Adobe Stock Photos CS3 (x32 Version: 1.5)

Adobe Type Support (x32 Version: 1.0)

Adobe Update Manager CS3 (x32 Version: 5.1.0)

Adobe Version Cue CS3 Client (x32 Version: 3)

Adobe WinSoft Linguistics Plugin (x32 Version: 1.0)

Adobe XMP Panels CS3 (x32 Version: 1.0)

Alien Swarm (x32)

AMD APP SDK Runtime (Version: 10.0.937.2)

AMD Catalyst Install Manager (Version: 8.0.877.0)

AMD Fuel (Version: 2011.1205.2215.39827)

AMD Fuel (Version: 2012.1116.1515.27190)

AMD VISION Engine Control Center (x32 Version: 2011.1205.2215.39827)

Ask Toolbar Updater (HKCU Version: 1.2.2.23821)

Auditorium (x32)

Avira Free Antivirus (x32 Version: 13.0.0.3885)

AVM FRITZ!Box USB-Fernanschluss (HKCU Version: 2.2.1.0)

Battlefield Bad Company 2 - BETA (x32 Version: 1.0.0.1)

Battlefield: Bad Company 2 (x32)

Battlefield: Bad Company™ 2 (x32 Version: 1.0.0.0)

Betfair Poker (x32)

bwin Poker (x32)

Cake Poker (x32)

Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version: 1.4)

Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32)

Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6)

Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32)

Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7)

Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32)

Camtasia Studio 7 (x32 Version: 7.1.0)

Catalyst Control Center - Branding (x32 Version: 1.00.0000)

Catalyst Control Center (x32 Version: 2012.1116.1515.27190)

Catalyst Control Center Graphics Previews Common (x32 Version: 2011.1205.2215.39827)

Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1116.1515.27190)

Catalyst Control Center InstallProxy (x32 Version: 2012.0704.122.388)

Catalyst Control Center InstallProxy (x32 Version: 2012.1116.1515.27190)

Catalyst Control Center Localization All (x32 Version: 2011.1205.2215.39827)

Catalyst Control Center Localization All (x32 Version: 2012.1116.1515.27190)

CCC Help Chinese Standard (x32 Version: 2011.1205.2214.39827)

CCC Help Chinese Standard (x32 Version: 2012.1116.1514.27190)

CCC Help Chinese Traditional (x32 Version: 2011.1205.2214.39827)

CCC Help Chinese Traditional (x32 Version: 2012.1116.1514.27190)

CCC Help Czech (x32 Version: 2011.1205.2214.39827)

CCC Help Czech (x32 Version: 2012.1116.1514.27190)

CCC Help Danish (x32 Version: 2011.1205.2214.39827)

CCC Help Danish (x32 Version: 2012.1116.1514.27190)

CCC Help Dutch (x32 Version: 2011.1205.2214.39827)

CCC Help Dutch (x32 Version: 2012.1116.1514.27190)

CCC Help English (x32 Version: 2011.1205.2214.39827)

CCC Help English (x32 Version: 2012.1116.1514.27190)

CCC Help Finnish (x32 Version: 2011.1205.2214.39827)

CCC Help Finnish (x32 Version: 2012.1116.1514.27190)

CCC Help French (x32 Version: 2011.1205.2214.39827)

CCC Help French (x32 Version: 2012.1116.1514.27190)

CCC Help German (x32 Version: 2011.1205.2214.39827)

CCC Help German (x32 Version: 2012.1116.1514.27190)

CCC Help Greek (x32 Version: 2011.1205.2214.39827)

CCC Help Greek (x32 Version: 2012.1116.1514.27190)

CCC Help Hungarian (x32 Version: 2011.1205.2214.39827)

CCC Help Hungarian (x32 Version: 2012.1116.1514.27190)

CCC Help Italian (x32 Version: 2011.1205.2214.39827)

CCC Help Italian (x32 Version: 2012.1116.1514.27190)

CCC Help Japanese (x32 Version: 2011.1205.2214.39827)

CCC Help Japanese (x32 Version: 2012.1116.1514.27190)

CCC Help Korean (x32 Version: 2011.1205.2214.39827)

CCC Help Korean (x32 Version: 2012.1116.1514.27190)

CCC Help Norwegian (x32 Version: 2011.1205.2214.39827)

CCC Help Norwegian (x32 Version: 2012.1116.1514.27190)

CCC Help Polish (x32 Version: 2011.1205.2214.39827)

CCC Help Polish (x32 Version: 2012.1116.1514.27190)

CCC Help Portuguese (x32 Version: 2011.1205.2214.39827)

CCC Help Portuguese (x32 Version: 2012.1116.1514.27190)

CCC Help Russian (x32 Version: 2011.1205.2214.39827)

CCC Help Russian (x32 Version: 2012.1116.1514.27190)

CCC Help Spanish (x32 Version: 2011.1205.2214.39827)

CCC Help Spanish (x32 Version: 2012.1116.1514.27190)

CCC Help Swedish (x32 Version: 2011.1205.2214.39827)

CCC Help Swedish (x32 Version: 2012.1116.1514.27190)

CCC Help Thai (x32 Version: 2011.1205.2214.39827)

CCC Help Thai (x32 Version: 2012.1116.1514.27190)

CCC Help Turkish (x32 Version: 2011.1205.2214.39827)

CCC Help Turkish (x32 Version: 2012.1116.1514.27190)

ccc-utility64 (Version: 2011.1205.2215.39827)

ccc-utility64 (Version: 2012.1116.1515.27190)

Command and Conquer 4: Tiberian Twilight (x32)

ConvertHelper 2.2 (x32)

Corel Shell Extension - 64Bit (Version: 14.0)

CorelDRAW Graphics Suite X4 - Capture (x32 Version: 14.2)

CorelDRAW Graphics Suite X4 - Content (x32 Version: 14.2)

CorelDRAW Graphics Suite X4 - Draw (x32 Version: 14.2)

CorelDRAW Graphics Suite X4 - Filters (x32 Version: 14.2)

CorelDRAW Graphics Suite X4 - FontNav (x32 Version: 14.2)

CorelDRAW Graphics SUite X4 - ICA (x32 Version: 14.2)

CorelDRAW Graphics Suite X4 - IPM (x32 Version: 14.2)

CorelDRAW Graphics Suite X4 - Lang DE (x32 Version: 14.2)

CorelDRAW Graphics Suite X4 - PP (x32 Version: 14.2)

CorelDRAW Graphics Suite X4 - VBA (x32 Version: 14.2)

CorelDRAW Graphics Suite X4 (x32 Version: 14.2)

CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (x32 Version: 1.1)

CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (x32)

Counter-Strike (x32)

Counter-Strike: Global Offensive - SDK (x32)

Counter-Strike: Global Offensive (x32)

Counter-Strike: Source (x32)

Counter-Strike: Source Beta (x32)

Creative Live! Cam Video IM Pro Driver (1.03.02.00)

Day of Defeat: Source (x32)

Dell AIO Printer A920

DH Driver Cleaner Professional Edition (x32 Version: Version 1.5)

Diablo III (x32 Version: 1.0.8.16603)

DivX Setup (x32 Version: 1.0.1.4)

EPSON Scan (x32)

ESL Wire 1.17.2

Fallen Earth (x32)

Fax Solutions

FaxRedist (x32 Version: 1.0.0)

FGCL Anti-Cheat version 1.004 (Version: 1.004)

flatex-Trader (HKCU)

Fraps (remove only) (x32)

GameSpy Comrade (x32 Version: 3.2.16.235)

GetDataBack for NTFS (x32 Version: 4.25.000)

Ghostbusters (TM): The Video Game (x32 Version: 1.00.0000)

Google Chrome (x32 Version: 28.0.1500.72)

Google Update Helper (x32 Version: 1.3.21.153)

grepWin x64 (Version: 1.5.430)

Heroes of Newerth (x32 Version: 1.0.16)

HLSW v1.3.1 (x32)

Holdem Manager (x32 Version: 1.07)

Holdem Manager 2

Holdem Manager 2 (x32)

HTML2TXT 4.1 (x32)

ICM Trainer (x32 Version: 1.0.0)

ICM Trainer Light (x32 Version: 1.1)

ID HWMonitor 1.17

Imperialism II (x32)

IrfanView (remove only) (x32 Version: 4.32)

Java 7 Update 25 (x32 Version: 7.0.250)

Java Auto Updater (x32 Version: 2.1.9.5)

Java(TM) 6 Update 29 (x32 Version: 6.0.290)

Java(TM) 6 Update 30 (64-bit) (Version: 6.0.300)

Java(TM) 6 Update 31 (x32 Version: 6.0.310)

Java(TM) SE Development Kit 6 Update 17 (x32 Version: 1.6.0.170)

JavaFX 2.1.1 (x32 Version: 2.1.1)

JGsoft RegexMagic 1.1.0 (x32 Version: 1.1.0)

join.me (HKCU Version: 1.3.1.429)

Just Great Software RegexBuddy 3 v.3.5.0 (x32 Version: v.3.5.0)

Killing Floor (x32)

League of Legends (x32 Version: 1.02.0000)

Left 4 Dead (x32)

Left 4 Dead 2 (x32)

Madballs in... Babo:Invasion (x32)

MansionPoker (x32)

MetaTrader 4.00 (x32 Version: 4.00)

Microsoft .NET Framework 3.5 Language Pack SP1 - DEU

Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)

Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)

Microsoft Games for Windows - LIVE  (x32 Version: 2.0.687.0)

Microsoft Games for Windows - LIVE Redistributable (x32 Version: 2.0.687.0)

Microsoft Help Viewer 1.0 (Version: 1.0.30319)

Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319)

Microsoft SQL Server 2005 (x32)

Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) (x32 Version: 9.2.3042.00)

Microsoft SQL Server 2012 T-SQL Language Service  (Version: 11.0.2100.60)

Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0)

Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0)

Microsoft SQL Server Native Client (Version: 9.00.3042.00)

Microsoft SQL Server VSS Writer (Version: 9.00.3042.00)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (x32 Version: 9.0.30729.4974)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)

Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.30319)

Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (Version: 10.0.30319)

mIRC (HKCU Version: 7.19)

Moon Breakers (x32)

Mozilla Firefox (3.0.19) (x32 Version: 3.0.19 (de))

Mozilla Firefox (3.6.10) (x32 Version: 3.6.10 (de))

Mozilla Firefox (3.6.11) (x32 Version: 3.6.11 (de))

Mozilla Firefox (3.6.12) (x32 Version: 3.6.12 (de))

Mozilla Firefox (3.6.13) (x32 Version: 3.6.13 (de))

Mozilla Firefox (3.6.14) (x32 Version: 3.6.14 (de))

Mozilla Firefox (3.6.15) (x32 Version: 3.6.15 (de))

Mozilla Firefox (3.6.16) (x32 Version: 3.6.16 (de))

Mozilla Firefox (3.6.17) (x32 Version: 3.6.17 (de))

Mozilla Firefox (3.6.6) (x32 Version: 3.6.6 (de))

Mozilla Firefox (3.6.7) (x32 Version: 3.6.7 (de))

Mozilla Firefox (3.6.8) (x32 Version: 3.6.8 (de))

Mozilla Firefox (3.6.9) (x32 Version: 3.6.9 (de))

Mozilla Firefox 4.0.1 (x86 de) (x32 Version: 4.0.1)

Mozilla Firefox 5.0 (x86 de) (x32 Version: 5.0)

Mozilla Firefox 6.0 (x86 de) (x32 Version: 6.0)

Mozilla Firefox 6.0.1 (x86 de) (x32 Version: 6.0.1)

Mozilla Firefox 6.0.2 (x86 de) (x32 Version: 6.0.2)

Mozilla Firefox 7.0.1 (x86 de) (x32 Version: 7.0.1)

Mozilla Firefox 9.0.1 (x86 de) (x32 Version: 9.0.1)

Mozilla Thunderbird (3.1) (x32 Version: 3.1 (de))

Mozilla Thunderbird (3.1.1) (x32 Version: 3.1.1 (de))

Mozilla Thunderbird (3.1.2) (x32 Version: 3.1.2 (de))

MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)

MSXML 4.0 SP2 and SOAP Toolkit 3.0 (x32 Version: 1.0.0.0)

MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)

Mumble and Murmur (x32 Version: 1.1.8)

MySQL Connector/ODBC 5.1 (Version: 5.1.11)

MySQL Server 5.5 (Version: 5.5.24)

NetLimiter 2 Monitor (remove only) (x32)

Nightly 15.0a1 (x64 en-US) (Version: 15.0a1)

Norton Internet Security (x32 Version: 17.9.0.12)

Norton Security Scan (x32 Version: 2.3.0.44)

NoteCaddy (x32 Version: 1.0.5)

Nvu 1.0 (x32 Version: 1.0)

O&O UnErase (Version: 6.0.1857)

Octoshape Streaming Services (HKCU)

OpenOffice.org 3.0 (x32 Version: 3.0.9358)

p.i.c.s. Rätsel-Generator (x32)

Pacific Poker (x32)

Patrician IV: Steam Special Edition (x32)

PDF Settings (x32 Version: 1.0)

PDF24 Creator 4.6.0 (x32)

PlanetSide 2 (HKCU Version: 1.0.3.183)

Poker 770 (x32)

Poker Evolution Equilab (HKCU)

Pokerazor 1.36 (x32 Version: 1.36)

PokerStars (x32)

PokerStrategy Equilator (x32 Version: 1.7)

PokerStrategy.com Elephant (x32 Version: 0.90.30913.03)

PokerStrategy.com Equilab (x32 Version: 1.2.6.0)

Portal 2 (x32)

PostgreSQL 8.3 (x32 Version: 8.3)

QuoteCompiler (HKCU Version: 1.0.1.16)

QuoteCompiler CFD (HKCU Version: 0.0.0.26)

Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (x32 Version: 1.00.0000)

Realtek High Definition Audio Driver (x32 Version: 6.0.1.5772)

SeaMonkey (2.9) (x32 Version: 2.9 (de))

Security Task Manager 1.7f (x32 Version: 1.7f)

Serious Sam 3: BFE (x32)

Serious Sam HD: The First Encounter (x32)

Serious Sam: The Second Encounter (x32)

SitNGo Wizard (x32)

Skype™ 5.8 (x32 Version: 5.8.158)

Spelling Dictionaries Support For Adobe Reader 9 (x32 Version: 9.0.0)

Spybot - Search & Destroy (x32 Version: 1.6.2)

StarCraft II (x32 Version: 1.3.6.19269)

Steam (x32 Version: 1.0.0.0)

StudNET Login Client (x32 Version: 4.1)

swMSM (x32 Version: 12.0.0.1)

TableNinja (x32 Version: 1.2.126)

TableNinja (x32 Version: 1.2.128)

Talkative IRC 0.4.4.16 (x32)

Taskbar Shuffle 64-bit version 2.5 (Version: 2.5)

Team Fortress 2 (x32)

TeamSpeak 3 Client (HKCU Version: 3.0.11.1)

TeamViewer 8 (x32 Version: 8.0.19617)

The Guild II - Pirates of the European Seas (x32)

The Guild II (x32)

TI Connect 1.6 (x32 Version: 1.6.0)

Tilt Breaker (x32)

Titan Poker (x32)

TmNationsForever (x32)

TuneUp Utilities 2009 (x32 Version: 8.0.3310.3)

Tunngle beta (x32)

Ultra Document To Text Converter 2.0 (x32)

Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (x32 Version: 9.00.3042.00)

URL Snooper v2.30.01 (x32)

VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0)

Visual Basic for Applications (R) Core - English (x32 Version: 6.4.99.69)

Visual Basic for Applications (R) Core - German (x32 Version: 6.4.99.69)

Visual Basic for Applications (R) Core (x32 Version: 6.4.99.69)

VLC media player 0.9.8a (x32 Version: 0.9.8a)

William Hill Poker (x32)

WinAutomation (Version: 3.1.6.676)

WinAutomation (x32)

Windosill (x32)

WinPcap 4.1.2 (x32 Version: 4.1.0.2001)

WinRAR (x32)

WinZip 12.1 (x32 Version: 12.1.8519)

Wise Registry Cleaner 7.52 (x32)

WM Recorder 14 (x32 Version: 14.0)

X-ray Anti-Cheat (x32 Version: 1.5.500)

Xvid 1.2.2 final uninstall (x32 Version: 1.2)

YAWLE 0.5b (x32)

Yontoo 1.10.02 (Version: 1.10.02)
 

==================== Restore Points  =========================
 
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {08F2CA14-1E39-4A42-A17C-35880D34C80E} - System32\Tasks\Symantec\Symantec Error Analyzer 17.9.0.12 => C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\SymErr.exe [2011-09-20] (Symantec Corporation)

Task: {2E2CD212-4815-4A39-BEBE-D24E6DF73041} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.)

Task: {44C307AF-BFB2-4477-99A0-799EFFF84CAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-22] (Google Inc.)

Task: {487AD553-FBC3-481D-8437-F607AC6A32A6} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe No File

Task: {598E05CF-DA93-4C03-AECC-FF464B88A7C9} - System32\Tasks\1-Klick-Wartung => C:\Program Files (x86)\TuneUp Utilities 2009\OneClickStarter.exe [2009-11-16] (TuneUp Software GmbH)

Task: {5A90BA10-B9A7-40F6-B0D8-A9AB197800FB} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)

Task: {5BCFA926-77CB-4BDE-AA90-99718BBBC7CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-22] (Google Inc.)

Task: {6B39F061-33C3-48CB-9D7F-53ABA0D3C4E7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-24] (Adobe Systems Incorporated)

Task: {70266ED4-E4B0-4F72-8C78-658DB551FDB8} - System32\Tasks\{C8FE5F23-0DDE-4934-BC5F-92EC3D7E8F7E} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-02-29] (Skype Technologies S.A.)

Task: {9475DD97-BB54-4FD8-A31A-032B4833F6AA} - System32\Tasks\Microsoft\Windows\MobilePC\TMM

Task: {96AEFDB3-0EB1-4382-A564-85A711F1876A} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)

Task: {AA105019-BFFB-4713-B627-81B47F4419F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages

Task: {C0B38178-CA76-4475-90EB-B2F41221156B} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI

Task: {C184AC88-BE2D-4400-8DAD-0335DC0C1DA1} - System32\Tasks\TiltBreaker => C:\Program Files (x86)\Tilt Breaker\rundll32.exe [2013-06-14] ()

Task: {C28278BF-1ABF-4595-BB2A-15201DDF25E3} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()

Task: {C41E9FD5-A5DB-4DEF-9715-E4F7BAFEE730} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)

Task: {D1849F70-8D65-4263-957C-27FD3AAE933A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)

Task: {D7C21D44-80DC-4F5C-AE72-8A6F1B379122} - System32\Tasks\Symantec\Symantec Error Processor 17.9.0.12 => C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\SymErr.exe [2011-09-20] (Symantec Corporation)

Task: {EF6BBEFD-CFFC-4064-8483-25B1D1E140A2} - System32\Tasks\Norton Security Scan for STONED => C:\Program Files (x86)\Norton Security Scan\Norton Security Scan\Engine\2.3.0.44\Nss.exe [2012-05-20] (Symantec Corporation)

Task: C:\Windows\Tasks\1-Klick-Wartung.job => C:\Program Files (x86)\TuneUp Utilities 2009\OneClickStarter.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\Norton Security Scan for STONED.job => C:\Program Files (x86)\Norton Security Scan\Norton Security Scan\Engine\2.3.0.44\Nss.exe
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (08/06/2013 05:25:33 PM) (Source: Application Error) (User: )

Description: Fehlerhafte Anwendung TeamViewer.exe, Version 8.0.19617.0, Zeitstempel 0x51da9d5b, fehlerhaftes Modul TeamViewer.exe, Version 8.0.19617.0, Zeitstempel 0x51da9d5b, Ausnahmecode 0xc0000409, Fehleroffset 0x007478ac,

Prozess-ID 0x1924, Anwendungsstartzeit TeamViewer.exe0.
 

Error: (08/06/2013 03:05:34 PM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/06/2013 03:05:34 PM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/06/2013 03:03:45 PM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/06/2013 03:03:42 PM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/06/2013 03:02:29 PM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/06/2013 03:02:29 PM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/06/2013 02:59:02 PM) (Source: Windows Search Service) (User: )

Description: Eintrag <C:\CONFIG.MSI\4AF0C5.RBS> in der Hash-Zuordnung kann nicht aktualisiert werden.
 

Kontext:  Anwendung, SystemIndex Katalog
 
 

Details:

        Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
 

Error: (08/06/2013 02:58:52 PM) (Source: Windows Search Service) (User: )

Description: Eintrag <C:\CONFIG.MSI\4AF0C5.RBS> in der Hash-Zuordnung kann nicht aktualisiert werden.
 

Kontext:  Anwendung, SystemIndex Katalog
 
 

Details:

        Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
 

Error: (08/06/2013 02:55:36 PM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 
 

System errors:

=============

Error: (08/06/2013 01:38:39 PM) (Source: Service Control Manager) (User: )

Description: AODDriver4.1%%2
 

Error: (08/06/2013 01:38:39 PM) (Source: Service Control Manager) (User: )

Description: atitray

i8042prt

vflt
 

Error: (08/06/2013 01:38:39 PM) (Source: Service Control Manager) (User: )

Description: AODDriver4.1%%2
 

Error: (08/06/2013 01:38:33 PM) (Source: DCOM) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (08/06/2013 01:37:00 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)

Description: 
 

Error: (08/06/2013 01:05:04 PM) (Source: Service Control Manager) (User: )

Description: AODDriver4.1%%2
 

Error: (08/06/2013 01:05:04 PM) (Source: Service Control Manager) (User: )

Description: atitray

vflt
 

Error: (08/06/2013 01:05:04 PM) (Source: Service Control Manager) (User: )

Description: AODDriver4.1%%2
 

Error: (08/06/2013 01:04:57 PM) (Source: DCOM) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (08/06/2013 01:03:22 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)

Description: 
 
 

Microsoft Office Sessions:

=========================

Error: (08/06/2013 05:25:33 PM) (Source: Application Error)(User: )

Description: TeamViewer.exe8.0.19617.051da9d5bTeamViewer.exe8.0.19617.051da9d5bc0000409007478ac192401ce92b919c255da
 

Error: (08/06/2013 03:05:34 PM) (Source: .NET Runtime Optimization Service)(User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/06/2013 03:05:34 PM) (Source: .NET Runtime Optimization Service)(User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/06/2013 03:03:45 PM) (Source: .NET Runtime Optimization Service)(User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/06/2013 03:03:42 PM) (Source: .NET Runtime Optimization Service)(User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/06/2013 03:02:29 PM) (Source: .NET Runtime Optimization Service)(User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/06/2013 03:02:29 PM) (Source: .NET Runtime Optimization Service)(User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/06/2013 02:59:02 PM) (Source: Windows Search Service)(User: )

Description: Kontext:  Anwendung, SystemIndex Katalog
 
 

Details:

        Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

C:\CONFIG.MSI\4AF0C5.RBS
 

Error: (08/06/2013 02:58:52 PM) (Source: Windows Search Service)(User: )

Description: Kontext:  Anwendung, SystemIndex Katalog
 
 

Details:

        Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

C:\CONFIG.MSI\4AF0C5.RBS
 

Error: (08/06/2013 02:55:36 PM) (Source: .NET Runtime Optimization Service)(User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 
 

CodeIntegrity Errors:

===================================

  Date: 2013-08-07 14:19:25.783

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT64x86.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2013-08-07 14:19:25.747

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT64x86.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2013-08-07 14:19:25.707

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT64x86.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2013-08-07 14:19:25.672

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT64x86.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2013-08-07 14:19:17.248

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20121030.002\BHDrvx64.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2013-08-07 14:19:17.182

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20121030.002\BHDrvx64.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2013-08-07 14:19:17.142

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20121030.002\BHDrvx64.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2013-08-07 14:19:17.103

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20121030.002\BHDrvx64.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2013-08-07 14:19:17.064

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20121030.002\BHDrvx64.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2013-08-07 14:19:17.020

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20121030.002\BHDrvx64.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 47%

Total physical RAM: 4094.38 MB

Available physical RAM: 2161.88 MB

Total Pagefile: 8407.26 MB

Available Pagefile: 4541.43 MB

Total Virtual: 8192 MB

Available Virtual: 8191.85 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:59.06 GB) (Free:3.49 GB) NTFS (Disk=0 Partition=1) ==>[Drive with boot components (obtained from BCD)]

Drive d: (Games) (Fixed) (Total:196.29 GB) (Free:11.75 GB) NTFS (Disk=0 Partition=2)

Drive e: (Programme) (Fixed) (Total:78.12 GB) (Free:27.82 GB) NTFS (Disk=0 Partition=3)

Drive f: (Multimedia) (Fixed) (Total:262.7 GB) (Free:20.91 GB) NTFS (Disk=0 Partition=4)
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: 6201F2D7)

Partition 1: (Active) - (Size=59 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=196 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=78 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=263 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

ok. log is hier

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-08-2013

Ran by STONED (administrator) on 09-08-2013 12:38:01

Running from F:\Download

Windows Vista (TM) Ultimate Service Pack 2 (X64) OS Language: German Standard

Internet Explorer Version 7

Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

(AMD) C:\Windows\system32\atiesrxx.exe

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe

(AMD) C:\Windows\system32\atieclxx.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe

(Microsoft Corporation) C:\Windows\ehome\ehsched.exe

() C:\Program Files\EslWire\service\WireHelperSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe

(PostgreSQL Global Development Group) F:\psostgresql\bin\pg_ctl.exe

() C:\Program Files (x86)\Tilt Breaker\rundll32.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

(PostgreSQL Global Development Group) F:\psostgresql\bin\postgres.exe

(PostgreSQL Global Development Group) F:\psostgresql\bin\postgres.exe

(PostgreSQL Global Development Group) F:\psostgresql\bin\postgres.exe

(PostgreSQL Global Development Group) F:\psostgresql\bin\postgres.exe

(PostgreSQL Global Development Group) F:\psostgresql\bin\postgres.exe

(PostgreSQL Global Development Group) F:\psostgresql\bin\postgres.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe

(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe

() C:\Program Files (x86)\Tilt Breaker\rundll32.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [6962720 2009-01-06] (Realtek Semiconductor)

HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-01-06] (Realtek Semiconductor Corp.)

HKLM\...\Run: [C:\Windows\system32\V0230Ext.ax] - C:\Windows\system32\RegSvr32.exe [15872 2006-11-02] (Microsoft Corporation)

MountPoints2: {9969b1b5-c853-11de-8f08-00ff01000001} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL davID.exE

MountPoints2: {b1982cd1-06f7-11e0-a653-00ff01000001} - J:\AutoRun.exe

MountPoints2: {b48894f6-ec02-11df-9894-00ff01000001} - J:\AutoRun.exe

MountPoints2: {c065ebb4-06c5-11e0-a3c5-00ff01000001} - J:\AutoRun.exe

MountPoints2: {e2f14103-eb4d-11df-aaaa-806e6f6e6963} - K:\AutoRun.exe

MountPoints2: {e2f14152-eb4d-11df-aaaa-00ff01000001} - J:\AutoRun.exe

MountPoints2: {eee556b6-4fa0-11de-bd47-001966902c46} - J:\Autorun.exe

HKLM-x32\...\Run: [C:\Windows\SysWOW64\V0230Ext.ax] - C:\Windows\system32\RegSvr32.exe [15872 2006-11-02] (Microsoft Corporation)

HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-12-05] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-25] (Avira Operations GmbH & Co. KG)

HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [2438656 2009-04-11] (Microsoft Corporation)

HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [2438656 2009-04-11] (Microsoft Corporation)

SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll (Microsoft Corporation)

SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.orbitdownloader.com

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

SearchScopes: HKCU - DefaultScope {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

SearchScopes: HKCU - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = hxxp://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60341

SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\SPYBOT~1\SDHelper.dll (Safer Networking Limited)

BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)

BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL (Symantec Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)

Toolbar: HKCU - No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} -  No File

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File

DPF: HKLM-x32 {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: HKLM-x32 {C212D449-8B3C-41F2-BD9A-047BD770550F} hxxp://www.fiaa.eu/OPLauncher.cab

DPF: HKLM-x32 {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} 

DPF: HKLM-x32 {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab

Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)

Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
 

Hosts: Hosts file not detected in the default directory

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default

FF user.js: detected! => C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\user.js

FF Homepage: startpage.com

FF Keyword.URL: hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.2&q=

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()

FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File

FF Plugin-x32: @comrade.gamespy.com/comrade - C:\Program Files (x86)\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)

FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)

FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 - C:\Users\STONED\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1002170-0-npoctoshape.dll (Octoshape ApS)

FF SearchPlugin: C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\searchplugins\find-flash-in-web.xml

FF SearchPlugin: C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\searchplugins\searchplugins-backup

FF Extension: No Name - C:\Users\STONED\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

FF Extension: No Name - C:\Users\STONED\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

FF Extension: Battlefield Heroes Updater - C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\Extensions\battlefieldheroespatcher@ea.com

FF Extension: SpeedFox - C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\Extensions\jid1-uabu5A9hduqzCw@jetpack

FF Extension: Yontoo - C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\Extensions\plugin@yontoo.com

FF Extension: EPUBReader - C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}

FF Extension: DownloadHelper - C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

FF Extension: FoxLingo - C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}

FF Extension: No Name - C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi

FF Extension: No Name - C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\Extensions\{29852C08-1E91-4889-A6BF-C77F91D6A8F3}.xpi

FF Extension: No Name - C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\Extensions\{bb117431-63c1-4a4d-8e4e-47f02268b2c6}.xpi

FF Extension: No Name - C:\Users\STONED\AppData\Roaming\Mozilla\Firefox\Profiles\3p9fnzjg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\

FF Extension: Norton IPS - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\

FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6

FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6

FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Nightly\firefox.exe
 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com

CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll ()

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\gcswf32.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File

CHR Plugin: (Octoshape Streaming Services) - C:\Users\STONED\AppData\Roaming\Mozilla\plugins\npoctoshape.dll (Octoshape ApS)

CHR Plugin: (Octoshape Streaming Services) - C:\Users\STONED\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1002170-0-npoctoshape.dll (Octoshape ApS)

CHR Plugin: (Adobe Acrobat) - E:\Adobe Reader\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - E:\Mozilla Firefox\plugins\npdeployJava1.dll No File

CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

CHR Plugin: (NPOP7Plugin) - E:\Mozilla Firefox\plugins\NPOP7PlugIn.dll (AB)

CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)

CHR Plugin: (Comrade Plugin) - C:\Program Files (x86)\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File

CHR Plugin: (Pay-Per-Frag Game Launcher) - C:\Program Files (x86)\payperfrag\Pay-per-frag\NPPayPerFragPlugin.dll No File

CHR Plugin: (QUAKE LIVE) - C:\ProgramData\id Software\QuakeLive\npquakezero.dll No File

CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
 

==================== Services (Whitelisted) =================
 

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-11-16] (Advanced Micro Devices, Inc.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-25] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-25] (Avira Operations GmbH & Co. KG)

S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-07-25] (Avira Operations GmbH & Co. KG)

S4 Apache2.4; c:\apache\Apache24\bin\httpd.exe [24576 2012-04-10] (Apache Software Foundation)

S4 dlbk_device; C:\Windows\system32\dlbkcoms.exe [567280 2007-03-28] ( )

R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2013-06-11] ()

R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29178224 2007-02-10] (Microsoft Corporation)

R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [126400 2011-08-04] (Symantec Corporation)

S4 nlsvc; E:\NetLimiter 2 Monitor\nlsvc.exe [817152 2010-03-25] (Locktime Software)

S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4330168 2011-05-11] (INCA Internet Co., Ltd.)

R2 pgsql-8.3; F:\psostgresql\bin\pg_ctl.exe [65536 2009-03-13] (PostgreSQL Global Development Group)

R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-11-07] ()

S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)

S4 SBSDWSCService; E:\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)

S4 TuneUp.Defrag; C:\Windows\System32\TuneUpDefragService.exe [506696 2009-12-21] (TuneUp Software)

S4 TuneUp.ProgramStatisticsSvc; C:\Windows\System32\TUProgSt.exe [842056 2009-12-21] (TuneUp Software)

S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [736104 2012-06-01] (Tunngle.net GmbH)

R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [427008 2010-04-21] (Microsoft Corporation)

S4 WinAutomation Service; E:\WinAutomation\WinAutomation.ServiceAgent.exe [167936 2011-09-18] (Softomotive)

S3 Apache2.2; "c:\xampp\apache\bin\httpd.exe" -k runservice [x]
 

==================== Drivers (Whitelisted) ====================
 

R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)

S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2009-07-20] ()

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-07-25] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-07-25] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-07-25] (Avira Operations GmbH & Co. KG)

R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2011-04-30] (AVM Berlin)

R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116096 2010-07-02] (AVM Berlin)

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20121030.002\BHDrvx64.sys [1385632 2012-10-05] (Symantec Corporation)

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20121030.002\BHDrvx64.sys [1385632 2012-10-05] (Symantec Corporation)

R1 ccHP; C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [593544 2011-08-04] (Symantec Corporation)

R2 cpuz135; C:\Windows\system32\drivers\cpuz135_x64.sys [21992 2010-11-09] (CPUID)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-10-25] (Symantec Corporation)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-10-25] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-11-08] (Symantec Corporation)

S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [25528 2009-12-03] (Turtle Entertainment GmbH)

R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [183312 2013-08-02] (<Turtle Entertainment>)

R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20121109.001\IDSvia64.sys [513184 2012-11-09] (Symantec Corporation)

R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20121109.001\IDSvia64.sys [513184 2012-11-09] (Symantec Corporation)

S3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [27648 2008-01-21] (Microsoft Corporation)

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2009-07-20] ()

S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20121111.008\ENG64.SYS [126112 2012-11-08] (Symantec Corporation)

S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20121111.008\ENG64.SYS [126112 2012-11-08] (Symantec Corporation)

S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20121111.008\EX64.SYS [2084000 2012-11-08] (Symantec Corporation)

S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20121111.008\EX64.SYS [2084000 2012-11-08] (Symantec Corporation)

R1 nltdi; C:\Windows\system32\drivers\nltdi.sys [89224 2010-03-25] (Locktime Software)

R1 nltdi; C:\Windows\system32\drivers\nltdi.sys [89224 2010-03-25] (Locktime Software)

R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)

S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.)

S3 Protector; C:\Windows\system32\drivers\Protector.sys [34200 2010-07-05] (PlayAll GmbH)

S3 Protector; C:\Windows\system32\drivers\Protector.sys [34200 2010-07-05] (PlayAll GmbH)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2009-06-02] ()

S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS [505392 2010-04-22] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS [32304 2010-04-22] (Symantec Corporation)

R0 SymDS; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMDS64.SYS [433200 2009-11-06] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [221304 2011-08-22] (Symantec Corporation)

R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [173104 2009-12-22] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [150064 2010-04-29] (Symantec Corporation)

R1 SYMTDIv; C:\Windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [451704 2011-08-22] (Symantec Corporation)

R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)

S3 V0230Vfx; C:\Windows\System32\DRIVERS\V0230Vfx.sys [10752 2006-05-05] (EyePower Games Pte. Ltd.)

S3 V0230VID; C:\Windows\System32\DRIVERS\V0230VID.sys [595488 2007-08-07] (Creative Technology Ltd.)

S3 ALSysIO; \??\C:\Users\STONED\AppData\Local\Temp\ALSysIO64.sys [x]

S1 atitray; \??\C:\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray64.sys [x]

S3 dump_wmimmc; \??\D:\FlyFF\GameGuard\dump_wmimmc.sys [x]

S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]

S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]

S3 IpInIp; system32\DRIVERS\ipinip.sys [x]

S3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [x]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

S3 UCOREW64; \??\C:\Users\STONED\Desktop\UCOREW64.SYS [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-08-09 04:04 - 2010-06-28 19:21 - 01915904 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll

2013-08-09 04:04 - 2010-06-28 19:00 - 01316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll

2013-08-09 04:02 - 2009-12-04 20:52 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll

2013-08-09 04:02 - 2009-12-04 20:50 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll

2013-08-09 04:02 - 2009-12-04 20:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll

2013-08-09 04:02 - 2009-12-04 20:50 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll

2013-08-09 04:02 - 2009-12-04 20:49 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll

2013-08-09 04:02 - 2009-12-04 20:30 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsbyuv.dll

2013-08-09 04:02 - 2009-12-04 20:28 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvfw32.dll

2013-08-09 04:02 - 2009-12-04 20:28 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciavi32.dll

2013-08-09 04:02 - 2009-12-04 20:28 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iyuv_32.dll

2013-08-09 04:02 - 2009-12-04 20:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvidc32.dll

2013-08-09 04:02 - 2009-12-04 20:28 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msyuv.dll

2013-08-09 04:02 - 2009-12-04 20:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrle32.dll

2013-08-09 04:02 - 2009-12-04 20:27 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\avifil32.dll

2013-08-09 04:00 - 2012-05-01 16:29 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys

2013-08-09 03:59 - 2010-08-31 17:46 - 00954752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll

2013-08-09 03:59 - 2010-08-31 17:46 - 00954288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll

2013-08-09 03:58 - 2012-09-25 18:31 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll

2013-08-09 03:58 - 2012-09-25 18:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll

2013-08-09 03:56 - 2011-12-14 18:38 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll

2013-08-09 03:56 - 2011-12-14 18:17 - 00680448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll

2013-08-09 03:55 - 2013-03-03 21:13 - 01513320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

2013-08-09 03:51 - 2011-02-18 16:18 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys

2013-08-09 03:46 - 2010-02-18 15:49 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll

2013-08-09 03:46 - 2010-02-18 13:59 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys

2013-08-09 03:43 - 2009-08-10 14:47 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll

2013-08-09 03:43 - 2009-08-10 14:35 - 00355328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll

2013-08-09 03:42 - 2012-01-09 18:16 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll

2013-08-09 03:42 - 2012-01-09 17:54 - 00613376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll

2013-08-09 03:40 - 2013-04-24 06:09 - 01269248 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2013-08-09 03:40 - 2013-04-24 06:09 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2013-08-09 03:40 - 2013-04-24 06:09 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

2013-08-09 03:40 - 2013-04-24 06:09 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll

2013-08-09 03:40 - 2013-04-24 06:00 - 00985600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2013-08-09 03:40 - 2013-04-24 06:00 - 00133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2013-08-09 03:40 - 2013-04-24 06:00 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

2013-08-09 03:40 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll

2013-08-09 03:40 - 2013-04-24 04:10 - 01078272 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe

2013-08-09 03:40 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe

2013-08-09 03:37 - 2013-06-04 06:19 - 01176576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-08-09 03:37 - 2013-06-04 06:19 - 01032192 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-08-09 03:37 - 2013-06-04 06:19 - 00834048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-08-09 03:37 - 2013-06-04 06:19 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-08-09 03:37 - 2013-06-04 06:18 - 03625472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-08-09 03:37 - 2013-06-04 06:18 - 01428992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-08-09 03:37 - 2013-06-04 06:18 - 00671232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll

2013-08-09 03:37 - 2013-06-04 06:18 - 00479744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-08-09 03:37 - 2013-06-04 06:18 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2013-08-09 03:37 - 2013-06-04 06:17 - 07050752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-08-09 03:37 - 2013-06-04 06:17 - 06118400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-08-09 03:37 - 2013-06-04 06:17 - 05730304 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-08-09 03:37 - 2013-06-04 06:17 - 01129984 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll

2013-08-09 03:37 - 2013-06-04 06:17 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2013-08-09 03:37 - 2013-06-04 06:17 - 00623104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-08-09 03:37 - 2013-06-04 06:17 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-08-09 03:37 - 2013-06-04 06:17 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2013-08-09 03:37 - 2013-06-04 06:17 - 00380928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-08-09 03:37 - 2013-06-04 06:17 - 00375808 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-08-09 03:37 - 2013-06-04 06:17 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-08-09 03:37 - 2013-06-04 06:17 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2013-08-09 03:37 - 2013-06-04 06:17 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-08-09 03:37 - 2013-06-04 06:17 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-08-09 03:37 - 2013-06-04 06:17 - 00180736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-08-09 03:37 - 2013-06-04 06:17 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-08-09 03:37 - 2013-06-04 06:17 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-08-09 03:37 - 2013-06-04 04:55 - 00485376 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2013-08-09 03:37 - 2013-06-04 04:32 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-08-09 03:37 - 2013-06-04 04:18 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-08-09 03:37 - 2013-06-04 04:04 - 01383424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-08-09 03:36 - 2012-02-01 17:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll

2013-08-09 03:32 - 2010-06-18 19:48 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll

2013-08-09 03:32 - 2010-06-18 19:31 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll

2013-08-09 03:32 - 2010-04-05 19:33 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL

2013-08-09 03:32 - 2010-04-05 19:02 - 00317952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL

2013-08-09 03:30 - 2011-02-12 07:38 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe

2013-08-09 03:30 - 2010-08-17 16:54 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe

2013-08-09 03:30 - 2010-05-27 22:08 - 00081920 _____ (Radius Inc.) C:\Windows\SysWOW64\iccvid.dll

2013-08-09 03:29 - 2011-11-18 22:55 - 01585152 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2013-08-09 03:29 - 2011-11-18 22:55 - 01167984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2013-08-09 03:29 - 2011-08-25 18:20 - 00735744 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll

2013-08-09 03:29 - 2011-08-25 18:19 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll

2013-08-09 03:29 - 2011-08-25 18:19 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll

2013-08-09 03:29 - 2011-08-25 18:15 - 00555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll

2013-08-09 03:29 - 2011-08-25 18:14 - 00563712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll

2013-08-09 03:29 - 2011-08-25 18:14 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll

2013-08-09 03:29 - 2011-08-25 15:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\oleaccrc.dll

2013-08-09 03:29 - 2011-08-25 15:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaccrc.dll

2013-08-09 03:28 - 2013-04-15 16:17 - 00901496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2013-08-09 03:28 - 2013-04-13 05:34 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll

2013-08-09 03:28 - 2011-11-16 18:43 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll

2013-08-09 03:28 - 2011-11-16 18:23 - 00377344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll

2013-08-09 03:28 - 2011-04-29 15:41 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys

2013-08-09 03:28 - 2011-04-29 15:40 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys

2013-08-09 03:27 - 2011-10-14 19:31 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll

2013-08-09 03:27 - 2011-10-14 19:27 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\mcicda.dll

2013-08-09 03:27 - 2011-10-14 19:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mciwave.dll

2013-08-09 03:27 - 2011-10-14 19:27 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\mciseq.dll

2013-08-09 03:27 - 2011-10-14 18:03 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll

2013-08-09 03:27 - 2011-10-14 18:00 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciseq.dll

2013-08-09 03:27 - 2011-07-06 17:49 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2013-08-09 03:27 - 2011-04-29 15:39 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2013-08-09 03:27 - 2011-04-29 15:39 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2013-08-09 03:26 - 2012-08-24 18:07 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2013-08-09 03:26 - 2012-08-24 17:53 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2013-08-09 03:25 - 2012-08-21 13:50 - 00267648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys

2013-08-09 03:16 - 2013-08-09 05:30 - 00005616 _____ C:\Windows\iis7.log

2013-08-09 03:14 - 2013-08-09 03:14 - 00004262 _____ C:\Windows\PFRO.log

2013-08-09 01:55 - 2010-05-04 21:40 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msshsq.dll

2013-08-09 01:55 - 2010-05-04 21:13 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshsq.dll

2013-08-09 01:54 - 2013-06-01 06:19 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2013-08-09 01:54 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2013-08-09 01:39 - 2010-04-05 19:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll

2013-08-09 01:39 - 2010-04-05 19:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll

2013-08-09 01:38 - 2012-11-20 06:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2013-08-09 01:38 - 2012-11-20 06:21 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2013-08-09 01:38 - 2010-08-26 19:46 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll

2013-08-09 01:38 - 2010-08-26 18:37 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll

2013-08-09 01:37 - 2011-10-25 18:13 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll

2013-08-09 01:37 - 2011-10-25 17:58 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll

2013-08-09 01:37 - 2010-08-31 19:27 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll

2013-08-09 01:37 - 2010-08-31 17:44 - 00531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll

2013-08-09 01:36 - 2012-09-28 18:34 - 01210368 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2013-08-09 01:36 - 2012-09-28 18:13 - 00860160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2013-08-09 01:35 - 2009-10-07 14:20 - 00280576 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll

2013-08-09 01:35 - 2009-10-07 13:36 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll

2013-08-08 23:19 - 2010-12-28 18:08 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll

2013-08-08 23:19 - 2010-12-28 17:55 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll

2013-08-08 23:18 - 2011-10-14 19:30 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll

2013-08-08 23:18 - 2011-10-14 18:02 - 00429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll

2013-08-08 23:18 - 2011-01-21 18:50 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll

2013-08-08 23:18 - 2011-01-21 18:35 - 00353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll

2013-08-08 23:14 - 2010-02-21 01:15 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll

2013-08-08 23:14 - 2010-02-21 01:14 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll

2013-08-08 23:14 - 2010-02-21 01:07 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll

2013-08-08 23:14 - 2010-02-21 01:06 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshhttp.dll

2013-08-08 23:14 - 2010-02-21 01:05 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll

2013-08-08 23:14 - 2010-02-21 01:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\httpapi.dll

2013-08-08 23:14 - 2010-02-21 01:05 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll

2013-08-08 23:14 - 2010-02-21 01:03 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll

2013-08-08 23:14 - 2010-02-21 01:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll

2013-08-08 23:14 - 2010-02-20 23:30 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys

2013-08-08 23:14 - 2010-02-20 23:05 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe

2013-08-08 23:14 - 2009-11-09 15:03 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll

2013-08-08 23:14 - 2009-11-09 14:59 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll

2013-08-08 23:14 - 2009-11-09 14:59 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll

2013-08-08 23:14 - 2009-11-09 14:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll

2013-08-08 23:14 - 2009-11-09 14:58 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll

2013-08-08 23:14 - 2009-11-09 13:19 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe

2013-08-08 23:12 - 2010-09-13 18:13 - 13426688 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll

2013-08-08 23:12 - 2010-09-13 17:46 - 10627072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll

2013-08-08 23:12 - 2010-09-13 16:32 - 08147968 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL

2013-08-08 23:12 - 2010-09-13 15:56 - 08147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL

2013-08-08 23:11 - 2013-03-11 15:33 - 04691304 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2013-08-08 23:11 - 2013-03-09 06:16 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2013-08-08 23:11 - 2013-03-09 03:48 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2013-08-08 23:11 - 2011-02-24 18:37 - 01076608 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi

2013-08-08 23:11 - 2011-02-24 18:37 - 00020864 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll

2013-08-08 23:11 - 2011-02-24 18:37 - 00018816 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll

2013-08-08 23:11 - 2011-02-24 18:37 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll

2013-08-08 23:10 - 2011-02-24 18:38 - 00991104 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi

2013-08-08 23:10 - 2011-02-24 18:38 - 00979840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe

2013-08-08 23:10 - 2011-02-24 18:37 - 01063296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe

2013-08-08 23:10 - 2010-10-18 17:35 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2013-08-08 23:07 - 2013-02-12 04:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys

2013-08-08 23:07 - 2010-02-24 11:26 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe

2013-08-08 23:06 - 2010-12-17 17:41 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe

2013-08-08 23:06 - 2010-12-17 15:54 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe

2013-08-08 23:05 - 2009-07-10 13:51 - 00302080 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll

2013-08-08 23:05 - 2009-07-10 13:47 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsvcs.dll

2013-08-08 23:04 - 2013-05-08 06:18 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

2013-08-08 23:04 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

2013-08-08 23:04 - 2012-06-04 17:29 - 00516480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2013-08-08 23:04 - 2012-06-02 02:22 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2013-08-08 23:04 - 2012-06-02 02:05 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2013-08-08 23:04 - 2012-06-02 02:04 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2013-08-08 23:04 - 2011-11-16 18:42 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2013-08-08 23:04 - 2011-11-16 18:41 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2013-08-08 23:04 - 2011-11-16 16:34 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2013-08-08 23:03 - 2011-02-16 18:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2013-08-08 23:03 - 2011-02-16 18:40 - 00755200 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-08-08 23:03 - 2011-02-16 18:21 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-08-08 23:03 - 2011-02-16 18:18 - 00512000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-08-08 23:03 - 2010-01-13 19:49 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll

2013-08-08 23:03 - 2010-01-13 19:34 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll

2013-08-08 23:02 - 2011-02-18 16:16 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys

2013-08-08 23:02 - 2010-12-29 21:01 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll

2013-08-08 23:02 - 2010-12-29 21:01 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll

2013-08-08 23:02 - 2010-12-29 20:59 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax

2013-08-08 23:02 - 2010-12-29 20:28 - 00322560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll

2013-08-08 23:02 - 2010-12-29 20:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbeio.dll

2013-08-08 23:02 - 2010-12-29 20:26 - 00177664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax

2013-08-08 23:00 - 2013-05-08 06:50 - 01423720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2013-08-08 23:00 - 2012-11-02 12:47 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2013-08-08 23:00 - 2012-11-02 12:19 - 01400832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2013-08-08 23:00 - 2012-11-02 12:19 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2013-08-08 23:00 - 2012-01-03 16:25 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2013-08-08 23:00 - 2009-12-08 19:55 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys

2013-08-08 22:59 - 2012-11-02 12:47 - 01794560 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2013-08-08 22:59 - 2010-09-06 20:28 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll

2013-08-08 22:59 - 2010-09-06 20:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll

2013-08-08 22:59 - 2010-09-06 20:27 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll

2013-08-08 22:59 - 2010-09-06 18:20 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll

2013-08-08 22:59 - 2010-09-06 18:19 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll

2013-08-08 22:58 - 2011-04-14 17:14 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys

2013-08-08 22:57 - 2012-05-11 18:34 - 00788480 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll

2013-08-08 22:57 - 2012-05-11 17:57 - 00623616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\localspl.dll

2013-08-08 22:56 - 2012-06-29 18:20 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll

2013-08-08 22:56 - 2012-06-29 18:01 - 00467968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll

2013-08-08 22:56 - 2011-05-02 19:16 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll

2013-08-08 22:56 - 2011-05-02 19:13 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll

2013-08-08 22:55 - 2013-03-08 06:18 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2013-08-08 22:55 - 2012-02-29 17:37 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll

2013-08-08 22:55 - 2012-02-29 17:35 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll

2013-08-08 22:55 - 2012-02-29 17:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll

2013-08-08 22:55 - 2012-02-29 17:09 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll

2013-08-08 22:55 - 2012-02-29 15:52 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys

2013-08-08 22:54 - 2012-11-08 06:26 - 01570816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll

2013-08-08 22:54 - 2012-11-08 05:48 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll

2013-08-08 22:54 - 2010-12-14 18:15 - 01251840 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe

2013-08-08 22:52 - 2011-11-18 20:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll

2013-08-08 22:52 - 2011-11-18 19:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll

2013-08-08 22:52 - 2010-01-21 17:37 - 00072192 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codeca.acm

2013-08-08 22:52 - 2010-01-21 17:05 - 00062464 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\l3codeca.acm

2013-08-08 22:52 - 2009-04-11 09:09 - 00181760 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codecp.acm

2013-08-08 22:52 - 2009-04-11 08:27 - 00220672 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\l3codecp.acm

2013-08-08 22:51 - 2010-04-16 19:07 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2013-08-08 22:51 - 2010-04-16 18:46 - 00502272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll

2013-08-08 22:50 - 2012-03-21 01:34 - 00072576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys

2013-08-08 22:46 - 2013-03-08 06:17 - 02425344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2013-08-08 22:46 - 2013-03-08 05:52 - 02067968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2013-08-08 22:45 - 2011-03-10 19:18 - 01398784 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll

2013-08-08 22:45 - 2011-03-10 19:18 - 01360384 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll

2013-08-08 22:45 - 2011-03-10 19:03 - 01162240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll

2013-08-08 22:45 - 2011-03-10 19:03 - 01136640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll

2013-08-08 22:41 - 2013-06-04 04:03 - 02775040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-08-08 22:40 - 2011-07-29 18:08 - 00375808 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll

2013-08-08 22:40 - 2011-07-29 18:08 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax

2013-08-08 22:40 - 2011-07-29 18:06 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax

2013-08-08 22:40 - 2011-07-29 18:06 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax

2013-08-08 22:40 - 2011-07-29 18:01 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll

2013-08-08 22:40 - 2011-07-29 18:01 - 00217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax

2013-08-08 22:40 - 2011-07-29 18:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax

2013-08-08 22:40 - 2011-07-29 18:00 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax

2013-08-08 22:39 - 2013-05-02 06:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll

2013-08-08 22:39 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll

2013-08-08 22:39 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printcom.dll

2013-08-08 22:38 - 2010-08-20 18:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll

2013-08-08 22:38 - 2010-08-20 18:05 - 00867328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll

2013-08-08 22:37 - 2011-03-02 18:12 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll

2013-08-08 22:37 - 2011-03-02 18:12 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll

2013-08-08 22:37 - 2011-03-02 17:44 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll

2013-08-08 22:37 - 2009-05-04 12:21 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe

2013-08-08 22:37 - 2009-05-04 11:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe

2013-08-08 22:36 - 2010-11-06 13:18 - 00855040 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll

2013-08-08 22:36 - 2010-11-06 13:18 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll

2013-08-08 22:36 - 2010-11-06 13:18 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll

2013-08-08 22:36 - 2010-11-06 13:18 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll

2013-08-08 22:36 - 2010-11-05 01:58 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe

2013-08-08 22:36 - 2010-11-04 20:55 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll

2013-08-08 22:36 - 2010-11-04 20:55 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll

2013-08-08 22:36 - 2010-11-04 18:34 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe

2013-08-08 22:34 - 2012-11-13 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2013-08-08 22:34 - 2012-11-13 03:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2013-08-08 22:34 - 2012-06-08 19:59 - 12899840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2013-08-08 22:34 - 2012-06-08 19:47 - 11586048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2013-08-08 22:33 - 2012-12-16 15:31 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2013-08-08 22:33 - 2012-12-16 15:12 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2013-08-08 22:33 - 2012-12-16 13:08 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2013-08-08 22:33 - 2012-12-16 12:50 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2013-08-08 22:33 - 2010-06-16 18:30 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2013-08-08 22:33 - 2010-06-16 17:30 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2013-08-08 22:31 - 2012-11-02 12:45 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll

2013-08-08 22:31 - 2012-11-02 12:45 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll

2013-08-08 22:31 - 2012-11-02 12:18 - 00376320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll

2013-08-08 22:31 - 2012-11-02 10:59 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe

2013-08-08 22:31 - 2012-11-02 10:26 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe

2013-08-08 21:17 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2013-08-08 21:17 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2013-08-08 21:17 - 2012-06-03 00:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2013-08-08 21:17 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2013-08-08 21:17 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2013-08-08 21:17 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2013-08-08 21:17 - 2012-06-03 00:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2013-08-08 21:17 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2013-08-08 21:17 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2013-08-08 21:17 - 2012-06-03 00:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2013-08-08 21:16 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2013-08-08 21:16 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2013-08-08 21:16 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2013-08-08 21:16 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2013-08-08 19:52 - 2013-08-08 19:52 - 00000207 _____ C:\Windows\tweaking.com-regbackup-STONED-PC-Microsoft®-Windows-Vista™-Ultimate-(64-Bit).dat

2013-08-08 19:51 - 2013-08-08 19:51 - 00000000 ____D C:\RegBackup

2013-08-08 19:19 - 2013-08-08 21:08 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE

2013-08-07 00:27 - 2013-08-07 00:27 - 00000000 ____D C:\FRST

2013-08-06 15:06 - 2013-08-06 15:06 - 03097071 _____ C:\Users\STONED\Desktop\FixDotNet20130806130604183.cab

2013-08-06 15:02 - 2013-08-06 15:02 - 01010582 ____C C:\Users\STONED\AppData\Local\dd_NET_Framework35_LangPack_MSI2657.txt

2013-08-06 15:01 - 2013-08-06 15:02 - 02377334 _____ C:\Users\STONED\AppData\Local\dd_NET_Framework35_x64_MSI25DA.txt

2013-08-06 14:35 - 2013-08-06 14:48 - 02621440 _____ C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl

2013-08-06 14:35 - 2013-08-06 14:48 - 00393216 _____ C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf

2013-08-06 14:35 - 2013-08-06 14:48 - 00065536 _____ C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx

2013-08-06 14:34 - 2013-08-06 14:48 - 02621440 _____ C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell2.etl

2013-08-06 14:34 - 2013-08-06 14:48 - 00393216 _____ C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell2.perf

2013-08-06 14:34 - 2013-08-06 14:48 - 00065536 _____ C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell2.dpx

2013-08-06 14:18 - 2013-08-06 14:18 - 00001900 _____ C:\Users\STONED\Documents\asdf.pfx

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\Graphics

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\Extended

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\Client

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\3082

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\3076

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\2070

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\2052

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1055

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1053

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1049

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1046

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1045

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1044

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1043

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1042

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1041

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1040

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1038

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1037

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1036

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1035

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1033

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1032

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1031

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1030

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1029

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1028

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1025

2013-08-06 13:47 - 2013-06-24 00:37 - 75733144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe

2013-08-06 13:43 - 2013-08-06 13:43 - 01469446 ____C C:\Users\STONED\AppData\Local\dd_NET_Framework35_LangPack_MSI69C6.txt

2013-08-06 13:42 - 2013-08-06 15:02 - 00165048 ____C C:\Users\STONED\AppData\Local\dd_dotnetfx35install_lp.txt

2013-08-06 13:42 - 2013-08-06 13:42 - 00000002 ____C C:\Users\STONED\AppData\Local\dd_dotnetfx35error_lp.txt

2013-08-06 13:41 - 2013-08-06 13:42 - 02430856 _____ C:\Users\STONED\AppData\Local\dd_NET_Framework35_x64_MSI68E4.txt

2013-08-06 13:40 - 2013-08-06 15:02 - 00525600 ____C C:\Users\STONED\AppData\Local\dd_dotnetfx35install.txt

2013-08-06 13:40 - 2013-08-06 15:02 - 00519688 ____C C:\Users\STONED\AppData\Local\dd_depcheck_NETFX_EXP_35.txt

2013-08-06 13:40 - 2013-08-06 13:40 - 00000002 ____C C:\Users\STONED\AppData\Local\dd_dotnetfx35error.txt

2013-08-03 18:09 - 2013-08-04 04:00 - 00029995 _____ C:\Users\STONED\Documents\hellosurveillance.odt

2013-08-03 17:54 - 2013-08-03 17:54 - 00000687 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Poker 770.lnk

2013-08-03 17:54 - 2013-08-03 17:54 - 00000657 _____ C:\Users\STONED\Desktop\Poker 770.lnk

2013-08-03 11:07 - 2013-08-03 18:09 - 00015804 _____ C:\Users\STONED\Documents\hellosurveillance.txt

2013-08-02 21:51 - 2013-08-02 21:51 - 00000750 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\William Hill Poker.lnk

2013-08-02 21:51 - 2013-08-02 21:51 - 00000720 _____ C:\Users\STONED\Desktop\William Hill Poker.lnk

2013-08-02 21:48 - 2013-08-02 21:48 - 00000708 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MansionPoker.lnk

2013-08-02 21:48 - 2013-08-02 21:48 - 00000678 _____ C:\Users\STONED\Desktop\MansionPoker.lnk

2013-08-02 21:45 - 2013-08-05 19:34 - 00000932 _____ C:\speederr.txt

2013-08-02 21:44 - 2013-08-02 21:44 - 00000701 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Titan Poker.lnk

2013-08-02 21:44 - 2013-08-02 21:44 - 00000695 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Titan Poker.lnk

2013-08-02 21:44 - 2013-08-02 21:44 - 00000671 _____ C:\Users\STONED\Desktop\Titan Poker.lnk

2013-08-02 21:43 - 2013-08-03 17:54 - 00000000 ____D C:\Poker

2013-08-02 08:51 - 2013-08-02 08:51 - 00000000 ____D C:\Users\STONED\AppData\Local\SCE

2013-08-02 08:45 - 2013-08-02 08:45 - 00000582 _____ C:\Users\STONED\Desktop\PlanetSide 2 PSG.lnk

2013-08-02 08:45 - 2013-08-02 08:45 - 00000582 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2 PSG.lnk

2013-08-01 22:25 - 2013-08-03 11:38 - 00012065 _____ C:\Users\STONED\Documents\verschlüsselichnicht_halloueberwachung.txt

2013-08-01 20:17 - 2013-08-01 20:17 - 00000997 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk

2013-07-27 03:53 - 2013-07-27 03:53 - 00000000 ____D C:\ProgramData\ATI

2013-07-27 03:43 - 2013-07-27 03:43 - 00000000 ____D C:\Program Files\ATI

2013-07-27 03:25 - 2013-07-27 03:25 - 05292032 _____ C:\Users\postgres\NTUSER.rhk

2013-07-27 03:01 - 2013-07-27 03:01 - 00000000 ____D C:\Windows\system32\IO

2013-07-27 02:58 - 2013-07-27 02:58 - 00003024 _____ C:\Windows\System32\Tasks\{2C8CF97C-3BF3-4AEA-9F37-7330FDD0B7E4}

2013-07-27 02:41 - 2013-07-27 02:41 - 00000000 ____D C:\Users\STONED\Documents\MyTIData

2013-07-27 02:30 - 2013-07-27 02:30 - 00276290 _____ C:\Windows\msxml4-KB2758694-deu.LOG

2013-07-27 01:33 - 2013-07-27 01:33 - 00000000 ____D C:\Users\STONED\AppData\Roaming\Avira

2013-07-27 01:26 - 2013-07-27 01:26 - 00001901 _____ C:\Users\Public\Desktop\Avira Control Center.lnk

2013-07-27 01:24 - 2013-07-25 19:26 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2013-07-27 01:24 - 2013-07-25 19:26 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2013-07-27 01:24 - 2013-07-25 19:26 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

2013-07-27 01:23 - 2013-07-27 01:26 - 00000000 ____D C:\ProgramData\Avira

2013-07-27 01:23 - 2013-07-27 01:23 - 00000000 ____D C:\Program Files (x86)\Avira

2013-07-25 22:58 - 2013-07-25 22:58 - 00002270 _____ C:\Windows\System32\Tasks\TiltBreaker

2013-07-25 22:58 - 2013-07-25 22:58 - 00001800 _____ C:\Users\Public\Desktop\Configure Tilt Breaker.lnk

2013-07-25 15:20 - 2013-07-25 15:19 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-07-25 15:20 - 2013-07-25 15:19 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-07-25 15:20 - 2013-07-25 15:19 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-07-25 15:20 - 2013-07-25 15:19 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
 

==================== One Month Modified Files and Folders =======
 

2013-08-09 12:37 - 2008-12-12 23:17 - 01642016 _____ C:\Windows\system32\PerfStringBackup.INI

2013-08-09 12:37 - 2008-01-21 12:46 - 00708232 _____ C:\Windows\system32\perfh007.dat

2013-08-09 12:37 - 2008-01-21 12:46 - 00154838 _____ C:\Windows\system32\perfc007.dat

2013-08-09 12:36 - 2008-01-21 03:53 - 01969837 _____ C:\Windows\WindowsUpdate.log

2013-08-09 12:30 - 2012-01-22 01:37 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-08-09 12:30 - 2009-12-21 17:18 - 00000534 _____ C:\Windows\Tasks\1-Klick-Wartung.job

2013-08-09 12:30 - 2006-11-02 17:40 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-08-09 12:30 - 2006-11-02 17:21 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2013-08-09 12:30 - 2006-11-02 17:21 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2013-08-09 12:30 - 2006-11-02 17:06 - 00000000 ___RD C:\Users\Public\Recorded TV

2013-08-09 05:44 - 2006-11-02 17:40 - 00032558 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2013-08-09 05:30 - 2013-08-09 03:16 - 00005616 _____ C:\Windows\iis7.log

2013-08-09 05:26 - 2006-11-02 17:06 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer

2013-08-09 05:26 - 2006-11-02 17:06 - 00000000 ____D C:\Program Files\Windows Journal

2013-08-09 05:26 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\SysWOW64\inetsrv

2013-08-09 05:26 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\system32\inetsrv

2013-08-09 05:21 - 2012-01-22 01:37 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-08-09 05:09 - 2012-07-07 13:40 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-08-09 04:47 - 2012-07-18 11:25 - 00000000 ____D C:\Users\STONED\AppData\Roaming\TS3Client

2013-08-09 04:45 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache

2013-08-09 03:59 - 2012-07-19 17:54 - 00000000 ____D C:\Users\STONED\AppData\Local\PokerStars.EU

2013-08-09 03:15 - 2006-11-02 17:21 - 02190024 _____ C:\Windows\system32\FNTCACHE.DAT

2013-08-09 03:14 - 2013-08-09 03:14 - 00004262 _____ C:\Windows\PFRO.log

2013-08-09 03:12 - 2006-11-02 17:06 - 00000000 ____D C:\Program Files\Movie Maker

2013-08-09 03:12 - 2006-11-02 15:33 - 00000000 ____D C:\Program Files\Common Files\System

2013-08-09 03:10 - 2009-06-14 21:36 - 00000000 ____D C:\Users\STONED\AppData\Local\ESL Wire Game Client

2013-08-09 02:48 - 2009-11-26 13:16 - 00000000 ____D C:\Users\STONED\AppData\Local\CrashDumps

2013-08-09 02:48 - 2009-01-24 14:01 - 00061080 _____ C:\Users\STONED\AppData\Local\GDIPFONTCACHEV1.DAT

2013-08-08 21:26 - 2012-01-22 01:37 - 00002025 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2013-08-08 21:08 - 2013-08-08 19:19 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE

2013-08-08 21:05 - 2006-11-02 14:34 - 00000356 _____ C:\Windows\win.ini

2013-08-08 19:52 - 2013-08-08 19:52 - 00000207 _____ C:\Windows\tweaking.com-regbackup-STONED-PC-Microsoft®-Windows-Vista™-Ultimate-(64-Bit).dat

2013-08-08 19:51 - 2013-08-08 19:51 - 00000000 ____D C:\RegBackup

2013-08-08 19:20 - 2009-06-03 01:42 - 00000000 ____D C:\Users\STONED\AppData\Roaming\Skype

2013-08-08 19:20 - 2009-01-26 20:18 - 00000000 ____D C:\Users\STONED\AppData\Roaming\HLSW

2013-08-07 14:26 - 2010-07-27 19:38 - 00000000 ____D C:\Users\STONED\AppData\Local\In The Money

2013-08-07 00:27 - 2013-08-07 00:27 - 00000000 ____D C:\FRST

2013-08-06 15:06 - 2013-08-06 15:06 - 03097071 _____ C:\Users\STONED\Desktop\FixDotNet20130806130604183.cab

2013-08-06 15:02 - 2013-08-06 15:02 - 01010582 ____C C:\Users\STONED\AppData\Local\dd_NET_Framework35_LangPack_MSI2657.txt

2013-08-06 15:02 - 2013-08-06 15:01 - 02377334 _____ C:\Users\STONED\AppData\Local\dd_NET_Framework35_x64_MSI25DA.txt

2013-08-06 15:02 - 2013-08-06 13:42 - 00165048 ____C C:\Users\STONED\AppData\Local\dd_dotnetfx35install_lp.txt

2013-08-06 15:02 - 2013-08-06 13:40 - 00525600 ____C C:\Users\STONED\AppData\Local\dd_dotnetfx35install.txt

2013-08-06 15:02 - 2013-08-06 13:40 - 00519688 ____C C:\Users\STONED\AppData\Local\dd_depcheck_NETFX_EXP_35.txt

2013-08-06 14:48 - 2013-08-06 14:35 - 02621440 _____ C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl

2013-08-06 14:48 - 2013-08-06 14:35 - 00393216 _____ C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf

2013-08-06 14:48 - 2013-08-06 14:35 - 00065536 _____ C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx

2013-08-06 14:48 - 2013-08-06 14:34 - 02621440 _____ C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell2.etl

2013-08-06 14:48 - 2013-08-06 14:34 - 00393216 _____ C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell2.perf

2013-08-06 14:48 - 2013-08-06 14:34 - 00065536 _____ C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell2.dpx

2013-08-06 14:18 - 2013-08-06 14:18 - 00001900 _____ C:\Users\STONED\Documents\asdf.pfx

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\Graphics

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\Extended

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\Client

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\3082

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\3076

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\2070

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\2052

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1055

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1053

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1049

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1046

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1045

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1044

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1043

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1042

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1041

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1040

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1038

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1037

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1036

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1035

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1033

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1032

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1031

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1030

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1029

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1028

2013-08-06 14:16 - 2013-08-06 14:16 - 00000000 ____D C:\1025

2013-08-06 13:43 - 2013-08-06 13:43 - 01469446 ____C C:\Users\STONED\AppData\Local\dd_NET_Framework35_LangPack_MSI69C6.txt

2013-08-06 13:42 - 2013-08-06 13:42 - 00000002 ____C C:\Users\STONED\AppData\Local\dd_dotnetfx35error_lp.txt

2013-08-06 13:42 - 2013-08-06 13:41 - 02430856 _____ C:\Users\STONED\AppData\Local\dd_NET_Framework35_x64_MSI68E4.txt

2013-08-06 13:40 - 2013-08-06 13:40 - 00000002 ____C C:\Users\STONED\AppData\Local\dd_dotnetfx35error.txt

2013-08-06 13:29 - 2012-04-03 14:44 - 00047417 _____ C:\blitzerr.txt

2013-08-06 13:29 - 2012-04-03 11:02 - 00000000 ____D C:\Users\STONED\AppData\Roaming\HoldemManager

2013-08-06 04:19 - 2009-11-28 05:14 - 00000000 ____D C:\Users\STONED\AppData\Roaming\mIRC

2013-08-05 19:34 - 2013-08-02 21:45 - 00000932 _____ C:\speederr.txt

2013-08-04 13:25 - 2012-04-03 11:07 - 00000000 ____D C:\HM2Archive

2013-08-04 04:00 - 2013-08-03 18:09 - 00029995 _____ C:\Users\STONED\Documents\hellosurveillance.odt

2013-08-03 18:09 - 2013-08-03 11:07 - 00015804 _____ C:\Users\STONED\Documents\hellosurveillance.txt

2013-08-03 17:54 - 2013-08-03 17:54 - 00000687 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Poker 770.lnk

2013-08-03 17:54 - 2013-08-03 17:54 - 00000657 _____ C:\Users\STONED\Desktop\Poker 770.lnk

2013-08-03 17:54 - 2013-08-02 21:43 - 00000000 ____D C:\Poker

2013-08-03 11:38 - 2013-08-01 22:25 - 00012065 _____ C:\Users\STONED\Documents\verschlüsselichnicht_halloueberwachung.txt

2013-08-02 21:51 - 2013-08-02 21:51 - 00000750 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\William Hill Poker.lnk

2013-08-02 21:51 - 2013-08-02 21:51 - 00000720 _____ C:\Users\STONED\Desktop\William Hill Poker.lnk

2013-08-02 21:48 - 2013-08-02 21:48 - 00000708 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MansionPoker.lnk

2013-08-02 21:48 - 2013-08-02 21:48 - 00000678 _____ C:\Users\STONED\Desktop\MansionPoker.lnk

2013-08-02 21:44 - 2013-08-02 21:44 - 00000701 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Titan Poker.lnk

2013-08-02 21:44 - 2013-08-02 21:44 - 00000695 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Titan Poker.lnk

2013-08-02 21:44 - 2013-08-02 21:44 - 00000671 _____ C:\Users\STONED\Desktop\Titan Poker.lnk

2013-08-02 21:41 - 2010-08-31 01:30 - 00000000 ____D C:\Betfair

2013-08-02 17:00 - 2010-10-17 18:09 - 00183312 _____ (<Turtle Entertainment>) C:\Windows\system32\Drivers\ESLWireACD.sys

2013-08-02 08:51 - 2013-08-02 08:51 - 00000000 ____D C:\Users\STONED\AppData\Local\SCE

2013-08-02 08:45 - 2013-08-02 08:45 - 00000582 _____ C:\Users\STONED\Desktop\PlanetSide 2 PSG.lnk

2013-08-02 08:45 - 2013-08-02 08:45 - 00000582 _____ C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2 PSG.lnk

2013-08-01 20:17 - 2013-08-01 20:17 - 00000997 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk

2013-08-01 20:16 - 2009-01-24 18:49 - 00000000 ____D C:\Program Files (x86)\TeamViewer

2013-07-28 21:34 - 2012-05-20 00:48 - 00000584 _____ C:\Windows\Tasks\Norton Security Scan for STONED.job

2013-07-28 18:00 - 2012-05-20 00:48 - 00003566 _____ C:\Windows\System32\Tasks\Norton Security Scan for STONED

2013-07-27 03:53 - 2013-07-27 03:53 - 00000000 ____D C:\ProgramData\ATI

2013-07-27 03:52 - 2011-08-13 04:58 - 00000000 ____D C:\ProgramData\AMD

2013-07-27 03:44 - 2009-01-24 14:47 - 00000000 ___HD C:\Users\STONED\AppData\Local\ATI

2013-07-27 03:44 - 2009-01-24 14:47 - 00000000 ____D C:\Users\STONED\AppData\Roaming\ATI

2013-07-27 03:44 - 2009-01-24 14:01 - 00000000 ____D C:\Users\STONED

2013-07-27 03:43 - 2013-07-27 03:43 - 00000000 ____D C:\Program Files\ATI

2013-07-27 03:25 - 2013-07-27 03:25 - 05292032 _____ C:\Users\postgres\NTUSER.rhk

2013-07-27 03:25 - 2009-01-25 00:31 - 00000000 ____D C:\Users\postgres

2013-07-27 03:01 - 2013-07-27 03:01 - 00000000 ____D C:\Windows\system32\IO

2013-07-27 02:58 - 2013-07-27 02:58 - 00003024 _____ C:\Windows\System32\Tasks\{2C8CF97C-3BF3-4AEA-9F37-7330FDD0B7E4}

2013-07-27 02:58 - 2009-01-24 14:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2013-07-27 02:53 - 2012-05-11 15:56 - 00000000 ____D C:\Program Files (x86)\RobotSoft

2013-07-27 02:42 - 2012-10-12 16:51 - 00000000 ____D C:\Program Files (x86)\Gaming Mouse

2013-07-27 02:42 - 2012-05-11 14:30 - 00000000 ____D C:\Program Files (x86)\Ghost Mouse Auto Clicker

2013-07-27 02:42 - 2010-04-10 17:33 - 00001298 _____ C:\Users\Public\Desktop\TI Connect.lnk

2013-07-27 02:41 - 2013-07-27 02:41 - 00000000 ____D C:\Users\STONED\Documents\MyTIData

2013-07-27 02:39 - 2009-05-04 18:10 - 00000000 ____D C:\ProgramData\TechSmith

2013-07-27 02:36 - 2011-06-28 22:59 - 00000000 ____D C:\Users\STONED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCsoft

2013-07-27 02:34 - 2012-05-11 15:56 - 00000000 ____D C:\Users\STONED\Documents\RobotSoft

2013-07-27 02:30 - 2013-07-27 02:30 - 00276290 _____ C:\Windows\msxml4-KB2758694-deu.LOG

2013-07-27 02:30 - 2009-10-14 17:00 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0

2013-07-27 01:33 - 2013-07-27 01:33 - 00000000 ____D C:\Users\STONED\AppData\Roaming\Avira

2013-07-27 01:31 - 2012-07-21 21:24 - 00000000 ____D C:\Program Files (x86)\Ray Adams

2013-07-27 01:29 - 2010-06-04 15:16 - 00001356 ____C C:\Users\STONED\AppData\Local\d3d9caps.dat

2013-07-27 01:26 - 2013-07-27 01:26 - 00001901 _____ C:\Users\Public\Desktop\Avira Control Center.lnk

2013-07-27 01:26 - 2013-07-27 01:23 - 00000000 ____D C:\ProgramData\Avira

2013-07-27 01:23 - 2013-07-27 01:23 - 00000000 ____D C:\Program Files (x86)\Avira

2013-07-27 01:19 - 2012-05-08 17:55 - 00000000 ____D C:\Program Files (x86)\Tilt Breaker

2013-07-25 23:11 - 2012-04-14 19:31 - 00000000 ____D C:\Users\STONED\AppData\Local\TiltBreaker

2013-07-25 23:03 - 2012-04-03 11:02 - 00000561 _____ C:\Users\Public\Desktop\HoldemManager2.lnk

2013-07-25 22:58 - 2013-07-25 22:58 - 00002270 _____ C:\Windows\System32\Tasks\TiltBreaker

2013-07-25 22:58 - 2013-07-25 22:58 - 00001800 _____ C:\Users\Public\Desktop\Configure Tilt Breaker.lnk

2013-07-25 19:26 - 2013-07-27 01:24 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2013-07-25 19:26 - 2013-07-27 01:24 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2013-07-25 19:26 - 2013-07-27 01:24 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

2013-07-25 16:49 - 2012-10-01 22:18 - 00000727 _____ C:\Users\Public\Desktop\ESL Wire.lnk

2013-07-25 16:49 - 2009-06-14 21:36 - 00000000 ____D C:\Program Files\EslWire

2013-07-25 15:19 - 2013-07-25 15:20 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-07-25 15:19 - 2013-07-25 15:20 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-07-25 15:19 - 2013-07-25 15:20 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-07-25 15:19 - 2013-07-25 15:20 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-07-25 15:19 - 2012-07-14 18:37 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll

2013-07-25 15:19 - 2011-07-07 13:21 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll

2013-07-25 15:19 - 2009-02-03 20:18 - 00000000 ____D C:\Program Files (x86)\Java

2013-07-25 10:17 - 2012-06-11 16:35 - 00012125 _____ C:\Users\STONED\Documents\lebenslauf.odt

2013-07-25 01:09 - 2009-05-14 16:32 - 00000000 ____D C:\Program Files (x86)\PokerStars

2013-07-24 21:09 - 2012-07-07 13:40 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-07-24 21:09 - 2012-07-07 13:40 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2013-07-24 21:09 - 2011-06-20 17:54 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-07-24 20:16 - 2012-01-22 01:37 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2013-07-24 20:16 - 2012-01-22 01:37 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
 

Files to move or delete:

====================

C:\Users\STONED\EasyAntiCheat.exe
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-08-09 12:36
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-08-2013

Ran by STONED at 2013-08-09 12:38:41

Running from F:\Download

Boot Mode: Normal

==========================================================
 
 

==================== Installed Programs =======================
 

   

4PL-Insight! (x32)

Adobe AIR (x32 Version: 3.1.0.4880)

Adobe Anchor Service CS3 (x32 Version: 1.0)

Adobe Asset Services CS3 (x32 Version: 3)

Adobe Bridge CS3 (x32 Version: 2)

Adobe Bridge Start Meeting (x32 Version: 1.0)

Adobe Camera Raw 4.0 (x32 Version: 4.0)

Adobe CMaps (x32 Version: 1.0)

Adobe Color - Photoshop Specific (x32 Version: 1.0)

Adobe Color Common Settings (x32 Version: 1.0)

Adobe Color EU Extra Settings (x32 Version: 1.0)

Adobe Color JA Extra Settings (x32 Version: 1.0)

Adobe Color NA Recommended Settings (x32 Version: 1.0)

Adobe Default Language CS3 (x32 Version: 1.0)

Adobe Device Central CS3 (x32 Version: 1.0)

Adobe ExtendScript Toolkit 2 (x32 Version: 2.0)

Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)

Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)

Adobe Fonts All (x32 Version: 1.0)

Adobe Help Viewer CS3 (x32 Version: 1)

Adobe Linguistics CS3 (x32 Version: 3.0.0)

Adobe PDF Library Files (x32 Version: 8.0)

Adobe Photoshop CS3 (x32 Version: 10)

Adobe Photoshop CS3 (x32 Version: 10.0)

Adobe Reader 9.2 - Deutsch (x32 Version: 9.2.0)

Adobe Setup (x32 Version: 1.0)

Adobe Shockwave Player 11.6 (x32 Version: 11.6.3.633)

Adobe Stock Photos CS3 (x32 Version: 1.5)

Adobe Type Support (x32 Version: 1.0)

Adobe Update Manager CS3 (x32 Version: 5.1.0)

Adobe Version Cue CS3 Client (x32 Version: 3)

Adobe WinSoft Linguistics Plugin (x32 Version: 1.0)

Adobe XMP Panels CS3 (x32 Version: 1.0)

Alien Swarm (x32)

AMD APP SDK Runtime (Version: 10.0.937.2)

AMD Catalyst Install Manager (Version: 8.0.877.0)

AMD Fuel (Version: 2011.1205.2215.39827)

AMD Fuel (Version: 2012.1116.1515.27190)

AMD VISION Engine Control Center (x32 Version: 2011.1205.2215.39827)

Ask Toolbar Updater (HKCU Version: 1.2.2.23821)

Auditorium (x32)

Avira Free Antivirus (x32 Version: 13.0.0.3885)

AVM FRITZ!Box USB-Fernanschluss (HKCU Version: 2.2.1.0)

Battlefield Bad Company 2 - BETA (x32 Version: 1.0.0.1)

Battlefield: Bad Company 2 (x32)

Battlefield: Bad Company™ 2 (x32 Version: 1.0.0.0)

Betfair Poker (x32)

bwin Poker (x32)

Cake Poker (x32)

Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version: 1.4)

Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32)

Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6)

Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32)

Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7)

Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32)

Camtasia Studio 7 (x32 Version: 7.1.0)

Catalyst Control Center - Branding (x32 Version: 1.00.0000)

Catalyst Control Center (x32 Version: 2012.1116.1515.27190)

Catalyst Control Center Graphics Previews Common (x32 Version: 2011.1205.2215.39827)

Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1116.1515.27190)

Catalyst Control Center InstallProxy (x32 Version: 2012.0704.122.388)

Catalyst Control Center InstallProxy (x32 Version: 2012.1116.1515.27190)

Catalyst Control Center Localization All (x32 Version: 2011.1205.2215.39827)

Catalyst Control Center Localization All (x32 Version: 2012.1116.1515.27190)

CCC Help Chinese Standard (x32 Version: 2011.1205.2214.39827)

CCC Help Chinese Standard (x32 Version: 2012.1116.1514.27190)

CCC Help Chinese Traditional (x32 Version: 2011.1205.2214.39827)

CCC Help Chinese Traditional (x32 Version: 2012.1116.1514.27190)

CCC Help Czech (x32 Version: 2011.1205.2214.39827)

CCC Help Czech (x32 Version: 2012.1116.1514.27190)

CCC Help Danish (x32 Version: 2011.1205.2214.39827)

CCC Help Danish (x32 Version: 2012.1116.1514.27190)

CCC Help Dutch (x32 Version: 2011.1205.2214.39827)

CCC Help Dutch (x32 Version: 2012.1116.1514.27190)

CCC Help English (x32 Version: 2011.1205.2214.39827)

CCC Help English (x32 Version: 2012.1116.1514.27190)

CCC Help Finnish (x32 Version: 2011.1205.2214.39827)

CCC Help Finnish (x32 Version: 2012.1116.1514.27190)

CCC Help French (x32 Version: 2011.1205.2214.39827)

CCC Help French (x32 Version: 2012.1116.1514.27190)

CCC Help German (x32 Version: 2011.1205.2214.39827)

CCC Help German (x32 Version: 2012.1116.1514.27190)

CCC Help Greek (x32 Version: 2011.1205.2214.39827)

CCC Help Greek (x32 Version: 2012.1116.1514.27190)

CCC Help Hungarian (x32 Version: 2011.1205.2214.39827)

CCC Help Hungarian (x32 Version: 2012.1116.1514.27190)

CCC Help Italian (x32 Version: 2011.1205.2214.39827)

CCC Help Italian (x32 Version: 2012.1116.1514.27190)

CCC Help Japanese (x32 Version: 2011.1205.2214.39827)

CCC Help Japanese (x32 Version: 2012.1116.1514.27190)

CCC Help Korean (x32 Version: 2011.1205.2214.39827)

CCC Help Korean (x32 Version: 2012.1116.1514.27190)

CCC Help Norwegian (x32 Version: 2011.1205.2214.39827)

CCC Help Norwegian (x32 Version: 2012.1116.1514.27190)

CCC Help Polish (x32 Version: 2011.1205.2214.39827)

CCC Help Polish (x32 Version: 2012.1116.1514.27190)

CCC Help Portuguese (x32 Version: 2011.1205.2214.39827)

CCC Help Portuguese (x32 Version: 2012.1116.1514.27190)

CCC Help Russian (x32 Version: 2011.1205.2214.39827)

CCC Help Russian (x32 Version: 2012.1116.1514.27190)

CCC Help Spanish (x32 Version: 2011.1205.2214.39827)

CCC Help Spanish (x32 Version: 2012.1116.1514.27190)

CCC Help Swedish (x32 Version: 2011.1205.2214.39827)

CCC Help Swedish (x32 Version: 2012.1116.1514.27190)

CCC Help Thai (x32 Version: 2011.1205.2214.39827)

CCC Help Thai (x32 Version: 2012.1116.1514.27190)

CCC Help Turkish (x32 Version: 2011.1205.2214.39827)

CCC Help Turkish (x32 Version: 2012.1116.1514.27190)

ccc-utility64 (Version: 2011.1205.2215.39827)

ccc-utility64 (Version: 2012.1116.1515.27190)

Command and Conquer 4: Tiberian Twilight (x32)

ConvertHelper 2.2 (x32)

Corel Shell Extension - 64Bit (Version: 14.0)

CorelDRAW Graphics Suite X4 - Capture (x32 Version: 14.2)

CorelDRAW Graphics Suite X4 - Content (x32 Version: 14.2)

CorelDRAW Graphics Suite X4 - Draw (x32 Version: 14.2)

CorelDRAW Graphics Suite X4 - Filters (x32 Version: 14.2)

CorelDRAW Graphics Suite X4 - FontNav (x32 Version: 14.2)

CorelDRAW Graphics SUite X4 - ICA (x32 Version: 14.2)

CorelDRAW Graphics Suite X4 - IPM (x32 Version: 14.2)

CorelDRAW Graphics Suite X4 - Lang DE (x32 Version: 14.2)

CorelDRAW Graphics Suite X4 - PP (x32 Version: 14.2)

CorelDRAW Graphics Suite X4 - VBA (x32 Version: 14.2)

CorelDRAW Graphics Suite X4 (x32 Version: 14.2)

CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (x32 Version: 1.1)

CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (x32)

Counter-Strike (x32)

Counter-Strike: Global Offensive - SDK (x32)

Counter-Strike: Global Offensive (x32)

Counter-Strike: Source (x32)

Counter-Strike: Source Beta (x32)

Creative Live! Cam Video IM Pro Driver (1.03.02.00)

Day of Defeat: Source (x32)

Dell AIO Printer A920

DH Driver Cleaner Professional Edition (x32 Version: Version 1.5)

Diablo III (x32 Version: 1.0.8.16603)

DivX Setup (x32 Version: 1.0.1.4)

EPSON Scan (x32)

ESL Wire 1.17.2

Fallen Earth (x32)

Fax Solutions

FaxRedist (x32 Version: 1.0.0)

FGCL Anti-Cheat version 1.004 (Version: 1.004)

flatex-Trader (HKCU)

Fraps (remove only) (x32)

GameSpy Comrade (x32 Version: 3.2.16.235)

GetDataBack for NTFS (x32 Version: 4.25.000)

Ghostbusters (TM): The Video Game (x32 Version: 1.00.0000)

Google Chrome (x32 Version: 28.0.1500.95)

Google Update Helper (x32 Version: 1.3.21.153)

grepWin x64 (Version: 1.5.430)

Heroes of Newerth (x32 Version: 1.0.16)

HLSW v1.3.1 (x32)

Holdem Manager (x32 Version: 1.07)

Holdem Manager 2

Holdem Manager 2 (x32)

HTML2TXT 4.1 (x32)

ICM Trainer (x32 Version: 1.0.0)

ICM Trainer Light (x32 Version: 1.1)

ID HWMonitor 1.17

Imperialism II (x32)

IrfanView (remove only) (x32 Version: 4.32)

Java 7 Update 25 (x32 Version: 7.0.250)

Java Auto Updater (x32 Version: 2.1.9.5)

Java(TM) 6 Update 29 (x32 Version: 6.0.290)

Java(TM) 6 Update 30 (64-bit) (Version: 6.0.300)

Java(TM) 6 Update 31 (x32 Version: 6.0.310)

Java(TM) SE Development Kit 6 Update 17 (x32 Version: 1.6.0.170)

JavaFX 2.1.1 (x32 Version: 2.1.1)

JGsoft RegexMagic 1.1.0 (x32 Version: 1.1.0)

join.me (HKCU Version: 1.3.1.429)

Just Great Software RegexBuddy 3 v.3.5.0 (x32 Version: v.3.5.0)

Killing Floor (x32)

League of Legends (x32 Version: 1.02.0000)

Left 4 Dead (x32)

Left 4 Dead 2 (x32)

Madballs in... Babo:Invasion (x32)

MansionPoker (x32)

MetaTrader 4.00 (x32 Version: 4.00)

Microsoft .NET Framework 3.5 Language Pack SP1 - DEU

Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)

Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)

Microsoft Games for Windows - LIVE  (x32 Version: 2.0.687.0)

Microsoft Games for Windows - LIVE Redistributable (x32 Version: 2.0.687.0)

Microsoft Help Viewer 1.0 (Version: 1.0.30319)

Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319)

Microsoft SQL Server 2005 (x32)

Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) (x32 Version: 9.2.3042.00)

Microsoft SQL Server 2012 T-SQL Language Service  (Version: 11.0.2100.60)

Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0)

Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0)

Microsoft SQL Server Native Client (Version: 9.00.3042.00)

Microsoft SQL Server VSS Writer (Version: 9.00.3042.00)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (x32 Version: 9.0.30729.4974)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)

Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.30319)

Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (Version: 10.0.30319)

mIRC (HKCU Version: 7.19)

Moon Breakers (x32)

Mozilla Firefox (3.0.19) (x32 Version: 3.0.19 (de))

Mozilla Firefox (3.6.10) (x32 Version: 3.6.10 (de))

Mozilla Firefox (3.6.11) (x32 Version: 3.6.11 (de))

Mozilla Firefox (3.6.12) (x32 Version: 3.6.12 (de))

Mozilla Firefox (3.6.13) (x32 Version: 3.6.13 (de))

Mozilla Firefox (3.6.14) (x32 Version: 3.6.14 (de))

Mozilla Firefox (3.6.15) (x32 Version: 3.6.15 (de))

Mozilla Firefox (3.6.16) (x32 Version: 3.6.16 (de))

Mozilla Firefox (3.6.17) (x32 Version: 3.6.17 (de))

Mozilla Firefox (3.6.6) (x32 Version: 3.6.6 (de))

Mozilla Firefox (3.6.7) (x32 Version: 3.6.7 (de))

Mozilla Firefox (3.6.8) (x32 Version: 3.6.8 (de))

Mozilla Firefox (3.6.9) (x32 Version: 3.6.9 (de))

Mozilla Firefox 4.0.1 (x86 de) (x32 Version: 4.0.1)

Mozilla Firefox 5.0 (x86 de) (x32 Version: 5.0)

Mozilla Firefox 6.0 (x86 de) (x32 Version: 6.0)

Mozilla Firefox 6.0.1 (x86 de) (x32 Version: 6.0.1)

Mozilla Firefox 6.0.2 (x86 de) (x32 Version: 6.0.2)

Mozilla Firefox 7.0.1 (x86 de) (x32 Version: 7.0.1)

Mozilla Firefox 9.0.1 (x86 de) (x32 Version: 9.0.1)

Mozilla Thunderbird (3.1) (x32 Version: 3.1 (de))

Mozilla Thunderbird (3.1.1) (x32 Version: 3.1.1 (de))

Mozilla Thunderbird (3.1.2) (x32 Version: 3.1.2 (de))

MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)

MSXML 4.0 SP2 and SOAP Toolkit 3.0 (x32 Version: 1.0.0.0)

MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)

Mumble and Murmur (x32 Version: 1.1.8)

MySQL Connector/ODBC 5.1 (Version: 5.1.11)

MySQL Server 5.5 (Version: 5.5.24)

NetLimiter 2 Monitor (remove only) (x32)

Nightly 15.0a1 (x64 en-US) (Version: 15.0a1)

Norton Internet Security (x32 Version: 17.9.0.12)

Norton Security Scan (x32 Version: 2.3.0.44)

NoteCaddy (x32 Version: 1.0.5)

Nvu 1.0 (x32 Version: 1.0)

O&O UnErase (Version: 6.0.1857)

Octoshape Streaming Services (HKCU)

OpenOffice.org 3.0 (x32 Version: 3.0.9358)

p.i.c.s. Rätsel-Generator (x32)

Pacific Poker (x32)

Patrician IV: Steam Special Edition (x32)

PDF Settings (x32 Version: 1.0)

PDF24 Creator 4.6.0 (x32)

PlanetSide 2 (HKCU Version: 1.0.3.183)

Poker 770 (x32)

Poker Evolution Equilab (HKCU)

Pokerazor 1.36 (x32 Version: 1.36)

PokerStars (x32)

PokerStrategy Equilator (x32 Version: 1.7)

PokerStrategy.com Elephant (x32 Version: 0.90.30913.03)

PokerStrategy.com Equilab (x32 Version: 1.2.6.0)

Portal 2 (x32)

PostgreSQL 8.3 (x32 Version: 8.3)

QuoteCompiler (HKCU Version: 1.0.1.16)

QuoteCompiler CFD (HKCU Version: 0.0.0.26)

Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (x32 Version: 1.00.0000)

Realtek High Definition Audio Driver (x32 Version: 6.0.1.5772)

SeaMonkey (2.9) (x32 Version: 2.9 (de))

Security Task Manager 1.7f (x32 Version: 1.7f)

Serious Sam 3: BFE (x32)

Serious Sam HD: The First Encounter (x32)

Serious Sam: The Second Encounter (x32)

SitNGo Wizard (x32)

Skype™ 5.8 (x32 Version: 5.8.158)

Spelling Dictionaries Support For Adobe Reader 9 (x32 Version: 9.0.0)

Spybot - Search & Destroy (x32 Version: 1.6.2)

StarCraft II (x32 Version: 1.3.6.19269)

Steam (x32 Version: 1.0.0.0)

StudNET Login Client (x32 Version: 4.1)

swMSM (x32 Version: 12.0.0.1)

TableNinja (x32 Version: 1.2.126)

TableNinja (x32 Version: 1.2.128)

Talkative IRC 0.4.4.16 (x32)

Taskbar Shuffle 64-bit version 2.5 (Version: 2.5)

Team Fortress 2 (x32)

TeamSpeak 3 Client (HKCU Version: 3.0.11.1)

TeamViewer 8 (x32 Version: 8.0.19617)

The Guild II - Pirates of the European Seas (x32)

The Guild II (x32)

TI Connect 1.6 (x32 Version: 1.6.0)

Tilt Breaker (x32)

Titan Poker (x32)

TmNationsForever (x32)

TuneUp Utilities 2009 (x32 Version: 8.0.3310.3)

Tunngle beta (x32)

Ultra Document To Text Converter 2.0 (x32)

Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (x32 Version: 9.00.3042.00)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (x32 Version: 1)

URL Snooper v2.30.01 (x32)

VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0)

Visual Basic for Applications (R) Core - English (x32 Version: 6.4.99.69)

Visual Basic for Applications (R) Core - German (x32 Version: 6.4.99.69)

Visual Basic for Applications (R) Core (x32 Version: 6.4.99.69)

VLC media player 0.9.8a (x32 Version: 0.9.8a)

William Hill Poker (x32)

WinAutomation (Version: 3.1.6.676)

WinAutomation (x32)

Windosill (x32)

WinPcap 4.1.2 (x32 Version: 4.1.0.2001)

WinRAR (x32)

WinZip 12.1 (x32 Version: 12.1.8519)

Wise Registry Cleaner 7.52 (x32)

WM Recorder 14 (x32 Version: 14.0)

X-ray Anti-Cheat (x32 Version: 1.5.500)

Xvid 1.2.2 final uninstall (x32 Version: 1.2)

YAWLE 0.5b (x32)

Yontoo 1.10.02 (Version: 1.10.02)
 

==================== Restore Points  =========================
 
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {08F2CA14-1E39-4A42-A17C-35880D34C80E} - System32\Tasks\Symantec\Symantec Error Analyzer 17.9.0.12 => C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\SymErr.exe [2011-09-20] (Symantec Corporation)

Task: {2E2CD212-4815-4A39-BEBE-D24E6DF73041} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.)

Task: {44C307AF-BFB2-4477-99A0-799EFFF84CAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-22] (Google Inc.)

Task: {487AD553-FBC3-481D-8437-F607AC6A32A6} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe No File

Task: {598E05CF-DA93-4C03-AECC-FF464B88A7C9} - System32\Tasks\1-Klick-Wartung => C:\Program Files (x86)\TuneUp Utilities 2009\OneClickStarter.exe [2009-11-16] (TuneUp Software GmbH)

Task: {5A90BA10-B9A7-40F6-B0D8-A9AB197800FB} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)

Task: {5BCFA926-77CB-4BDE-AA90-99718BBBC7CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-22] (Google Inc.)

Task: {6B39F061-33C3-48CB-9D7F-53ABA0D3C4E7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-24] (Adobe Systems Incorporated)

Task: {70266ED4-E4B0-4F72-8C78-658DB551FDB8} - System32\Tasks\{C8FE5F23-0DDE-4934-BC5F-92EC3D7E8F7E} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-02-29] (Skype Technologies S.A.)

Task: {9475DD97-BB54-4FD8-A31A-032B4833F6AA} - System32\Tasks\Microsoft\Windows\MobilePC\TMM

Task: {96AEFDB3-0EB1-4382-A564-85A711F1876A} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)

Task: {AA105019-BFFB-4713-B627-81B47F4419F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages

Task: {C0B38178-CA76-4475-90EB-B2F41221156B} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI

Task: {C184AC88-BE2D-4400-8DAD-0335DC0C1DA1} - System32\Tasks\TiltBreaker => C:\Program Files (x86)\Tilt Breaker\rundll32.exe [2013-06-14] ()

Task: {C28278BF-1ABF-4595-BB2A-15201DDF25E3} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()

Task: {C41E9FD5-A5DB-4DEF-9715-E4F7BAFEE730} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)

Task: {D1849F70-8D65-4263-957C-27FD3AAE933A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)

Task: {D7C21D44-80DC-4F5C-AE72-8A6F1B379122} - System32\Tasks\Symantec\Symantec Error Processor 17.9.0.12 => C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\SymErr.exe [2011-09-20] (Symantec Corporation)

Task: {EF6BBEFD-CFFC-4064-8483-25B1D1E140A2} - System32\Tasks\Norton Security Scan for STONED => C:\Program Files (x86)\Norton Security Scan\Norton Security Scan\Engine\2.3.0.44\Nss.exe [2012-05-20] (Symantec Corporation)

Task: C:\Windows\Tasks\1-Klick-Wartung.job => C:\Program Files (x86)\TuneUp Utilities 2009\OneClickStarter.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\Norton Security Scan for STONED.job => C:\Program Files (x86)\Norton Security Scan\Norton Security Scan\Engine\2.3.0.44\Nss.exe
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (08/09/2013 00:32:57 PM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/09/2013 00:32:56 PM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/09/2013 00:32:51 PM) (Source: Application Error) (User: )

Description: Fehlerhafte Anwendung rundll32.exe, Version 1.708.1.0, Zeitstempel 0x51bb0631, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x00000000,

Prozess-ID 0xb48, Anwendungsstartzeit rundll32.exe0.
 

Error: (08/09/2013 05:33:24 AM) (Source: Application Error) (User: )

Description: Fehlerhafte Anwendung rundll32.exe, Version 1.708.1.0, Zeitstempel 0x51bb0631, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x00000000,

Prozess-ID 0xa60, Anwendungsstartzeit rundll32.exe0.
 

Error: (08/09/2013 05:32:52 AM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/09/2013 05:32:31 AM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/09/2013 05:30:55 AM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/09/2013 05:30:54 AM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/09/2013 05:26:42 AM) (Source: Application Error) (User: )

Description: Fehlerhafte Anwendung Fuel.Service.exe, Version 1.0.0.0, Zeitstempel 0x50a6a1b0, fehlerhaftes Modul Device.dll, Version 4.1.0.0, Zeitstempel 0x4f55e10b, Ausnahmecode 0xc0000005, Fehleroffset 0x00000000000033c1,

Prozess-ID 0x64c, Anwendungsstartzeit Fuel.Service.exe0.
 

Error: (08/09/2013 03:25:47 AM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 
 

System errors:

=============

Error: (08/09/2013 00:31:09 PM) (Source: DCOM) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (08/09/2013 00:30:42 PM) (Source: Service Control Manager) (User: )

Description: atitray

i8042prt

vflt
 

Error: (08/09/2013 00:30:42 PM) (Source: Service Control Manager) (User: )

Description: AODDriver4.1%%2
 

Error: (08/09/2013 00:30:30 PM) (Source: Service Control Manager) (User: )

Description: Net.Tcp-ListeneradapterNet.Tcp-Portfreigabedienst%%1058
 

Error: (08/09/2013 00:30:30 PM) (Source: Service Control Manager) (User: )

Description: Net.Msmq-Listeneradaptermsmq
 

Error: (08/09/2013 00:30:30 PM) (Source: Service Control Manager) (User: )

Description: AODDriver4.1%%2
 

Error: (08/09/2013 00:28:59 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)

Description: 
 

Error: (08/09/2013 05:40:07 AM) (Source: DCOM) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (08/09/2013 05:30:08 AM) (Source: DCOM) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (08/09/2013 05:29:53 AM) (Source: Service Control Manager) (User: )

Description: AODDriver4.1%%2
 
 

Microsoft Office Sessions:

=========================

Error: (08/09/2013 00:32:57 PM) (Source: .NET Runtime Optimization Service)(User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/09/2013 00:32:56 PM) (Source: .NET Runtime Optimization Service)(User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/09/2013 00:32:51 PM) (Source: Application Error)(User: )

Description: rundll32.exe1.708.1.051bb0631unknown0.0.0.000000000c000000500000000b4801ce94eb6d94ac6a
 

Error: (08/09/2013 05:33:24 AM) (Source: Application Error)(User: )

Description: rundll32.exe1.708.1.051bb0631unknown0.0.0.000000000c000000500000000a6001ce94b0ddfc5e34
 

Error: (08/09/2013 05:32:52 AM) (Source: .NET Runtime Optimization Service)(User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/09/2013 05:32:31 AM) (Source: .NET Runtime Optimization Service)(User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/09/2013 05:30:55 AM) (Source: .NET Runtime Optimization Service)(User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/09/2013 05:30:54 AM) (Source: .NET Runtime Optimization Service)(User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 

Error: (08/09/2013 05:26:42 AM) (Source: Application Error)(User: )

Description: Fuel.Service.exe1.0.0.050a6a1b0Device.dll4.1.0.04f55e10bc000000500000000000033c164c01ce949dfd7e1fb2
 

Error: (08/09/2013 03:25:47 AM) (Source: .NET Runtime Optimization Service)(User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.
 
 

CodeIntegrity Errors:

===================================

  Date: 2013-08-09 12:29:21.609

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2013-08-09 12:29:21.515

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2013-08-09 05:28:17.140

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2013-08-09 05:28:17.046

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2013-08-09 03:14:51.109

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2013-08-09 03:14:51.062

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2013-08-08 21:10:23.078

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2013-08-08 21:10:23.046

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2013-08-08 19:32:31.125

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2013-08-08 19:32:31.093

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 48%

Total physical RAM: 4094.38 MB

Available physical RAM: 2121.13 MB

Total Pagefile: 8399.24 MB

Available Pagefile: 6078.16 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:59.06 GB) (Free:4.4 GB) NTFS (Disk=0 Partition=1) ==>[Drive with boot components (obtained from BCD)]

Drive d: (Games) (Fixed) (Total:196.29 GB) (Free:21.09 GB) NTFS (Disk=0 Partition=2)

Drive e: (Programme) (Fixed) (Total:78.12 GB) (Free:28 GB) NTFS (Disk=0 Partition=3)

Drive f: (Multimedia) (Fixed) (Total:262.7 GB) (Free:36.03 GB) NTFS (Disk=0 Partition=4)
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: 6201F2D7)

Partition 1: (Active) - (Size=59 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=196 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=78 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=263 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

stand eigentlich in dem ersten log irgendwas drin das suspiscious war?
bzw in dem hier?

also microsoft net 4.0 konnt ich jetz installieren .