| |
| |||||||
Log-Analyse und Auswertung: Verdacht auf spywareWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
31.05.2013, 11:42
| #1 |
 |  Verdacht auf spyware hallo mein pc ist wieder einmal super langsam besonders beim surfen daher bin ich mir ziemlich sicher wieder etwas engefangen zu haben. Habe mit kaspersky , malwarebytes und spyware doctor scan drueber laufen lassen wurde nichts gefunden . nun habe ich ne analyse mit otl.exe gemacht. kann m ir jemand weiterhelfen ? OTL logfile created on: 5/31/2013 1:04:30 AM - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy 3.86 Gb Total Physical Memory | 2.17 Gb Available Physical Memory | 56.06% Memory free 7.73 Gb Paging File | 6.01 Gb Available in Paging File | 77.73% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 463.16 Gb Total Space | 393.26 Gb Free Space | 84.91% Space Free | Partition Type: NTFS Drive D: | 100.00 Mb Total Space | 80.12 Mb Free Space | 80.12% Space Free | Partition Type: NTFS Drive F: | 488.34 Mb Total Space | 480.36 Mb Free Space | 98.37% Space Free | Partition Type: FAT Computer Name: XXX-PC | User Name: xxx | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/05/15 11:16:20 | 000,813,448 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_202_ActiveX.exe PRC - [2013/05/12 02:42:57 | 000,216,968 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe PRC - [2013/02/28 16:46:56 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe PRC - [2013/02/01 12:23:06 | 002,674,488 | ---- | M] (Orbitdownloader.com) -- C:\Program Files (x86)\Orbitdownloader\orbitdm.exe PRC - [2012/12/16 03:40:55 | 000,308,368 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe PRC - [2012/12/16 00:15:02 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012/11/22 11:50:02 | 000,166,424 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe PRC - [2012/11/13 14:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe PRC - [2012/11/13 14:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe PRC - [2012/11/13 14:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe PRC - [2012/11/13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe PRC - [2012/11/12 06:56:12 | 000,605,920 | ---- | M] (Orbitdownloader.com) -- C:\Program Files (x86)\Orbitdownloader\orbitnet.exe PRC - [2012/10/05 22:57:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\downloads\OTL.exe PRC - [2012/04/25 10:27:00 | 001,328,976 | ---- | M] (Comfort Software Group) -- C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe PRC - [2010/11/30 15:46:04 | 000,155,648 | ---- | M] () -- C:\Users\xxx\Desktop\remapper\KeyRemapper.exe PRC - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe PRC - [2009/09/25 01:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe PRC - [2009/07/04 04:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe ========== Modules (No Company Name) ========== MOD - [2013/02/01 12:19:06 | 000,397,312 | ---- | M] () -- C:\Program Files (x86)\Orbitdownloader\wtlctrl.dll MOD - [2012/11/13 15:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl MOD - [2012/11/13 15:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl MOD - [2012/11/13 15:06:28 | 000,554,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl MOD - [2012/11/13 14:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl MOD - [2012/11/13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl MOD - [2010/11/30 15:46:04 | 000,155,648 | ---- | M] () -- C:\Users\xxx\Desktop\remapper\KeyRemapper.exe MOD - [2010/11/30 15:46:02 | 000,090,112 | ---- | M] () -- C:\Users\xxx\Desktop\remapper\KeyTools.dll ========== Services (SafeList) ========== SRV:64bit: - [2012/12/27 22:58:04 | 009,115,064 | ---- | M] (Cerberus, LLC) [Disabled | Stopped] -- C:\Program Files\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe -- (Cerberus FTP Server) SRV:64bit: - [2009/12/10 11:15:06 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009/11/02 13:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV:64bit: - [2009/09/30 15:44:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009/07/04 04:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV:64bit: - [2009/03/28 04:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio) SRV - [2013/05/30 21:56:57 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013/05/04 01:35:30 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2013/02/28 19:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013/02/28 16:46:56 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe -- (AVP) SRV - [2013/01/28 14:19:28 | 002,402,080 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2012/12/16 00:15:02 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012/12/13 17:57:20 | 001,004,216 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe -- (AcuWVSSchedulerv8) SRV - [2012/11/22 11:50:02 | 000,166,424 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate) SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/10/01 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2009/10/01 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2009/09/25 01:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2009/09/11 07:42:46 | 000,305,448 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService) SRV - [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service) SRV - [2009/07/10 03:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/06/05 05:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013/05/31 00:20:21 | 000,620,128 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:64bit: - [2013/05/31 00:20:21 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps) DRV:64bit: - [2013/05/31 00:20:21 | 000,055,056 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi) DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2013/02/28 16:46:50 | 000,029,528 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt) DRV:64bit: - [2013/02/28 16:46:50 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt) DRV:64bit: - [2013/01/05 00:22:16 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2013/01/05 00:22:16 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012/09/12 16:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2012/08/02 15:09:34 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6) DRV:64bit: - [2012/06/19 17:28:12 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1) DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/07/01 10:46:40 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/07/01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV:64bit: - [2009/12/10 13:40:30 | 006,179,328 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009/11/06 22:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009/11/02 13:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2009/10/26 22:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2009/09/18 06:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009/09/17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2009/08/13 21:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:64bit: - [2009/08/06 14:43:58 | 000,320,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:64bit: - [2009/07/23 00:06:26 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/25 04:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2009/06/20 04:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) DRV:64bit: - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/06/10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/06/05 04:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009/06/03 05:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009/06/03 05:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009/06/03 05:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2009/05/06 02:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2009/05/06 02:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV - [2013/05/30 23:55:14 | 000,061,440 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\twhrx.sys -- (bibk) DRV - [2012/11/16 16:51:26 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2010/11/01 07:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=foxtab&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBzztC0FyB0F0C0EtC0E0ByEtN0D0Tzu0SyEzyzytN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu1L1C1F1G1H1B1QtDyE&cr=443540607&ir= IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{621051FE-C129-2873-AF1E-0F657515E40B}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=foxtab&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBzztC0FyB0F0C0EtC0E0ByEtN0D0Tzu0SyEzyzytN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu1L1C1F1G 1H1B1QtDyE&cr=443540607&ir= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27361212d206l04c8z135t64n1c413 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=foxtab&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBzztC0FyB0F0C0EtC0E0ByEtN0D0Tzu0SyEzyzytN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu1L1C1F1G1H1B1QtDyE&cr=443540607&ir= IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{5EB38D1B-7650-2FAF-40E1-3F0D56E2CE46}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=foxtab&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBzztC0FyB0F0C0EtC0E0ByEtN0D0Tzu0SyEzyzytN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu1L1C1F1G 1H1B1QtDyE&cr=443540607&ir= IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=122471&tt=gc_&babsrc=SP_ss&mntrId=86D900FF781F7FCE IE - HKCU\..\SearchScopes\{621051FE-C129-2873-AF1E-0F657515E40B}: "URL" = hxxp://www2.delta-search.com/?q={searchTerms}&affID=119722&babsrc=SP_ss&mntrId=86D900FF781F7FCE IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_enAT514AT514 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 193.17.184.49:3128 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\geomind.it/DbMap3dFlyer: C:\Program Files (x86)\Abaco\DbMAP 3D Flyer Plugin\npGeoFlyerPlugin.dll (Geomind Srl) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.com [2013/05/31 00:21:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.com [2013/05/31 00:21:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.com [2013/05/31 00:21:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files (x86)\Mozilla Sunbird\components [2013/04/16 11:44:22 | 000,000,000 | ---D | M] [2013/04/16 11:41:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\Mozilla\Extensions [2013/04/16 11:41:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\Mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28} [2013/05/30 22:14:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\extensions [2013/05/29 22:12:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions [2013/05/14 19:03:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins [2013/04/16 11:41:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\Mozilla\Sunbird\Profiles\46togg47.default\extensions [2012/11/15 19:30:12 | 000,214,020 | ---- | M] () (No name found) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\socksharedownloader@socksharedownloader.com.xpi [2013/05/30 22:46:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2013/05/30 22:46:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2013/05/30 22:08:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2013/05/30 22:08:36 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: hxxp://www.delta-search.com/?affID=122471&tt=gc_&babsrc=HP_ss&mntrId=86D900FF781F7FCE CHR - Extension: No name found = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190\ CHR - Extension: No name found = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190\ CHR - Extension: No name found = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4190\ CHR - Extension: No name found = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\ CHR - Extension: No name found = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.0_0\ CHR - Extension: No name found = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\8.0.1_0\ O1 HOSTS File: ([2013/05/30 22:34:50 | 000,000,727 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 order.tune-up.com O1 - Hosts: 127.0.0.1 tune-up.com O1 - Hosts: 127.0.0.1 tune-up.com/order O1 - Hosts: 127.0.0.1 registertuneup.com O1 - Hosts: 127.0.0.1 download.tune-up.de O1 - Hosts: 127.0.0.1 download.tune-up.com O1 - Hosts: 127.0.0.1 secure.tune-up.com O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 tuneup.de O1 - Hosts: 127.0.0.1 avg.com O1 - Hosts: 127.0.0.1 swi.tune-up.com O1 - Hosts: 127.0.0.1 SMARTTERRA.EU O1 - Hosts: 127.0.0.1 www.order.tune-up.com O1 - Hosts: 127.0.0.1 www.tune-up.com O1 - Hosts: 127.0.0.1 www.tune-up.com/order O1 - Hosts: 127.0.0.1 www.registertuneup.com O1 - Hosts: 127.0.0.1 www.download.tune-up.de O1 - Hosts: 127.0.0.1 hxxp://www.download.tune-up.com...une-up.com O1 - Hosts: 127.0.0.1 www.secure.tune-up.com O1 - Hosts: 127.0.0.1 www.localhost O1 - Hosts: 127.0.0.1 www.tuneup.de O1 - Hosts: 127.0.0.1 www.avg.com O1 - Hosts: 127.0.0.1 www.swi.tune-up.com O1 - Hosts: 127.0.0.1 www.SMARTTERRA.EU O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.) O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll () O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) O4 - HKCU..\Run: [FreeAC] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group) O4 - HKCU..\Run: [KeyMapperStarup] C:\Users\xxx\Desktop\remapper\KeyRemapper.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{781F7FCE-9191-43FF-BB1E-BB8D52FD7A0B}: DhcpNameServer = 10.11.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7C765FB2-B5CD-4ECC-AAD4-CC634A98DAE7}: DhcpNameServer = 10.0.0.138 10.0.0.138 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8936117A-1C21-4F49-97FA-C55038146620}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (xxc:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll) - File not found O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/05/31 00:18:47 | 000,000,000 | ---D | C] -- C:\3673823e69bbcab4d05efa266a2fb7 [2013/05/30 23:50:07 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\RK_Quarantine [2013/05/30 23:33:38 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013/05/30 23:18:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2013 [2013/05/30 23:17:09 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll [2013/05/30 23:14:26 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP [2013/05/30 23:14:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab [2013/05/30 23:14:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2013/05/30 23:13:09 | 000,620,128 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys [2013/05/30 23:13:09 | 000,090,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys [2013/05/30 23:09:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files [2013/05/30 22:57:58 | 000,000,000 | ---D | C] -- C:\ProgramData\WRData [2013/05/30 22:53:20 | 000,035,104 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2013/05/30 22:53:18 | 000,026,400 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2013/05/30 22:53:17 | 000,021,792 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2013/05/30 22:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013 [2013/05/30 22:52:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013 [2013/05/30 22:51:49 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2013/05/30 22:46:20 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker [2013/05/30 22:46:20 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker [2013/05/30 22:46:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2013/05/30 22:46:17 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Babylon [2013/05/30 22:08:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013/05/30 22:06:05 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging [2013/05/30 22:03:04 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\QuickScan [2013/05/30 22:01:37 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender [2013/05/30 21:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender [2013/05/30 21:58:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bitdefender [2013/05/30 21:37:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared [2013/05/30 21:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2013/05/30 21:31:11 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2013/05/29 10:50:32 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\hydrobotanik [2013/05/24 15:50:35 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\pflanzenphysio [2013/05/22 20:07:17 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\bk [2013/05/11 17:19:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins [2013/05/11 17:19:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions [2013/05/08 22:12:00 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\TOOL MAKROPHYTEN [2013/05/05 22:54:09 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\foobar2000 [2013/05/05 22:54:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\foobar2000 [2013/05/05 18:29:48 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\vitality [2009/11/05 05:33:04 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/05/31 01:04:26 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/05/31 01:04:26 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/05/31 00:56:44 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/05/31 00:54:54 | 000,427,192 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/05/31 00:54:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/05/31 00:53:53 | 3111,518,208 | -HS- | M] () -- C:\hiberfil.sys [2013/05/31 00:48:04 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/05/31 00:38:09 | 000,654,322 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/05/31 00:38:09 | 000,121,888 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/05/31 00:21:28 | 000,784,900 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/05/31 00:20:21 | 000,620,128 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys [2013/05/31 00:20:21 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kneps.sys [2013/05/31 00:20:21 | 000,090,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys [2013/05/31 00:20:21 | 000,055,056 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kltdi.sys [2013/05/31 00:19:12 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2013/05/31 00:16:27 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/05/30 23:55:14 | 000,061,440 | ---- | M] () -- C:\Windows\SysWow64\drivers\twhrx.sys [2013/05/30 23:49:27 | 000,764,746 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013/05/30 23:30:54 | 000,001,258 | ---- | M] () -- C:\Users\xxx\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2013/05/30 23:17:12 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Anti-Virus 2013.lnk [2013/05/30 22:53:12 | 000,002,209 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2013/05/30 22:53:12 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk [2013/05/30 22:34:50 | 000,000,727 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013/05/30 22:33:45 | 000,222,181 | ---- | M] () -- C:\ProgramData\1369945946.bdinstall.bin [2013/05/30 22:07:44 | 000,481,048 | ---- | M] () -- C:\ProgramData\1369944087.bdinstall.bin [2013/05/30 22:06:33 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf [2013/05/30 22:00:10 | 000,000,116 | ---- | M] () -- C:\Users\Public\Desktop\NortonIdentifySafe.url [2013/05/29 22:09:24 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013/05/29 22:05:08 | 000,632,031 | ---- | M] () -- C:\Users\xxx\Desktop\adwcleaner.exe [2013/05/29 21:34:51 | 000,280,792 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2013/05/29 21:34:51 | 000,280,792 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2013/05/29 21:18:12 | 000,281,032 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2013/05/27 18:44:32 | 000,001,085 | ---- | M] () -- C:\Users\xxx\Desktop\Tennis Elbow 2013.lnk [2013/05/24 13:48:51 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013/05/15 11:44:09 | 000,014,022 | ---- | M] () -- C:\Windows\wininit.ini [2013/05/14 19:03:33 | 000,000,217 | ---- | M] () -- C:\Users\Public\Desktop\Online Games.url [2013/05/06 11:48:36 | 020,545,161 | ---- | M] () -- C:\Users\xxx\Desktop\Hammer_Bros-Sleep_Forever-EP-2010-GRAVEWISH.rar [2013/05/06 11:27:42 | 015,325,230 | ---- | M] () -- C:\Users\xxx\Desktop\Hammer_Bros_-_ii_ep__2005_.rar [2013/05/06 11:26:44 | 006,841,150 | ---- | M] () -- C:\Users\xxx\Desktop\Hammer_Bros_-_7____2004_.rar [2013/05/06 11:26:10 | 019,381,669 | ---- | M] () -- C:\Users\xxx\Desktop\We Do What We Want!.rar [2013/05/05 22:54:03 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\foobar2000.lnk [2013/05/05 18:27:25 | 035,539,240 | ---- | M] () -- C:\Users\xxx\Desktop\The Vitality.rar [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/05/30 23:55:14 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\twhrx.sys [2013/05/30 23:18:26 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Anti-Virus 2013.lnk [2013/05/30 22:53:12 | 000,002,209 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2013/05/30 22:53:12 | 000,002,201 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk [2013/05/30 22:53:12 | 000,002,189 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk [2013/05/30 22:40:34 | 000,427,192 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/05/30 22:33:45 | 000,222,181 | ---- | C] () -- C:\ProgramData\1369945946.bdinstall.bin [2013/05/30 22:07:44 | 000,481,048 | ---- | C] () -- C:\ProgramData\1369944087.bdinstall.bin [2013/05/30 22:06:33 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf [2013/05/30 22:00:10 | 000,000,116 | ---- | C] () -- C:\Users\Public\Desktop\NortonIdentifySafe.url [2013/05/14 19:03:33 | 000,000,217 | ---- | C] () -- C:\Users\Public\Desktop\Online Games.url [2013/05/06 11:47:15 | 020,545,161 | ---- | C] () -- C:\Users\xxx\Desktop\Hammer_Bros-Sleep_Forever-EP-2010-GRAVEWISH.rar [2013/05/06 11:26:30 | 015,325,230 | ---- | C] () -- C:\Users\xxx\Desktop\Hammer_Bros_-_ii_ep__2005_.rar [2013/05/06 11:26:08 | 006,841,150 | ---- | C] () -- C:\Users\xxx\Desktop\Hammer_Bros_-_7____2004_.rar [2013/05/06 11:24:51 | 019,381,669 | ---- | C] () -- C:\Users\xxx\Desktop\We Do What We Want!.rar [2013/05/05 22:54:03 | 000,001,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk [2013/05/05 22:54:03 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\foobar2000.lnk [2013/05/05 18:24:55 | 035,539,240 | ---- | C] () -- C:\Users\xxx\Desktop\The Vitality.rar [2013/01/27 00:29:55 | 000,000,201 | ---- | C] () -- C:\Users\xxx\SecurityKISSTunnel.config [2013/01/04 22:28:33 | 000,764,746 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/12/14 23:19:54 | 000,280,792 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012/12/14 23:19:53 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012/12/14 15:49:40 | 000,014,022 | ---- | C] () -- C:\Windows\wininit.ini [2012/12/13 22:35:38 | 000,001,743 | ---- | C] () -- C:\Windows\WPatchProgress.ini [2012/12/13 14:11:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012/12/13 05:32:42 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll [2012/12/13 05:32:42 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe [2012/12/13 05:32:42 | 000,020,480 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe [2012/12/13 05:32:42 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini ========== ZeroAccess Check ========== [2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013/05/30 22:46:17 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Babylon [2013/03/19 20:35:18 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Betraiser [2013/01/05 15:58:14 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Cerberus LLC [2013/05/30 19:43:15 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\foobar2000 [2013/03/05 22:55:06 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\GrabPro [2013/01/05 00:00:12 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\IObit [2013/01/05 16:34:50 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\JDownloaderPackages [2013/01/04 22:24:19 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\MiponyDownloadManagerPackages [2013/05/30 23:31:22 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Opera [2013/05/31 01:09:42 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Orbit [2013/03/11 21:14:07 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\PacificPoker [2013/03/05 22:55:07 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ProgSense [2013/05/30 22:03:04 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\QuickScan [2012/12/14 15:50:15 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\TuneUp Software [2013/05/30 22:42:13 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\uTorrent [2012/12/15 17:06:45 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Windows Live Writer ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA @Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:F297470E < End of report > |
|
31.05.2013, 12:09
| #2 |
| /// the machine /// TB-Ausbilder    | Verdacht auf spyware Hi,
__________________Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Systemscan mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32bit oder FRST 64bit (Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
__________________ |
|
31.05.2013, 12:42
| #3 |
| | Verdacht auf spyware AdwCleaner Logfile:
__________________Code:
ATTFilter # AdwCleaner v2.301 - Logfile created 05/31/2013 at 13:41:52
# Updated 16/05/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : xxx - XXX-PC
# Boot Mode : Normal
# Running from : C:\Users\xxx\Desktop\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
***** [Registry] *****
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\Software\DataMngr
***** [Internet Browsers] *****
-\\ Internet Explorer v10.0.9200.16576
[OK] Registry is clean.
-\\ Google Chrome v27.0.1453.94
File : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Preferences
Found [l.27] : keyword = "babylon.com",
Found [l.31] : search_url = "hxxp://www.delta-search.com/?q={searchTerms}&affID=122471&tt=gc_&babsrc=SP_ss&mntrId=86D900FF781F7FCE",
Found [l.2146] : homepage = "hxxp://www.delta-search.com/?affID=122471&tt=gc_&babsrc=HP_ss&mntrId=86D900FF781F7FCE",
Found [l.2394] : urls_to_restore_on_startup = [ "hxxp://www.delta-search.com/?affID=122471&tt=gc_&babsrc=HP_ss&mntrId=86D900FF781F7FCE" ]
*************************
AdwCleaner[R10].txt - [2007 octets] - [04/04/2013 21:03:50]
AdwCleaner[R11].txt - [2068 octets] - [05/04/2013 20:42:46]
AdwCleaner[R12].txt - [10722 octets] - [28/05/2013 22:53:09]
AdwCleaner[R13].txt - [2357 octets] - [29/05/2013 22:05:18]
AdwCleaner[R14].txt - [2359 octets] - [30/05/2013 21:30:30]
AdwCleaner[R15].txt - [1648 octets] - [31/05/2013 13:41:52]
AdwCleaner[R1].txt - [1902 octets] - [14/12/2012 20:14:26]
AdwCleaner[R2].txt - [1962 octets] - [14/12/2012 20:14:41]
AdwCleaner[R3].txt - [2875 octets] - [04/01/2013 22:46:48]
AdwCleaner[R4].txt - [2656 octets] - [04/01/2013 23:47:24]
AdwCleaner[R5].txt - [2716 octets] - [04/01/2013 23:47:33]
AdwCleaner[R6].txt - [10791 octets] - [06/01/2013 16:27:08]
AdwCleaner[R7].txt - [2151 octets] - [21/01/2013 18:19:42]
AdwCleaner[R8].txt - [2458 octets] - [26/03/2013 11:49:44]
AdwCleaner[R9].txt - [1947 octets] - [03/04/2013 16:24:29]
AdwCleaner[S1].txt - [2144 octets] - [14/12/2012 20:14:58]
AdwCleaner[S2].txt - [2816 octets] - [04/01/2013 23:47:39]
AdwCleaner[S3].txt - [10929 octets] - [06/01/2013 16:27:20]
AdwCleaner[S4].txt - [2235 octets] - [21/01/2013 18:19:57]
AdwCleaner[S5].txt - [2534 octets] - [26/03/2013 11:50:05]
AdwCleaner[S6].txt - [10770 octets] - [28/05/2013 22:53:29]
AdwCleaner[S7].txt - [2418 octets] - [29/05/2013 22:05:39]
########## EOF - C:\AdwCleaner[R15].txt - [2672 octets] ##########
Junkware Removal Tool (JRT) by Thisisu Version: 4.9.4 (05.06.2013:1) OS: Windows 7 Home Premium x64 Ran by xxx on 31.05.2013 at 13:31:39,12 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr_toolbar Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasmancs Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\datamngr Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{621051FE-C129-2873-AF1E-0F657515E40B} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\babylon" Successfully deleted: [Folder] "C:\Users\xxx\AppData\Roaming\babylon" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 31.05.2013 at 13:36:14,80 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-05-2013 01 Ran by xxx (administrator) on 31-05-2013 13:44:16 Running from C:\Users\xxx\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe (Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Piotr Pawlowski) C:\Program Files (x86)\foobar2000\foobar2000.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\system32\taskmgr.exe (Microsoft Corporation) C:\Windows\System32\osk.exe () C:\Users\xxx\Desktop\remapper\KeyRemapper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Users\xxx\Desktop\adwcleaner.exe ==================== Registry (Whitelisted) ================== HKCU\...\Run: [KeyMapperStarup] C:\Users\xxx\Desktop\remapper\KeyRemapper.exe /background [155648 2010-11-30] () HKCU\...\Run: [FreeAC] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun [1328976 2012-04-25] (Comfort Software Group) HKCU\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18678376 2013-04-19] (Skype Technologies S.A.) HKCU\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-11-05] (Google Inc.) HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-20] (Microsoft Corporation) HKLM-x32\...\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe" [356376 2013-02-28] (Kaspersky Lab ZAO) HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation) HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [154144 2009-12-16] () HKU\Default User\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [154144 2009-12-16] () ==================== Internet (Whitelisted) ==================== ProxyServer: 193.17.184.49:3128 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=foxtab&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBzztC0FyB0F0C0EtC0E0ByEtN0D0Tzu0SyEzyzytN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu1L1C1F1G 1H1B1QtDyE&cr=443540607&ir= SearchScopes: HKLM-x32 - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=foxtab&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBzztC0FyB0F0C0EtC0E0ByEtN0D0Tzu0SyEzyzytN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu1L1C1F1G 1H1B1QtDyE&cr=443540607&ir= BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKLM-x32 - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll () Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\zztp6u1e.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: geomind.it/DbMap3dFlyer - C:\Program Files (x86)\Abaco\DbMAP 3D Flyer Plugin\npGeoFlyerPlugin.dll (Geomind Srl) Chrome: ======= CHR HomePage: hxxp://www.delta-search.com/?affID=122471&tt=gc_&babsrc=HP_ss&mntrId=86D900FF781F7FCE CHR RestoreOnStartup: "hxxp://www.delta-search.com/?affID=122471&tt=gc_&babsrc=HP_ss&mntrId=86D900FF781F7FCE" CHR DefaultSearchURL: (Delta Search) - hxxp://www.delta-search.com/?q={searchTerms}&affID=122471&tt=gc_&babsrc=SP_ss&mntrId=86D900FF781F7FCE CHR DefaultSuggestURL: (Delta Search) - "suggest_url": "" CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (DbMap3dFlyer) - C:\Program Files (x86)\Abaco\DbMAP 3D Flyer Plugin\npGeoFlyerPlugin.dll (Geomind Srl) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (Advanced SystemCare 6 Opera Plugin) - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll (IObit) CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll No File CHR Extension: (Kaspersky URL Advisor) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0 CHR Extension: (Content Blocker) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0 CHR Extension: (Virtual Keyboard) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0 CHR Extension: (Socksharedownloader) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.0_0 ==================== Services (Whitelisted) ================= S4 AcuWVSSchedulerv8; C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe [1004216 2012-12-13] () S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [356376 2013-02-28] (Kaspersky Lab ZAO) R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [166424 2012-11-22] (Microsoft Corp.) S4 Cerberus FTP Server; C:\Program Files\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe [9115064 2012-12-27] (Cerberus, LLC) S4 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-12-16] () S4 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software) ==================== Drivers (Whitelisted) ==================== R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [620128 2013-05-31] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29016 2013-02-28] (Kaspersky Lab) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29528 2013-02-28] (Kaspersky Lab) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55056 2013-05-31] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-05-31] (Kaspersky Lab ZAO) S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software) R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] () S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org) S0 bibk; system32\drivers\twhrx.sys [x] S0 flizp; system32\drivers\rfdzf.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-05-31 13:44 - 2013-05-31 13:44 - 00000000 ____D C:\FRST 2013-05-31 13:43 - 2013-05-31 13:43 - 01915980 ____A (Farbar) C:\Users\xxx\Downloads\FRST64.exe 2013-05-31 13:41 - 2013-05-31 13:41 - 00002742 ____A C:\AdwCleaner[R15].txt 2013-05-31 13:36 - 2013-05-31 13:36 - 00001966 ____A C:\Users\xxx\Desktop\JRT.txt 2013-05-31 13:31 - 2013-05-31 13:31 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\xxx\Downloads\JRT.exe 2013-05-31 13:31 - 2013-05-31 13:31 - 00000000 ____D C:\Windows\ERUNT 2013-05-31 13:31 - 2013-05-31 13:31 - 00000000 ____D C:\JRT 2013-05-31 11:15 - 2013-05-31 11:15 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-05-31 11:15 - 2013-05-31 11:15 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-05-31 11:15 - 2013-05-31 11:15 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-05-31 11:15 - 2013-05-31 11:15 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-05-31 11:15 - 2013-05-31 11:15 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-05-31 11:15 - 2013-05-31 11:15 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat 2013-05-31 11:15 - 2013-05-31 11:15 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec 2013-05-31 11:15 - 2013-05-31 11:15 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-05-31 11:15 - 2013-05-31 11:15 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx 2013-05-31 11:15 - 2013-05-31 11:15 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-05-31 11:15 - 2013-05-31 11:15 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-05-31 11:14 - 2013-05-31 11:14 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-05-31 11:11 - 2013-05-31 11:18 - 00007827 ____A C:\Windows\IE10_main.log 2013-05-31 01:12 - 2013-05-31 01:12 - 00061440 ____A C:\Windows\SysWOW64\Drivers\rfdzf.sys 2013-05-31 01:12 - 2013-05-31 01:12 - 00000050 ____A C:\mhtwlnht.txt 2013-05-31 00:22 - 2013-05-31 00:22 - 00602112 ____A (OldTimer Tools) C:\Users\xxx\Downloads\OTL.exe 2013-05-31 00:18 - 2013-05-31 00:38 - 00000000 ____D C:\3673823e69bbcab4d05efa266a2fb7 2013-05-30 23:55 - 2013-05-30 23:55 - 00061440 ____A C:\Windows\SysWOW64\Drivers\twhrx.sys 2013-05-30 23:55 - 2013-05-30 23:55 - 00000050 ____A C:\Program Files (x86)\cdgjx.txt 2013-05-30 23:50 - 2013-05-30 23:50 - 00000000 ____D C:\Users\xxx\Desktop\RK_Quarantine 2013-05-30 23:32 - 2013-05-30 23:32 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2013-05-30 23:32 - 2013-05-30 23:32 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2013-05-30 23:22 - 2013-04-10 08:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys 2013-05-30 23:22 - 2013-04-10 08:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys 2013-05-30 23:22 - 2012-11-20 07:48 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll 2013-05-30 23:22 - 2012-11-20 06:51 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2013-05-30 23:22 - 2012-11-01 07:43 - 02002432 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll 2013-05-30 23:22 - 2012-11-01 07:43 - 01882624 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll 2013-05-30 23:22 - 2012-11-01 06:47 - 01389568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2013-05-30 23:22 - 2012-11-01 06:47 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2013-05-30 23:22 - 2011-02-03 13:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll 2013-05-30 23:20 - 2013-02-27 08:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe 2013-05-30 23:20 - 2013-02-27 07:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll 2013-05-30 23:20 - 2013-02-27 07:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll 2013-05-30 23:20 - 2013-02-27 07:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll 2013-05-30 23:20 - 2013-02-27 07:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll 2013-05-30 23:20 - 2013-02-27 06:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-05-30 23:20 - 2013-02-27 06:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2013-05-30 23:20 - 2013-02-27 06:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-05-30 23:20 - 2013-01-04 07:46 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll 2013-05-30 23:20 - 2013-01-04 06:51 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-05-30 23:20 - 2013-01-04 04:47 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-05-30 23:20 - 2013-01-04 04:47 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-05-30 23:20 - 2013-01-04 04:47 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-05-30 23:20 - 2013-01-04 04:47 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-05-30 23:19 - 2013-01-03 08:00 - 01913192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys 2013-05-30 23:19 - 2013-01-03 08:00 - 00288088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS 2013-05-30 23:18 - 2013-05-30 23:17 - 00001115 ____A C:\Users\Public\Desktop\Kaspersky Anti-Virus 2013.lnk 2013-05-30 23:18 - 2013-04-12 16:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys 2013-05-30 23:18 - 2013-04-10 05:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2013-05-30 23:18 - 2013-02-12 06:12 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys 2013-05-30 23:18 - 2012-11-23 05:13 - 00068608 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe 2013-05-30 23:17 - 2013-02-28 16:46 - 00064856 ____A (Kaspersky Lab) C:\Windows\System32\klfphc.dll 2013-05-30 23:17 - 2012-11-09 07:45 - 00750592 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll 2013-05-30 23:17 - 2012-11-09 06:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2013-05-30 23:16 - 2013-03-19 08:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2013-05-30 23:16 - 2013-03-19 07:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll 2013-05-30 23:16 - 2013-03-19 07:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-05-30 23:16 - 2013-03-19 07:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-05-30 23:16 - 2013-03-19 06:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2013-05-30 23:16 - 2013-03-19 05:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe 2013-05-30 23:14 - 2013-05-31 12:44 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-05-30 23:14 - 2013-05-30 23:14 - 00000000 ____D C:\Windows\ELAMBKUP 2013-05-30 23:14 - 2013-05-30 23:14 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab 2013-05-30 23:13 - 2013-05-31 00:20 - 00620128 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\klif.sys 2013-05-30 23:13 - 2013-05-31 00:20 - 00090208 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\klflt.sys 2013-05-30 23:09 - 2013-05-30 23:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2013-05-30 22:57 - 2013-05-30 22:57 - 00000000 ____D C:\ProgramData\WRData 2013-05-30 22:53 - 2013-05-30 22:53 - 00002209 ____A C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk 2013-05-30 22:53 - 2013-05-30 22:53 - 00002189 ____A C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk 2013-05-30 22:53 - 2013-01-28 14:19 - 00035104 ____A (TuneUp Software) C:\Windows\System32\TURegOpt.exe 2013-05-30 22:53 - 2013-01-28 14:19 - 00026400 ____A (TuneUp Software) C:\Windows\System32\authuitu.dll 2013-05-30 22:53 - 2013-01-28 14:19 - 00021792 ____A (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll 2013-05-30 22:52 - 2013-05-30 22:53 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013 2013-05-30 22:51 - 2013-05-30 22:52 - 00000000 ____D C:\ProgramData\TuneUp Software 2013-05-30 22:46 - 2013-05-30 22:46 - 00000000 ____D C:\Program Files\Unlocker 2013-05-30 22:40 - 2013-05-31 00:54 - 00427192 ____A C:\Windows\System32\FNTCACHE.DAT 2013-05-30 22:40 - 2013-05-31 00:50 - 00681754 ____A C:\Windows\PFRO.log 2013-05-30 22:34 - 2013-05-30 22:34 - 00000727 ____A C:\Windows\System32\Drivers\etc\hosts.txt 2013-05-30 22:33 - 2013-05-30 22:33 - 00222181 ____A C:\ProgramData\1369945946.bdinstall.bin 2013-05-30 22:17 - 2013-05-30 22:17 - 28211040 ____A (TuneUp Software) C:\Users\xxx\Downloads\TuneUpUtilities2013_3020de-DE.exe 2013-05-30 22:08 - 2013-05-30 23:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-05-30 22:07 - 2013-05-30 22:07 - 00481048 ____A C:\ProgramData\1369944087.bdinstall.bin 2013-05-30 22:06 - 2013-05-31 11:53 - 00000691 ____A C:\Windows\setupact.log 2013-05-30 22:06 - 2013-05-30 22:06 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_avchv_01009.Wdf 2013-05-30 22:06 - 2013-05-30 22:06 - 00000000 ____D C:\ProgramData\BDLogging 2013-05-30 22:06 - 2013-05-30 22:06 - 00000000 ____A C:\Windows\setuperr.log 2013-05-30 22:06 - 2007-04-11 11:11 - 00511328 ____A (Microsoft Corporation) C:\Windows\capicom.dll 2013-05-30 22:03 - 2013-05-30 22:03 - 00000000 ____D C:\Users\xxx\AppData\Roaming\QuickScan 2013-05-30 22:01 - 2013-05-30 22:40 - 00000000 ____D C:\Program Files\Bitdefender 2013-05-30 22:00 - 2013-05-30 22:00 - 00000116 ____A C:\Users\Public\Desktop\NortonIdentifySafe.url 2013-05-30 21:59 - 2013-05-30 22:33 - 00000000 ____D C:\Program Files\Common Files\Bitdefender 2013-05-30 21:58 - 2013-05-30 21:58 - 02451720 ____A C:\Users\xxx\Downloads\bitdefender_antivirus.exe 2013-05-30 21:55 - 2013-05-30 21:55 - 00111288 ____A C:\Users\xxx\AppData\Local\GDIPFONTCACHEV1.DAT 2013-05-30 21:31 - 2013-05-30 22:40 - 00000000 ____D C:\ProgramData\Norton 2013-05-30 21:30 - 2013-05-30 21:30 - 00002359 ____A C:\AdwCleaner[R14].txt 2013-05-29 22:05 - 2013-05-29 22:05 - 00002418 ____A C:\AdwCleaner[S7].txt 2013-05-29 22:05 - 2013-05-29 22:05 - 00002357 ____A C:\AdwCleaner[R13].txt 2013-05-29 10:50 - 2013-05-29 20:50 - 00000000 ____D C:\Users\xxx\Desktop\hydrobotanik 2013-05-28 22:53 - 2013-05-28 22:53 - 00010770 ____A C:\AdwCleaner[S6].txt 2013-05-28 22:53 - 2013-05-28 22:53 - 00010722 ____A C:\AdwCleaner[R12].txt 2013-05-24 15:50 - 2013-05-24 15:50 - 00000000 ____D C:\Users\xxx\Desktop\pflanzenphysio 2013-05-22 20:07 - 2013-05-24 15:57 - 00000000 ____D C:\Users\xxx\Desktop\bk 2013-05-14 19:06 - 2013-05-14 19:10 - 273098621 ____A C:\Users\xxx\Downloads\Next.Door.German.2005.DVDRiP.XviD-FmE.avi 2013-05-14 19:03 - 2013-05-14 19:03 - 00000217 ____A C:\Users\Public\Desktop\Online Games.url 2013-05-11 17:19 - 2013-05-11 17:19 - 00000000 ____D C:\Windows\SysWOW64\searchplugins 2013-05-11 17:19 - 2013-05-11 17:19 - 00000000 ____D C:\Windows\SysWOW64\Extensions 2013-05-09 16:51 - 2013-05-11 17:17 - 00012353 ____A C:\Users\xxx\Desktop\Mappe1.xlsx 2013-05-08 22:12 - 2013-05-08 22:12 - 00000000 ____D C:\Users\xxx\Desktop\TOOL MAKROPHYTEN 2013-05-06 11:47 - 2013-05-06 11:48 - 20545161 ____A C:\Users\xxx\Desktop\Hammer_Bros-Sleep_Forever-EP-2010-GRAVEWISH.rar 2013-05-06 11:26 - 2013-05-06 11:27 - 15325230 ____A C:\Users\xxx\Desktop\Hammer_Bros_-_ii_ep__2005_.rar 2013-05-06 11:26 - 2013-05-06 11:26 - 06841150 ____A C:\Users\xxx\Desktop\Hammer_Bros_-_7____2004_.rar 2013-05-06 11:24 - 2013-05-06 11:26 - 19381669 ____A C:\Users\xxx\Desktop\We Do What We Want!.rar 2013-05-05 22:54 - 2013-05-31 12:12 - 00000000 ____D C:\Users\xxx\AppData\Roaming\foobar2000 2013-05-05 22:54 - 2013-05-05 22:54 - 00001031 ____A C:\Users\Public\Desktop\foobar2000.lnk 2013-05-05 22:54 - 2013-05-05 22:54 - 00000000 ____D C:\Program Files (x86)\foobar2000 2013-05-05 18:29 - 2013-05-06 11:54 - 00000000 ____D C:\Users\xxx\Desktop\vitality 2013-05-05 18:24 - 2013-05-05 18:27 - 35539240 ____A C:\Users\xxx\Desktop\The Vitality.rar ==================== One Month Modified Files and Folders ======= 2013-05-31 13:44 - 2013-05-31 13:44 - 00000000 ____D C:\FRST 2013-05-31 13:43 - 2013-05-31 13:43 - 01915980 ____A (Farbar) C:\Users\xxx\Downloads\FRST64.exe 2013-05-31 13:41 - 2013-05-31 13:41 - 00002742 ____A C:\AdwCleaner[R15].txt 2013-05-31 13:37 - 2012-12-13 05:32 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Skype 2013-05-31 13:36 - 2013-05-31 13:36 - 00001966 ____A C:\Users\xxx\Desktop\JRT.txt 2013-05-31 13:31 - 2013-05-31 13:31 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\xxx\Downloads\JRT.exe 2013-05-31 13:31 - 2013-05-31 13:31 - 00000000 ____D C:\Windows\ERUNT 2013-05-31 13:31 - 2013-05-31 13:31 - 00000000 ____D C:\JRT 2013-05-31 13:16 - 2012-12-14 04:35 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-05-31 13:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-05-31 12:48 - 2012-12-13 15:29 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-05-31 12:44 - 2013-05-30 23:14 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-05-31 12:18 - 2012-12-13 19:12 - 00000000 ____D C:\Users\xxx\AppData\Local\Windows Live 2013-05-31 12:17 - 2012-12-13 23:06 - 01803412 ____A C:\Windows\WindowsUpdate.log 2013-05-31 12:17 - 2009-11-05 05:21 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-05-31 12:12 - 2013-05-05 22:54 - 00000000 ____D C:\Users\xxx\AppData\Roaming\foobar2000 2013-05-31 12:02 - 2009-07-14 06:45 - 00017600 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-05-31 12:02 - 2009-07-14 06:45 - 00017600 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-05-31 11:53 - 2013-05-30 22:06 - 00000691 ____A C:\Windows\setupact.log 2013-05-31 11:53 - 2012-12-13 15:29 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-05-31 11:53 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-05-31 11:52 - 2012-12-14 13:27 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-05-31 11:40 - 2009-07-27 22:41 - 00000000 ____D C:\Windows\Panther 2013-05-31 11:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK 2013-05-31 11:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR 2013-05-31 11:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\zh-HK 2013-05-31 11:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\tr-TR 2013-05-31 11:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-05-31 11:18 - 2013-05-31 11:11 - 00007827 ____A C:\Windows\IE10_main.log 2013-05-31 11:15 - 2013-05-31 11:15 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-05-31 11:15 - 2013-05-31 11:15 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-05-31 11:15 - 2013-05-31 11:15 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-05-31 11:15 - 2013-05-31 11:15 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-05-31 11:15 - 2013-05-31 11:15 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-05-31 11:15 - 2013-05-31 11:15 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat 2013-05-31 11:15 - 2013-05-31 11:15 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec 2013-05-31 11:15 - 2013-05-31 11:15 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-05-31 11:15 - 2013-05-31 11:15 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx 2013-05-31 11:15 - 2013-05-31 11:15 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-05-31 11:15 - 2013-05-31 11:15 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-05-31 11:15 - 2013-05-31 11:15 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe 2013-05-31 11:15 - 2013-05-31 11:15 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-05-31 11:14 - 2013-05-31 11:14 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-05-31 11:14 - 2013-05-31 11:14 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-05-31 11:08 - 2013-03-05 22:54 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Orbit 2013-05-31 11:08 - 2012-12-15 16:21 - 00000000 ____D C:\Users\xxx\AppData\Local\Adobe 2013-05-31 11:01 - 2012-12-13 05:31 - 00000000 ____D C:\ProgramData\Skype 2013-05-31 01:36 - 2013-01-04 22:28 - 00777350 ____A C:\Windows\SysWOW64\PerfStringBackup.INI 2013-05-31 01:36 - 2009-07-14 07:13 - 00777350 ____A C:\Windows\System32\PerfStringBackup.INI 2013-05-31 01:24 - 2009-07-14 04:34 - 00000510 ____A C:\Windows\win.ini 2013-05-31 01:12 - 2013-05-31 01:12 - 00061440 ____A C:\Windows\SysWOW64\Drivers\rfdzf.sys 2013-05-31 01:12 - 2013-05-31 01:12 - 00000050 ____A C:\mhtwlnht.txt 2013-05-31 00:54 - 2013-05-30 22:40 - 00427192 ____A C:\Windows\System32\FNTCACHE.DAT 2013-05-31 00:50 - 2013-05-30 22:40 - 00681754 ____A C:\Windows\PFRO.log 2013-05-31 00:50 - 2013-01-05 16:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-05-31 00:38 - 2013-05-31 00:18 - 00000000 ____D C:\3673823e69bbcab4d05efa266a2fb7 2013-05-31 00:22 - 2013-05-31 00:22 - 00602112 ____A (OldTimer Tools) C:\Users\xxx\Downloads\OTL.exe 2013-05-31 00:20 - 2013-05-30 23:13 - 00620128 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\klif.sys 2013-05-31 00:20 - 2013-05-30 23:13 - 00090208 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\klflt.sys 2013-05-31 00:20 - 2013-02-28 16:46 - 00055056 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\kltdi.sys 2013-05-31 00:20 - 2012-08-13 16:49 - 00178448 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\kneps.sys 2013-05-31 00:19 - 2012-12-13 05:31 - 00002517 ____A C:\Users\Public\Desktop\Skype.lnk 2013-05-30 23:55 - 2013-05-30 23:55 - 00061440 ____A C:\Windows\SysWOW64\Drivers\twhrx.sys 2013-05-30 23:55 - 2013-05-30 23:55 - 00000050 ____A C:\Program Files (x86)\cdgjx.txt 2013-05-30 23:50 - 2013-05-30 23:50 - 00000000 ____D C:\Users\xxx\Desktop\RK_Quarantine 2013-05-30 23:32 - 2013-05-30 23:32 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2013-05-30 23:32 - 2013-05-30 23:32 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2013-05-30 23:31 - 2012-12-14 22:51 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Opera 2013-05-30 23:31 - 2012-12-14 22:51 - 00000000 ____D C:\Users\xxx\AppData\Local\Opera 2013-05-30 23:31 - 2012-12-14 22:51 - 00000000 ____D C:\Program Files (x86)\Opera 2013-05-30 23:29 - 2013-05-30 22:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-05-30 23:26 - 2013-01-05 16:30 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-05-30 23:17 - 2013-05-30 23:18 - 00001115 ____A C:\Users\Public\Desktop\Kaspersky Anti-Virus 2013.lnk 2013-05-30 23:14 - 2013-05-30 23:14 - 00000000 ____D C:\Windows\ELAMBKUP 2013-05-30 23:14 - 2013-05-30 23:14 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab 2013-05-30 23:09 - 2013-05-30 23:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2013-05-30 22:58 - 2012-12-14 13:36 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} 2013-05-30 22:58 - 2012-12-13 06:03 - 00000000 ____D C:\Users\xxx\AppData\Local\Microsoft Help 2013-05-30 22:57 - 2013-05-30 22:57 - 00000000 ____D C:\ProgramData\WRData 2013-05-30 22:53 - 2013-05-30 22:53 - 00002209 ____A C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk 2013-05-30 22:53 - 2013-05-30 22:53 - 00002189 ____A C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk 2013-05-30 22:53 - 2013-05-30 22:52 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013 2013-05-30 22:52 - 2013-05-30 22:51 - 00000000 ____D C:\ProgramData\TuneUp Software 2013-05-30 22:46 - 2013-05-30 22:46 - 00000000 ____D C:\Program Files\Unlocker 2013-05-30 22:42 - 2013-01-08 19:23 - 00000000 ____D C:\Users\xxx\AppData\Roaming\uTorrent 2013-05-30 22:40 - 2013-05-30 22:01 - 00000000 ____D C:\Program Files\Bitdefender 2013-05-30 22:40 - 2013-05-30 21:31 - 00000000 ____D C:\ProgramData\Norton 2013-05-30 22:34 - 2013-05-30 22:34 - 00000727 ____A C:\Windows\System32\Drivers\etc\hosts.txt 2013-05-30 22:33 - 2013-05-30 22:33 - 00222181 ____A C:\ProgramData\1369945946.bdinstall.bin 2013-05-30 22:33 - 2013-05-30 21:59 - 00000000 ____D C:\Program Files\Common Files\Bitdefender 2013-05-30 22:17 - 2013-05-30 22:17 - 28211040 ____A (TuneUp Software) C:\Users\xxx\Downloads\TuneUpUtilities2013_3020de-DE.exe 2013-05-30 22:07 - 2013-05-30 22:07 - 00481048 ____A C:\ProgramData\1369944087.bdinstall.bin 2013-05-30 22:06 - 2013-05-30 22:06 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_avchv_01009.Wdf 2013-05-30 22:06 - 2013-05-30 22:06 - 00000000 ____D C:\ProgramData\BDLogging 2013-05-30 22:06 - 2013-05-30 22:06 - 00000000 ____A C:\Windows\setuperr.log 2013-05-30 22:03 - 2013-05-30 22:03 - 00000000 ____D C:\Users\xxx\AppData\Roaming\QuickScan 2013-05-30 22:00 - 2013-05-30 22:00 - 00000116 ____A C:\Users\Public\Desktop\NortonIdentifySafe.url 2013-05-30 21:58 - 2013-05-30 21:58 - 02451720 ____A C:\Users\xxx\Downloads\bitdefender_antivirus.exe 2013-05-30 21:56 - 2012-12-14 04:35 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-05-30 21:56 - 2012-12-14 04:35 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-05-30 21:55 - 2013-05-30 21:55 - 00111288 ____A C:\Users\xxx\AppData\Local\GDIPFONTCACHEV1.DAT 2013-05-30 21:30 - 2013-05-30 21:30 - 00002359 ____A C:\AdwCleaner[R14].txt 2013-05-30 21:23 - 2013-03-19 19:21 - 00000000 ____D C:\Program Files (x86)\Tennis Elbow 2013 2013-05-29 22:09 - 2013-04-03 18:19 - 00000826 ____A C:\Users\Public\Desktop\CCleaner.lnk 2013-05-29 22:09 - 2013-04-03 18:19 - 00000000 ____D C:\Program Files\CCleaner 2013-05-29 22:08 - 2012-12-14 20:04 - 00000000 ____D C:\Program Files (x86)\Steam 2013-05-29 22:05 - 2013-05-29 22:05 - 00002418 ____A C:\AdwCleaner[S7].txt 2013-05-29 22:05 - 2013-05-29 22:05 - 00002357 ____A C:\AdwCleaner[R13].txt 2013-05-29 22:05 - 2013-04-04 21:03 - 00632031 ____A C:\Users\xxx\Desktop\adwcleaner.exe 2013-05-29 21:34 - 2012-12-14 23:24 - 00280792 ____A C:\Windows\SysWOW64\PnkBstrB.xtr 2013-05-29 21:34 - 2012-12-14 23:19 - 00280792 ____A C:\Windows\SysWOW64\PnkBstrB.exe 2013-05-29 21:18 - 2012-12-14 23:19 - 00281032 ____A C:\Windows\SysWOW64\PnkBstrB.ex0 2013-05-29 20:50 - 2013-05-29 10:50 - 00000000 ____D C:\Users\xxx\Desktop\hydrobotanik 2013-05-28 22:53 - 2013-05-28 22:53 - 00010770 ____A C:\AdwCleaner[S6].txt 2013-05-28 22:53 - 2013-05-28 22:53 - 00010722 ____A C:\AdwCleaner[R12].txt 2013-05-27 18:44 - 2013-03-19 19:21 - 00001085 ____A C:\Users\xxx\Desktop\Tennis Elbow 2013.lnk 2013-05-24 15:57 - 2013-05-22 20:07 - 00000000 ____D C:\Users\xxx\Desktop\bk 2013-05-24 15:50 - 2013-05-24 15:50 - 00000000 ____D C:\Users\xxx\Desktop\pflanzenphysio 2013-05-24 13:48 - 2013-03-07 15:00 - 00002187 ____A C:\Users\Public\Desktop\Google Chrome.lnk 2013-05-21 15:10 - 2009-11-05 02:38 - 00000000 ____D C:\ProgramData\Adobe 2013-05-15 11:44 - 2012-12-14 15:49 - 00014022 ____A C:\Windows\wininit.ini 2013-05-14 20:56 - 2013-03-25 19:32 - 00000000 ____D C:\Users\xxx\AppData\Roaming\vlc 2013-05-14 19:10 - 2013-05-14 19:06 - 273098621 ____A C:\Users\xxx\Downloads\Next.Door.German.2005.DVDRiP.XviD-FmE.avi 2013-05-14 19:03 - 2013-05-14 19:03 - 00000217 ____A C:\Users\Public\Desktop\Online Games.url 2013-05-13 10:58 - 2012-12-13 16:15 - 00000000 ____D C:\Windows\Minidump 2013-05-11 17:19 - 2013-05-11 17:19 - 00000000 ____D C:\Windows\SysWOW64\searchplugins 2013-05-11 17:19 - 2013-05-11 17:19 - 00000000 ____D C:\Windows\SysWOW64\Extensions 2013-05-11 17:17 - 2013-05-09 16:51 - 00012353 ____A C:\Users\xxx\Desktop\Mappe1.xlsx 2013-05-08 22:12 - 2013-05-08 22:12 - 00000000 ____D C:\Users\xxx\Desktop\TOOL MAKROPHYTEN 2013-05-07 22:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports 2013-05-06 11:54 - 2013-05-05 18:29 - 00000000 ____D C:\Users\xxx\Desktop\vitality 2013-05-06 11:48 - 2013-05-06 11:47 - 20545161 ____A C:\Users\xxx\Desktop\Hammer_Bros-Sleep_Forever-EP-2010-GRAVEWISH.rar 2013-05-06 11:27 - 2013-05-06 11:26 - 15325230 ____A C:\Users\xxx\Desktop\Hammer_Bros_-_ii_ep__2005_.rar 2013-05-06 11:26 - 2013-05-06 11:26 - 06841150 ____A C:\Users\xxx\Desktop\Hammer_Bros_-_7____2004_.rar 2013-05-06 11:26 - 2013-05-06 11:24 - 19381669 ____A C:\Users\xxx\Desktop\We Do What We Want!.rar 2013-05-05 22:54 - 2013-05-05 22:54 - 00001031 ____A C:\Users\Public\Desktop\foobar2000.lnk 2013-05-05 22:54 - 2013-05-05 22:54 - 00000000 ____D C:\Program Files (x86)\foobar2000 2013-05-05 18:27 - 2013-05-05 18:24 - 35539240 ____A C:\Users\xxx\Desktop\The Vitality.rar 2013-05-03 16:15 - 2012-12-13 19:04 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-05-02 02:06 - 2012-12-21 00:05 - 00278800 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe Other Malware: =========== C:\ProgramData\FullRemove.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit Last Boot: 2013-05-24 00:42 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-05-2013 01 Ran by xxx at 2013-05-31 13:45:28 Run: Running from C:\Users\xxx\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= µTorrent (Version: 3.2.3.28705) 888poker Acer Arcade Deluxe (Version: 3.0.7112) Acer Backup Manager (Version: 2.0.0.29) Acer Crystal Eye Webcam (Version: 5.2.9.3) Acer ePower Management (Version: 4.05.3004) Acer eRecovery Management (Version: 4.05.3005) Acer GameZone Console (Version: 5.1.0.2) Acer GridVista (Version: 3.01.0730) Acer Registration (Version: 1.02.3006) Acer ScreenSaver (Version: 1.1.2009.1217) Acer Updater (Version: 1.01.3017) Acer VCM (Version: 4.05.3000) Acrobat.com (Version: 1.6.65) Acunetix Web Vulnerability Scanner 8.0 (Version: 8.0) Adobe AIR (Version: 1.5.0.7220) Adobe Flash Player 11 ActiveX (Version: 11.7.700.202) Adobe Flash Player 11 Plugin (Version: 11.7.700.202) Adobe Reader XI (11.0.03) - Deutsch (Version: 11.0.03) Adware . Casino Client Removal Tool (Version: 1.0) Alcor Micro USB Card Reader (Version: 1.4.17.35005) Alice Greenfingers Amazonia ATI Catalyst Install Manager (Version: 3.0.754.0) AutoHotkey 1.1.09.00 (Version: 1.1.09.00) Backup Manager Basic (Version: 2.0.0.29) BMW M3 Challenge (Version: BMW M3 Challenge v1.0.0.0) Broadcom Gigabit NetLink Controller (Version: 12.33.03) Canon MG5100 series MP Drivers Catalyst Control Center - Branding (Version: 1.00.0000) Catalyst Control Center Core Implementation (Version: 2009.1209.2335.42329) Catalyst Control Center Graphics Full Existing (Version: 2009.1209.2335.42329) Catalyst Control Center Graphics Full New (Version: 2009.1209.2335.42329) Catalyst Control Center Graphics Light (Version: 2009.1209.2335.42329) Catalyst Control Center Graphics Previews Vista (Version: 2009.1209.2335.42329) Catalyst Control Center InstallProxy (Version: 2009.1209.2335.42329) Catalyst Control Center Localization All (Version: 2009.1209.2335.42329) CCC Help Chinese Standard (Version: 2009.1209.2334.42329) CCC Help Chinese Traditional (Version: 2009.1209.2334.42329) CCC Help Czech (Version: 2009.1209.2334.42329) CCC Help Danish (Version: 2009.1209.2334.42329) CCC Help Dutch (Version: 2009.1209.2334.42329) CCC Help English (Version: 2009.1209.2334.42329) CCC Help Finnish (Version: 2009.1209.2334.42329) CCC Help French (Version: 2009.1209.2334.42329) CCC Help German (Version: 2009.1209.2334.42329) CCC Help Greek (Version: 2009.1209.2334.42329) CCC Help Hungarian (Version: 2009.1209.2334.42329) CCC Help Italian (Version: 2009.1209.2334.42329) CCC Help Japanese (Version: 2009.1209.2334.42329) CCC Help Korean (Version: 2009.1209.2334.42329) CCC Help Norwegian (Version: 2009.1209.2334.42329) CCC Help Polish (Version: 2009.1209.2334.42329) CCC Help Portuguese (Version: 2009.1209.2334.42329) CCC Help Russian (Version: 2009.1209.2334.42329) CCC Help Spanish (Version: 2009.1209.2334.42329) CCC Help Swedish (Version: 2009.1209.2334.42329) CCC Help Thai (Version: 2009.1209.2334.42329) CCC Help Turkish (Version: 2009.1209.2334.42329) ccc-core-static (Version: 2009.1209.2335.42329) ccc-utility64 (Version: 2009.1209.2335.42329) CCleaner (Version: 4.02) Cerberus FTP Server (Version: 5.0.64) Chicken Invaders 2 Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000) D3DX10 (Version: 15.4.2368.0902) Dairy Dash DbMAP 3D Flyer Plugin v.2.1.7r2 (Version: 2.1.7r2) Dream Day First Home eBay Worldwide (Version: 2.1.0901) eMule (Version: 0.50a) eSobi v2 (Version: 2.0.4.000274) Farm Frenzy 2 First Class Flurry foobar2000 v1.2.6 (Version: 1.2.6) Fotogalerie (Version: 16.4.3505.0912) Free Alarm Clock 2.7.0 (Version: 2.7) Game Booster 3 (Version: 3.4) GameBoost (Version: 1.1.14.2013) Google Chrome (Version: 27.0.1453.94) Google Earth (Version: 7.0.3.8542) Google Toolbar for Internet Explorer (Version: 1.0.0) Google Toolbar for Internet Explorer (Version: 7.4.3607.2246) Google Update Helper (Version: 1.3.21.145) Granny In Paradise Heroes of Hellas Identity Card (Version: 1.00.3003) Intel(R) Management Engine Components (Version: 6.0.0.1179) Intel(R) Turbo Boost Technology Driver (Version: 01.00.01.1002) Intel® Matrix Storage Manager JDownloader Packages Junk Mail filter update (Version: 16.4.3505.0912) Kaspersky Anti-Virus 2013 (Version: 13.0.1.4190) KeyTweak - Keyboard Remapper (remove only) Launch Manager (Version: 3.0.05) Merriam Websters Spell Jam Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0) Microsoft Keyboard Layout Creator 1.4 (Version: 1.4.6000) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000) Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office File Validation Add-In (Version: 14.0.5130.5003) Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Language Pack 2007 - German/Deutsch (Version: 12.0.6612.1000) Microsoft Office O MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000) Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000) Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) Microsoft Office SharePoint Designer MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Suite Activation Assistant (Version: 2.9) Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office X MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Silverlight (Version: 5.1.20125.0) Microsoft SkyDrive (Version: 16.4.6013.0910) Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Works (Version: 9.7.0621) MiPony 2.0.2 (Version: 2.0.2) Mipony Download Manager Packages Movie Maker (Version: 16.4.3505.0912) MSVCRT (Version: 15.4.2862.0708) MSVCRT_amd64 (Version: 15.4.2862.0708) MSVCRT110 (Version: 16.4.1108.0727) MSVCRT110_amd64 (Version: 16.4.1109.0912) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) MyWinLocker (Version: 3.1.76.0) Norton Online Backup (Version: 1.2.0.36) Nsauditor 2.5.9 NTI Backup Now 5 (Version: 5.1.2.627) NTI Backup Now Standard (Version: 5.1.2.627) NTI Media Maker 8 (Version: 8.0.12.6623) Orbit Downloader Photo Gallery (Version: 16.4.3505.0912) Poker Poker 770 PunkBuster Services (Version: 0.992) Realtek High Definition Audio Driver (Version: 6.0.1.5969) Red Orchestra 2: Heroes of Stalingrad SecurityKISS Tunnel v0.3.0 SharpKeys (Version: 3.5.0000) Skype™ 6.3 (Version: 6.3.107) SmartFTP Client (Version: 4.1.1313.0) Steam (Version: 1.0.0.0) Synaptics Pointing Device Driver (Version: 14.0.6.0) Teleport Pro (Version: 1.68) Tennis Elbow 2013 1.0a (Version: 1.0a) Titan Poker TuneUp Utilities 2013 (Version: 13.0.3020.2) TuneUp Utilities Language Pack (de-DE) (Version: 13.0.3020.2) Überwachungstool für die Intel® Turbo-Boost-Technik (Version: 1.0.186.6) Unlocker 1.9.2 (Version: 1.9.2) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update für Microsoft Office Excel 2007 Help (KB963678) Update für Microsoft Office Outlook 2007 Help (KB963677) Update für Microsoft Office Powerpoint 2007 Help (KB963669) Update für Microsoft Office Word 2007 Help (KB963665) VLC media player 2.0.5 (Version: 2.0.5) Welcome Center (Version: 1.00.3008) Windows Live Communications Platform (Version: 16.4.3505.0912) Windows Live Essentials (Version: 16.4.3505.0912) Windows Live Family Safety (Version: 16.4.3505.0912) Windows Live ID Sign-in Assistant (Version: 7.250.4311.0) Windows Live Installer (Version: 16.4.3505.0912) Windows Live Mail (Version: 16.4.3505.0912) Windows Live Messenger (Version: 16.4.3505.0912) Windows Live MIME IFilter (Version: 16.4.3505.0912) Windows Live Photo Common (Version: 16.4.3505.0912) Windows Live PIMT Platform (Version: 16.4.3505.0912) Windows Live SOXE (Version: 16.4.3505.0912) Windows Live SOXE Definitions (Version: 16.4.3505.0912) Windows Live Sync (Version: 14.0.8089.726) Windows Live UX Platform (Version: 16.4.3505.0912) Windows Live UX Platform Language Pack (Version: 16.4.3505.0912) Windows Live Writer (Version: 16.4.3505.0912) Windows Live Writer Resources (Version: 16.4.3505.0912) Winner Poker WinRAR 4.20 (64-Bit) (Version: 4.20.0) ==================== Restore Points ========================= 30-05-2013 23:21:52 Windows Update 31-05-2013 09:11:06 Windows Update 31-05-2013 10:02:38 Windows Defender Checkpoint 31-05-2013 10:12:30 Windows Update ==================== Hosts content: ========================== 127.0.0.1 www.SMARTTERRA.EU 127.0.0.1 localhost 127.0.0.1 order.tune-up.com 127.0.0.1 tune-up.com 127.0.0.1 tune-up.com/order 127.0.0.1 registertuneup.com 127.0.0.1 download.tune-up.de 127.0.0.1 download.tune-up.com 127.0.0.1 secure.tune-up.com 127.0.0.1 localhost 127.0.0.1 tuneup.de 127.0.0.1 swi.tune-up.com 127.0.0.1 SMARTTERRA.EU 127.0.0.1 www.order.tune-up.com 127.0.0.1 www.tune-up.com 127.0.0.1 www.tune-up.com/order 127.0.0.1 www.registertuneup.com 127.0.0.1 www.download.tune-up.de 127.0.0.1 hxxp://www.download.tune-up.com...une-up.com 127.0.0.1 www.secure.tune-up.com There are more than 3 lines starting with "127.0.0.1" ==================== Faulty Device Manager Devices ============= Name: Video WebCam Description: USB Video Device Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Microsoft Service: usbvideo Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2013-05-31 02:29:53.650 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-05-31 02:29:53.648 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-05-31 02:29:53.646 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-05-31 02:29:53.627 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-05-31 02:29:53.625 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-05-31 02:29:53.622 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-01-04 22:01:29.498 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-01-04 22:01:29.447 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 56% Total physical RAM: 3956.5 MB Available physical RAM: 1702.98 MB Total Pagefile: 7911.18 MB Available Pagefile: 5739.64 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (ACER) (Fixed) (Total:463.16 GB) (Free:389.05 GB) NTFS (Disk=0 Partition=3) ==>[Drive with boot components (obtained from BCD)] Drive d: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS (Disk=0 Partition=2) Drive f: () (Removable) (Total:0.48 GB) (Free:0.47 GB) FAT (Disk=1 Partition=1) ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 596 GB) (Disk ID: F86FF86F) Partition 1: (Not Active) - (Size=12 GB) - (Type=27) Partition 2: (Not Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Active) - (Size=463 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=102 GB) - (Type=05) ======================================================== Disk: 1 (Size: 489 MB) (Disk ID: 00000000) Partition 1: (Active) - (Size=488 MB) - (Type=06) ==================== End Of Log ============================ |
|
31.05.2013, 12:48
| #4 |
| /// the machine /// TB-Ausbilder | Verdacht auf spyware Du hast AdwCleaner nur suchen lassen, nicht löschen. Bitte hole das nach, dann einen frischen Scan mit FRST. Poste die Logs bitte in Codetags.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.05.2013, 13:02
| #5 |
| | Verdacht auf spyware STIMMT SORRY MEIN FEHLER AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.301 - Logfile created 05/31/2013 at 13:47:40
# Updated 16/05/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : xxx - XXX-PC
# Boot Mode : Normal
# Running from : C:\Users\xxx\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
***** [Registry] *****
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\Software\DataMngr
***** [Internet Browsers] *****
-\\ Internet Explorer v10.0.9200.16576
[OK] Registry is clean.
-\\ Google Chrome v27.0.1453.94
File : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Preferences
Deleted [l.27] : keyword = "babylon.com",
Deleted [l.31] : search_url = "hxxp://www.delta-search.com/?q={searchTerms}&affID=122471&tt=gc_&babsrc=SP_ss&m[...]
Deleted [l.2146] : homepage = "hxxp://www.delta-search.com/?affID=122471&tt=gc_&babsrc=HP_ss&mntrId=86D900FF781F7FC[...]
Deleted [l.2394] : urls_to_restore_on_startup = [ "hxxp://www.delta-search.com/?affID=122471&tt=gc_&babsrc=HP_ss[...]
*************************
AdwCleaner[R10].txt - [2007 octets] - [04/04/2013 21:03:50]
AdwCleaner[R11].txt - [2068 octets] - [05/04/2013 20:42:46]
AdwCleaner[R12].txt - [10722 octets] - [28/05/2013 22:53:09]
AdwCleaner[R13].txt - [2357 octets] - [29/05/2013 22:05:18]
AdwCleaner[R14].txt - [2359 octets] - [30/05/2013 21:30:30]
AdwCleaner[R15].txt - [2742 octets] - [31/05/2013 13:41:52]
AdwCleaner[R1].txt - [1902 octets] - [14/12/2012 20:14:26]
AdwCleaner[R2].txt - [1962 octets] - [14/12/2012 20:14:41]
AdwCleaner[R3].txt - [2875 octets] - [04/01/2013 22:46:48]
AdwCleaner[R4].txt - [2656 octets] - [04/01/2013 23:47:24]
AdwCleaner[R5].txt - [2716 octets] - [04/01/2013 23:47:33]
AdwCleaner[R6].txt - [10791 octets] - [06/01/2013 16:27:08]
AdwCleaner[R7].txt - [2151 octets] - [21/01/2013 18:19:42]
AdwCleaner[R8].txt - [2458 octets] - [26/03/2013 11:49:44]
AdwCleaner[R9].txt - [1947 octets] - [03/04/2013 16:24:29]
AdwCleaner[S1].txt - [2144 octets] - [14/12/2012 20:14:58]
AdwCleaner[S2].txt - [2816 octets] - [04/01/2013 23:47:39]
AdwCleaner[S3].txt - [10929 octets] - [06/01/2013 16:27:20]
AdwCleaner[S4].txt - [2235 octets] - [21/01/2013 18:19:57]
AdwCleaner[S5].txt - [2534 octets] - [26/03/2013 11:50:05]
AdwCleaner[S6].txt - [10770 octets] - [28/05/2013 22:53:29]
AdwCleaner[S7].txt - [2418 octets] - [29/05/2013 22:05:39]
AdwCleaner[S8].txt - [2651 octets] - [31/05/2013 13:47:40]
########## EOF - C:\AdwCleaner[S8].txt - [2711 octets] ##########
[/CODE] Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by xxx on 31.05.2013 at 13:53:49,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.05.2013 at 13:58:27,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-05-2013 01
Ran by xxx (administrator) on 31-05-2013 14:04:19
Running from C:\Users\xxx\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AMD) C:\Windows\system32\atieclxx.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
(Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
() C:\Users\xxx\Desktop\remapper\KeyRemapper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\prevhost.exe
(Microsoft Corporation) C:\Windows\system32\osk.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKCU\...\Run: [KeyMapperStarup] C:\Users\xxx\Desktop\remapper\KeyRemapper.exe /background [155648 2010-11-30] ()
HKCU\...\Run: [FreeAC] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun [1328976 2012-04-25] (Comfort Software Group)
HKCU\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18678376 2013-04-19] (Skype Technologies S.A.)
HKCU\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-11-05] (Google Inc.)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-20] (Microsoft Corporation)
HKLM-x32\...\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe" [356376 2013-02-28] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [154144 2009-12-16] ()
HKU\Default User\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [154144 2009-12-16] ()
==================== Internet (Whitelisted) ====================
ProxyServer: 193.17.184.49:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=foxtab&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBzztC0FyB0F0C0EtC0E0ByEtN0D0Tzu0SyEzyzytN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu1L1C1F1G1H1B1QtDyE&cr=443540607&ir=
SearchScopes: HKLM-x32 - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=foxtab&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBzztC0FyB0F0C0EtC0E0ByEtN0D0Tzu0SyEzyzytN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu1L1C1F1G1H1B1QtDyE&cr=443540607&ir=
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll ()
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\zztp6u1e.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: geomind.it/DbMap3dFlyer - C:\Program Files (x86)\Abaco\DbMAP 3D Flyer Plugin\npGeoFlyerPlugin.dll (Geomind Srl)
Chrome:
=======
CHR DefaultSearchURL: (Delta Search) - hxxp://www.delta-search.com/?q={searchTerms}&affID=122471&tt=gc_&babsrc=SP_ss&mntrId=86D900FF781F7FCE
CHR DefaultSuggestURL: (Delta Search) - "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DbMap3dFlyer) - C:\Program Files (x86)\Abaco\DbMAP 3D Flyer Plugin\npGeoFlyerPlugin.dll (Geomind Srl)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
CHR Extension: (Kaspersky URL Advisor) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0
CHR Extension: (Content Blocker) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0
CHR Extension: (Virtual Keyboard) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0
CHR Extension: (Socksharedownloader) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.0_0
==================== Services (Whitelisted) =================
S4 AcuWVSSchedulerv8; C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe [1004216 2012-12-13] ()
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [356376 2013-02-28] (Kaspersky Lab ZAO)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [166424 2012-11-22] (Microsoft Corp.)
S4 Cerberus FTP Server; C:\Program Files\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe [9115064 2012-12-27] (Cerberus, LLC)
S4 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-12-16] ()
S4 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [620128 2013-05-31] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29016 2013-02-28] (Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29528 2013-02-28] (Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55056 2013-05-31] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-05-31] (Kaspersky Lab ZAO)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S0 bibk; system32\drivers\twhrx.sys [x]
S0 flizp; system32\drivers\rfdzf.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-05-31 13:58 - 2013-05-31 13:58 - 00000623 ____A C:\Users\xxx\Desktop\JRT.txt
2013-05-31 13:47 - 2013-05-31 13:47 - 00002780 ____A C:\AdwCleaner[S8].txt
2013-05-31 13:45 - 2013-05-31 13:45 - 00018295 ____A C:\Users\xxx\Downloads\Addition.txt
2013-05-31 13:44 - 2013-05-31 13:44 - 00000000 ____D C:\FRST
2013-05-31 13:43 - 2013-05-31 13:43 - 01915980 ____A (Farbar) C:\Users\xxx\Downloads\FRST64.exe
2013-05-31 13:41 - 2013-05-31 13:41 - 00002742 ____A C:\AdwCleaner[R15].txt
2013-05-31 13:31 - 2013-05-31 13:53 - 00000000 ____D C:\JRT
2013-05-31 13:31 - 2013-05-31 13:31 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\xxx\Downloads\JRT.exe
2013-05-31 13:31 - 2013-05-31 13:31 - 00000000 ____D C:\Windows\ERUNT
2013-05-31 12:12 - 2013-03-19 07:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-31 12:12 - 2013-03-19 07:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-31 12:12 - 2012-11-22 07:44 - 00800768 ____A (Microsoft Corporation) C:\Windows\System32\usp10.dll
2013-05-31 12:12 - 2012-11-22 06:45 - 00626688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-05-31 12:11 - 2012-12-07 15:20 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\Wpc.dll
2013-05-31 12:11 - 2012-12-07 15:15 - 02746368 ____A (Microsoft Corporation) C:\Windows\System32\gameux.dll
2013-05-31 12:11 - 2012-12-07 14:26 - 00308736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-05-31 12:11 - 2012-12-07 14:20 - 02576384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-05-31 12:11 - 2012-12-07 13:20 - 00045568 ____A (Microsoft) C:\Windows\System32\oflc-nz.rs
2013-05-31 12:11 - 2012-12-07 13:20 - 00044544 ____A (Microsoft) C:\Windows\System32\pegibbfc.rs
2013-05-31 12:11 - 2012-12-07 13:20 - 00043520 ____A (Microsoft) C:\Windows\System32\csrr.rs
2013-05-31 12:11 - 2012-12-07 13:20 - 00030720 ____A (Microsoft) C:\Windows\System32\usk.rs
2013-05-31 12:11 - 2012-12-07 13:20 - 00023552 ____A (Microsoft) C:\Windows\System32\oflc.rs
2013-05-31 12:11 - 2012-12-07 13:20 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-pt.rs
2013-05-31 12:11 - 2012-12-07 13:20 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-fi.rs
2013-05-31 12:11 - 2012-12-07 13:19 - 00055296 ____A (Microsoft) C:\Windows\System32\cero.rs
2013-05-31 12:11 - 2012-12-07 13:19 - 00051712 ____A (Microsoft) C:\Windows\System32\esrb.rs
2013-05-31 12:11 - 2012-12-07 13:19 - 00046592 ____A (Microsoft) C:\Windows\System32\fpb.rs
2013-05-31 12:11 - 2012-12-07 13:19 - 00040960 ____A (Microsoft) C:\Windows\System32\cob-au.rs
2013-05-31 12:11 - 2012-12-07 13:19 - 00021504 ____A (Microsoft) C:\Windows\System32\grb.rs
2013-05-31 12:11 - 2012-12-07 13:19 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi.rs
2013-05-31 12:11 - 2012-12-07 13:19 - 00015360 ____A (Microsoft) C:\Windows\System32\djctq.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00055296 ____A (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00051712 ____A (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00046592 ____A (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00045568 ____A (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00044544 ____A (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00043520 ____A (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00040960 ____A (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00030720 ____A (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00023552 ____A (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00021504 ____A (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00015360 ____A (Microsoft) C:\Windows\SysWOW64\djctq.rs
2013-05-31 12:10 - 2012-11-30 07:45 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2013-05-31 12:10 - 2012-11-30 07:45 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2013-05-31 12:10 - 2012-11-30 07:45 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2013-05-31 12:10 - 2012-11-30 07:43 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2013-05-31 12:10 - 2012-11-30 07:41 - 01161216 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-05-31 12:10 - 2012-11-30 07:41 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:53 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-05-31 12:10 - 2012-11-30 06:53 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 05:23 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-05-31 12:10 - 2012-11-30 04:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 04:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 04:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 04:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 01:17 - 00420064 ____A C:\Windows\SysWOW64\locale.nls
2013-05-31 12:10 - 2012-11-30 01:15 - 00420064 ____A C:\Windows\System32\locale.nls
2013-05-31 12:06 - 2013-01-24 08:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2013-05-31 11:15 - 2013-05-31 11:15 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-31 11:15 - 2013-05-31 11:15 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-31 11:15 - 2013-05-31 11:15 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-31 11:15 - 2013-05-31 11:15 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-31 11:15 - 2013-05-31 11:15 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-31 11:15 - 2013-05-31 11:15 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-31 11:15 - 2013-05-31 11:15 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-31 11:15 - 2013-05-31 11:15 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-31 11:15 - 2013-05-31 11:15 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-31 11:15 - 2013-05-31 11:15 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-31 11:15 - 2013-05-31 11:15 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-31 11:14 - 2013-05-31 11:14 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-31 11:11 - 2013-05-31 11:18 - 00007827 ____A C:\Windows\IE10_main.log
2013-05-31 01:12 - 2013-05-31 01:12 - 00061440 ____A C:\Windows\SysWOW64\Drivers\rfdzf.sys
2013-05-31 01:12 - 2013-05-31 01:12 - 00000050 ____A C:\mhtwlnht.txt
2013-05-31 00:22 - 2013-05-31 00:22 - 00602112 ____A (OldTimer Tools) C:\Users\xxx\Downloads\OTL.exe
2013-05-31 00:18 - 2013-05-31 00:38 - 00000000 ____D C:\3673823e69bbcab4d05efa266a2fb7
2013-05-30 23:55 - 2013-05-30 23:55 - 00061440 ____A C:\Windows\SysWOW64\Drivers\twhrx.sys
2013-05-30 23:55 - 2013-05-30 23:55 - 00000050 ____A C:\Program Files (x86)\cdgjx.txt
2013-05-30 23:50 - 2013-05-30 23:50 - 00000000 ____D C:\Users\xxx\Desktop\RK_Quarantine
2013-05-30 23:32 - 2013-05-30 23:32 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-05-30 23:32 - 2013-05-30 23:32 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-05-30 23:22 - 2013-04-10 08:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-30 23:22 - 2013-04-10 08:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-30 23:22 - 2012-11-20 07:48 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2013-05-30 23:22 - 2012-11-20 06:51 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-05-30 23:22 - 2012-11-01 07:43 - 02002432 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-05-30 23:22 - 2012-11-01 07:43 - 01882624 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2013-05-30 23:22 - 2012-11-01 06:47 - 01389568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-05-30 23:22 - 2012-11-01 06:47 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-05-30 23:22 - 2011-02-03 13:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-05-30 23:20 - 2013-02-27 08:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-30 23:20 - 2013-02-27 07:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-30 23:20 - 2013-02-27 07:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-30 23:20 - 2013-02-27 07:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-30 23:20 - 2013-02-27 07:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-30 23:20 - 2013-02-27 06:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-30 23:20 - 2013-02-27 06:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-30 23:20 - 2013-02-27 06:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-30 23:20 - 2013-01-04 07:46 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-05-30 23:20 - 2013-01-04 06:51 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-05-30 23:20 - 2013-01-04 04:47 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-05-30 23:20 - 2013-01-04 04:47 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-05-30 23:20 - 2013-01-04 04:47 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-05-30 23:20 - 2013-01-04 04:47 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-05-30 23:19 - 2013-01-03 08:00 - 01913192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-05-30 23:19 - 2013-01-03 08:00 - 00288088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-05-30 23:18 - 2013-05-30 23:17 - 00001115 ____A C:\Users\Public\Desktop\Kaspersky Anti-Virus 2013.lnk
2013-05-30 23:18 - 2013-04-12 16:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-05-30 23:18 - 2013-04-10 05:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-30 23:18 - 2013-02-12 06:12 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-05-30 23:18 - 2012-11-23 05:13 - 00068608 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2013-05-30 23:17 - 2013-02-28 16:46 - 00064856 ____A (Kaspersky Lab) C:\Windows\System32\klfphc.dll
2013-05-30 23:17 - 2012-11-09 07:45 - 00750592 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-05-30 23:17 - 2012-11-09 06:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-05-30 23:16 - 2013-03-19 08:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-05-30 23:16 - 2013-03-19 07:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-05-30 23:16 - 2013-03-19 07:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-05-30 23:16 - 2013-03-19 07:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-05-30 23:16 - 2013-03-19 06:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-05-30 23:16 - 2013-03-19 05:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-05-30 23:14 - 2013-05-31 13:52 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-05-30 23:14 - 2013-05-30 23:14 - 00000000 ____D C:\Windows\ELAMBKUP
2013-05-30 23:14 - 2013-05-30 23:14 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-05-30 23:13 - 2013-05-31 00:20 - 00620128 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\klif.sys
2013-05-30 23:13 - 2013-05-31 00:20 - 00090208 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\klflt.sys
2013-05-30 23:09 - 2013-05-30 23:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2013-05-30 22:57 - 2013-05-30 22:57 - 00000000 ____D C:\ProgramData\WRData
2013-05-30 22:53 - 2013-05-30 22:53 - 00002209 ____A C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-05-30 22:53 - 2013-05-30 22:53 - 00002189 ____A C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2013-05-30 22:53 - 2013-01-28 14:19 - 00035104 ____A (TuneUp Software) C:\Windows\System32\TURegOpt.exe
2013-05-30 22:53 - 2013-01-28 14:19 - 00026400 ____A (TuneUp Software) C:\Windows\System32\authuitu.dll
2013-05-30 22:53 - 2013-01-28 14:19 - 00021792 ____A (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-05-30 22:52 - 2013-05-30 22:53 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-05-30 22:51 - 2013-05-30 22:52 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-05-30 22:46 - 2013-05-30 22:46 - 00000000 ____D C:\Program Files\Unlocker
2013-05-30 22:40 - 2013-05-31 00:54 - 00427192 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-30 22:40 - 2013-05-31 00:50 - 00681754 ____A C:\Windows\PFRO.log
2013-05-30 22:34 - 2013-05-30 22:34 - 00000727 ____A C:\Windows\System32\Drivers\etc\hosts.txt
2013-05-30 22:33 - 2013-05-30 22:33 - 00222181 ____A C:\ProgramData\1369945946.bdinstall.bin
2013-05-30 22:17 - 2013-05-30 22:17 - 28211040 ____A (TuneUp Software) C:\Users\xxx\Downloads\TuneUpUtilities2013_3020de-DE.exe
2013-05-30 22:08 - 2013-05-30 23:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-30 22:07 - 2013-05-30 22:07 - 00481048 ____A C:\ProgramData\1369944087.bdinstall.bin
2013-05-30 22:06 - 2013-05-31 13:49 - 00000747 ____A C:\Windows\setupact.log
2013-05-30 22:06 - 2013-05-30 22:06 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_avchv_01009.Wdf
2013-05-30 22:06 - 2013-05-30 22:06 - 00000000 ____D C:\ProgramData\BDLogging
2013-05-30 22:06 - 2013-05-30 22:06 - 00000000 ____A C:\Windows\setuperr.log
2013-05-30 22:06 - 2007-04-11 11:11 - 00511328 ____A (Microsoft Corporation) C:\Windows\capicom.dll
2013-05-30 22:03 - 2013-05-30 22:03 - 00000000 ____D C:\Users\xxx\AppData\Roaming\QuickScan
2013-05-30 22:01 - 2013-05-30 22:40 - 00000000 ____D C:\Program Files\Bitdefender
2013-05-30 22:00 - 2013-05-30 22:00 - 00000116 ____A C:\Users\Public\Desktop\NortonIdentifySafe.url
2013-05-30 21:59 - 2013-05-30 22:33 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-05-30 21:58 - 2013-05-30 21:58 - 02451720 ____A C:\Users\xxx\Downloads\bitdefender_antivirus.exe
2013-05-30 21:55 - 2013-05-30 21:55 - 00111288 ____A C:\Users\xxx\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-30 21:31 - 2013-05-30 22:40 - 00000000 ____D C:\ProgramData\Norton
2013-05-30 21:30 - 2013-05-30 21:30 - 00002359 ____A C:\AdwCleaner[R14].txt
2013-05-29 22:05 - 2013-05-29 22:05 - 00002418 ____A C:\AdwCleaner[S7].txt
2013-05-29 22:05 - 2013-05-29 22:05 - 00002357 ____A C:\AdwCleaner[R13].txt
2013-05-29 10:50 - 2013-05-29 20:50 - 00000000 ____D C:\Users\xxx\Desktop\hydrobotanik
2013-05-28 22:53 - 2013-05-28 22:53 - 00010770 ____A C:\AdwCleaner[S6].txt
2013-05-28 22:53 - 2013-05-28 22:53 - 00010722 ____A C:\AdwCleaner[R12].txt
2013-05-24 15:50 - 2013-05-24 15:50 - 00000000 ____D C:\Users\xxx\Desktop\pflanzenphysio
2013-05-22 20:07 - 2013-05-24 15:57 - 00000000 ____D C:\Users\xxx\Desktop\bk
2013-05-14 19:06 - 2013-05-14 19:10 - 273098621 ____A C:\Users\xxx\Downloads\Next.Door.German.2005.DVDRiP.XviD-FmE.avi
2013-05-14 19:03 - 2013-05-14 19:03 - 00000217 ____A C:\Users\Public\Desktop\Online Games.url
2013-05-11 17:19 - 2013-05-11 17:19 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-05-11 17:19 - 2013-05-11 17:19 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-05-09 16:51 - 2013-05-11 17:17 - 00012353 ____A C:\Users\xxx\Desktop\Mappe1.xlsx
2013-05-08 22:12 - 2013-05-08 22:12 - 00000000 ____D C:\Users\xxx\Desktop\TOOL MAKROPHYTEN
2013-05-06 11:47 - 2013-05-06 11:48 - 20545161 ____A C:\Users\xxx\Desktop\Hammer_Bros-Sleep_Forever-EP-2010-GRAVEWISH.rar
2013-05-06 11:26 - 2013-05-06 11:27 - 15325230 ____A C:\Users\xxx\Desktop\Hammer_Bros_-_ii_ep__2005_.rar
2013-05-06 11:26 - 2013-05-06 11:26 - 06841150 ____A C:\Users\xxx\Desktop\Hammer_Bros_-_7____2004_.rar
2013-05-06 11:24 - 2013-05-06 11:26 - 19381669 ____A C:\Users\xxx\Desktop\We Do What We Want!.rar
2013-05-05 22:54 - 2013-05-31 12:12 - 00000000 ____D C:\Users\xxx\AppData\Roaming\foobar2000
2013-05-05 22:54 - 2013-05-05 22:54 - 00001031 ____A C:\Users\Public\Desktop\foobar2000.lnk
2013-05-05 22:54 - 2013-05-05 22:54 - 00000000 ____D C:\Program Files (x86)\foobar2000
2013-05-05 18:29 - 2013-05-06 11:54 - 00000000 ____D C:\Users\xxx\Desktop\vitality
2013-05-05 18:24 - 2013-05-05 18:27 - 35539240 ____A C:\Users\xxx\Desktop\The Vitality.rar
==================== One Month Modified Files and Folders =======
2013-05-31 13:58 - 2013-05-31 13:58 - 00000623 ____A C:\Users\xxx\Desktop\JRT.txt
2013-05-31 13:57 - 2009-07-14 06:45 - 00017600 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-05-31 13:57 - 2009-07-14 06:45 - 00017600 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-05-31 13:55 - 2012-12-13 23:06 - 01814749 ____A C:\Windows\WindowsUpdate.log
2013-05-31 13:54 - 2012-12-13 05:32 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Skype
2013-05-31 13:53 - 2013-05-31 13:31 - 00000000 ____D C:\JRT
2013-05-31 13:52 - 2013-05-30 23:14 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-05-31 13:51 - 2012-12-13 15:29 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-05-31 13:49 - 2013-05-30 22:06 - 00000747 ____A C:\Windows\setupact.log
2013-05-31 13:49 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-31 13:48 - 2012-12-13 15:29 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-05-31 13:47 - 2013-05-31 13:47 - 00002780 ____A C:\AdwCleaner[S8].txt
2013-05-31 13:45 - 2013-05-31 13:45 - 00018295 ____A C:\Users\xxx\Downloads\Addition.txt
2013-05-31 13:44 - 2013-05-31 13:44 - 00000000 ____D C:\FRST
2013-05-31 13:43 - 2013-05-31 13:43 - 01915980 ____A (Farbar) C:\Users\xxx\Downloads\FRST64.exe
2013-05-31 13:41 - 2013-05-31 13:41 - 00002742 ____A C:\AdwCleaner[R15].txt
2013-05-31 13:31 - 2013-05-31 13:31 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\xxx\Downloads\JRT.exe
2013-05-31 13:31 - 2013-05-31 13:31 - 00000000 ____D C:\Windows\ERUNT
2013-05-31 13:16 - 2012-12-14 04:35 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-05-31 13:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-05-31 12:18 - 2012-12-13 19:12 - 00000000 ____D C:\Users\xxx\AppData\Local\Windows Live
2013-05-31 12:17 - 2009-11-05 05:21 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-31 12:12 - 2013-05-05 22:54 - 00000000 ____D C:\Users\xxx\AppData\Roaming\foobar2000
2013-05-31 11:52 - 2012-12-14 13:27 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-05-31 11:40 - 2009-07-27 22:41 - 00000000 ____D C:\Windows\Panther
2013-05-31 11:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-05-31 11:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-05-31 11:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-05-31 11:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-05-31 11:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-31 11:18 - 2013-05-31 11:11 - 00007827 ____A C:\Windows\IE10_main.log
2013-05-31 11:15 - 2013-05-31 11:15 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-31 11:15 - 2013-05-31 11:15 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-31 11:15 - 2013-05-31 11:15 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-31 11:15 - 2013-05-31 11:15 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-31 11:15 - 2013-05-31 11:15 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-31 11:15 - 2013-05-31 11:15 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-31 11:15 - 2013-05-31 11:15 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-31 11:15 - 2013-05-31 11:15 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-31 11:15 - 2013-05-31 11:15 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-31 11:15 - 2013-05-31 11:15 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-31 11:15 - 2013-05-31 11:15 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-31 11:14 - 2013-05-31 11:14 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-31 11:08 - 2013-03-05 22:54 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Orbit
2013-05-31 11:08 - 2012-12-15 16:21 - 00000000 ____D C:\Users\xxx\AppData\Local\Adobe
2013-05-31 11:01 - 2012-12-13 05:31 - 00000000 ____D C:\ProgramData\Skype
2013-05-31 01:36 - 2013-01-04 22:28 - 00777350 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-05-31 01:36 - 2009-07-14 07:13 - 00777350 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-31 01:24 - 2009-07-14 04:34 - 00000510 ____A C:\Windows\win.ini
2013-05-31 01:12 - 2013-05-31 01:12 - 00061440 ____A C:\Windows\SysWOW64\Drivers\rfdzf.sys
2013-05-31 01:12 - 2013-05-31 01:12 - 00000050 ____A C:\mhtwlnht.txt
2013-05-31 00:54 - 2013-05-30 22:40 - 00427192 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-31 00:50 - 2013-05-30 22:40 - 00681754 ____A C:\Windows\PFRO.log
2013-05-31 00:50 - 2013-01-05 16:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-05-31 00:38 - 2013-05-31 00:18 - 00000000 ____D C:\3673823e69bbcab4d05efa266a2fb7
2013-05-31 00:22 - 2013-05-31 00:22 - 00602112 ____A (OldTimer Tools) C:\Users\xxx\Downloads\OTL.exe
2013-05-31 00:20 - 2013-05-30 23:13 - 00620128 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\klif.sys
2013-05-31 00:20 - 2013-05-30 23:13 - 00090208 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\klflt.sys
2013-05-31 00:20 - 2013-02-28 16:46 - 00055056 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\kltdi.sys
2013-05-31 00:20 - 2012-08-13 16:49 - 00178448 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\kneps.sys
2013-05-31 00:19 - 2012-12-13 05:31 - 00002517 ____A C:\Users\Public\Desktop\Skype.lnk
2013-05-30 23:55 - 2013-05-30 23:55 - 00061440 ____A C:\Windows\SysWOW64\Drivers\twhrx.sys
2013-05-30 23:55 - 2013-05-30 23:55 - 00000050 ____A C:\Program Files (x86)\cdgjx.txt
2013-05-30 23:50 - 2013-05-30 23:50 - 00000000 ____D C:\Users\xxx\Desktop\RK_Quarantine
2013-05-30 23:32 - 2013-05-30 23:32 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-05-30 23:32 - 2013-05-30 23:32 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-05-30 23:31 - 2012-12-14 22:51 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Opera
2013-05-30 23:31 - 2012-12-14 22:51 - 00000000 ____D C:\Users\xxx\AppData\Local\Opera
2013-05-30 23:31 - 2012-12-14 22:51 - 00000000 ____D C:\Program Files (x86)\Opera
2013-05-30 23:29 - 2013-05-30 22:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-30 23:26 - 2013-01-05 16:30 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-05-30 23:17 - 2013-05-30 23:18 - 00001115 ____A C:\Users\Public\Desktop\Kaspersky Anti-Virus 2013.lnk
2013-05-30 23:14 - 2013-05-30 23:14 - 00000000 ____D C:\Windows\ELAMBKUP
2013-05-30 23:14 - 2013-05-30 23:14 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-05-30 23:09 - 2013-05-30 23:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2013-05-30 22:58 - 2012-12-14 13:36 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-05-30 22:58 - 2012-12-13 06:03 - 00000000 ____D C:\Users\xxx\AppData\Local\Microsoft Help
2013-05-30 22:57 - 2013-05-30 22:57 - 00000000 ____D C:\ProgramData\WRData
2013-05-30 22:53 - 2013-05-30 22:53 - 00002209 ____A C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-05-30 22:53 - 2013-05-30 22:53 - 00002189 ____A C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2013-05-30 22:53 - 2013-05-30 22:52 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-05-30 22:52 - 2013-05-30 22:51 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-05-30 22:46 - 2013-05-30 22:46 - 00000000 ____D C:\Program Files\Unlocker
2013-05-30 22:42 - 2013-01-08 19:23 - 00000000 ____D C:\Users\xxx\AppData\Roaming\uTorrent
2013-05-30 22:40 - 2013-05-30 22:01 - 00000000 ____D C:\Program Files\Bitdefender
2013-05-30 22:40 - 2013-05-30 21:31 - 00000000 ____D C:\ProgramData\Norton
2013-05-30 22:34 - 2013-05-30 22:34 - 00000727 ____A C:\Windows\System32\Drivers\etc\hosts.txt
2013-05-30 22:33 - 2013-05-30 22:33 - 00222181 ____A C:\ProgramData\1369945946.bdinstall.bin
2013-05-30 22:33 - 2013-05-30 21:59 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-05-30 22:17 - 2013-05-30 22:17 - 28211040 ____A (TuneUp Software) C:\Users\xxx\Downloads\TuneUpUtilities2013_3020de-DE.exe
2013-05-30 22:07 - 2013-05-30 22:07 - 00481048 ____A C:\ProgramData\1369944087.bdinstall.bin
2013-05-30 22:06 - 2013-05-30 22:06 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_avchv_01009.Wdf
2013-05-30 22:06 - 2013-05-30 22:06 - 00000000 ____D C:\ProgramData\BDLogging
2013-05-30 22:06 - 2013-05-30 22:06 - 00000000 ____A C:\Windows\setuperr.log
2013-05-30 22:03 - 2013-05-30 22:03 - 00000000 ____D C:\Users\xxx\AppData\Roaming\QuickScan
2013-05-30 22:00 - 2013-05-30 22:00 - 00000116 ____A C:\Users\Public\Desktop\NortonIdentifySafe.url
2013-05-30 21:58 - 2013-05-30 21:58 - 02451720 ____A C:\Users\xxx\Downloads\bitdefender_antivirus.exe
2013-05-30 21:56 - 2012-12-14 04:35 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-30 21:56 - 2012-12-14 04:35 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-30 21:55 - 2013-05-30 21:55 - 00111288 ____A C:\Users\xxx\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-30 21:30 - 2013-05-30 21:30 - 00002359 ____A C:\AdwCleaner[R14].txt
2013-05-30 21:23 - 2013-03-19 19:21 - 00000000 ____D C:\Program Files (x86)\Tennis Elbow 2013
2013-05-29 22:09 - 2013-04-03 18:19 - 00000826 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-05-29 22:09 - 2013-04-03 18:19 - 00000000 ____D C:\Program Files\CCleaner
2013-05-29 22:08 - 2012-12-14 20:04 - 00000000 ____D C:\Program Files (x86)\Steam
2013-05-29 22:05 - 2013-05-29 22:05 - 00002418 ____A C:\AdwCleaner[S7].txt
2013-05-29 22:05 - 2013-05-29 22:05 - 00002357 ____A C:\AdwCleaner[R13].txt
2013-05-29 22:05 - 2013-04-04 21:03 - 00632031 ____A C:\Users\xxx\Desktop\adwcleaner.exe
2013-05-29 21:34 - 2012-12-14 23:24 - 00280792 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2013-05-29 21:34 - 2012-12-14 23:19 - 00280792 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2013-05-29 21:18 - 2012-12-14 23:19 - 00281032 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2013-05-29 20:50 - 2013-05-29 10:50 - 00000000 ____D C:\Users\xxx\Desktop\hydrobotanik
2013-05-28 22:53 - 2013-05-28 22:53 - 00010770 ____A C:\AdwCleaner[S6].txt
2013-05-28 22:53 - 2013-05-28 22:53 - 00010722 ____A C:\AdwCleaner[R12].txt
2013-05-27 18:44 - 2013-03-19 19:21 - 00001085 ____A C:\Users\xxx\Desktop\Tennis Elbow 2013.lnk
2013-05-24 15:57 - 2013-05-22 20:07 - 00000000 ____D C:\Users\xxx\Desktop\bk
2013-05-24 15:50 - 2013-05-24 15:50 - 00000000 ____D C:\Users\xxx\Desktop\pflanzenphysio
2013-05-24 13:48 - 2013-03-07 15:00 - 00002187 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-05-21 15:10 - 2009-11-05 02:38 - 00000000 ____D C:\ProgramData\Adobe
2013-05-15 11:44 - 2012-12-14 15:49 - 00014022 ____A C:\Windows\wininit.ini
2013-05-14 20:56 - 2013-03-25 19:32 - 00000000 ____D C:\Users\xxx\AppData\Roaming\vlc
2013-05-14 19:10 - 2013-05-14 19:06 - 273098621 ____A C:\Users\xxx\Downloads\Next.Door.German.2005.DVDRiP.XviD-FmE.avi
2013-05-14 19:03 - 2013-05-14 19:03 - 00000217 ____A C:\Users\Public\Desktop\Online Games.url
2013-05-13 10:58 - 2012-12-13 16:15 - 00000000 ____D C:\Windows\Minidump
2013-05-11 17:19 - 2013-05-11 17:19 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-05-11 17:19 - 2013-05-11 17:19 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-05-11 17:17 - 2013-05-09 16:51 - 00012353 ____A C:\Users\xxx\Desktop\Mappe1.xlsx
2013-05-08 22:12 - 2013-05-08 22:12 - 00000000 ____D C:\Users\xxx\Desktop\TOOL MAKROPHYTEN
2013-05-07 22:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-05-06 11:54 - 2013-05-05 18:29 - 00000000 ____D C:\Users\xxx\Desktop\vitality
2013-05-06 11:48 - 2013-05-06 11:47 - 20545161 ____A C:\Users\xxx\Desktop\Hammer_Bros-Sleep_Forever-EP-2010-GRAVEWISH.rar
2013-05-06 11:27 - 2013-05-06 11:26 - 15325230 ____A C:\Users\xxx\Desktop\Hammer_Bros_-_ii_ep__2005_.rar
2013-05-06 11:26 - 2013-05-06 11:26 - 06841150 ____A C:\Users\xxx\Desktop\Hammer_Bros_-_7____2004_.rar
2013-05-06 11:26 - 2013-05-06 11:24 - 19381669 ____A C:\Users\xxx\Desktop\We Do What We Want!.rar
2013-05-05 22:54 - 2013-05-05 22:54 - 00001031 ____A C:\Users\Public\Desktop\foobar2000.lnk
2013-05-05 22:54 - 2013-05-05 22:54 - 00000000 ____D C:\Program Files (x86)\foobar2000
2013-05-05 18:27 - 2013-05-05 18:24 - 35539240 ____A C:\Users\xxx\Desktop\The Vitality.rar
2013-05-03 16:15 - 2012-12-13 19:04 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-02 02:06 - 2012-12-21 00:05 - 00278800 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
Other Malware:
===========
C:\ProgramData\FullRemove.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
Last Boot: 2013-05-24 00:42
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-05-2013 01
Ran by xxx at 2013-05-31 14:04:39 Run:
Running from C:\Users\xxx\Downloads
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
µTorrent (Version: 3.2.3.28705)
888poker
Acer Arcade Deluxe (Version: 3.0.7112)
Acer Backup Manager (Version: 2.0.0.29)
Acer Crystal Eye Webcam (Version: 5.2.9.3)
Acer ePower Management (Version: 4.05.3004)
Acer eRecovery Management (Version: 4.05.3005)
Acer GameZone Console (Version: 5.1.0.2)
Acer GridVista (Version: 3.01.0730)
Acer Registration (Version: 1.02.3006)
Acer ScreenSaver (Version: 1.1.2009.1217)
Acer Updater (Version: 1.01.3017)
Acer VCM (Version: 4.05.3000)
Acrobat.com (Version: 1.6.65)
Acunetix Web Vulnerability Scanner 8.0 (Version: 8.0)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Reader XI (11.0.03) - Deutsch (Version: 11.0.03)
Adware . Casino Client Removal Tool (Version: 1.0)
Alcor Micro USB Card Reader (Version: 1.4.17.35005)
Alice Greenfingers
Amazonia
ATI Catalyst Install Manager (Version: 3.0.754.0)
AutoHotkey 1.1.09.00 (Version: 1.1.09.00)
Backup Manager Basic (Version: 2.0.0.29)
BMW M3 Challenge (Version: BMW M3 Challenge v1.0.0.0)
Broadcom Gigabit NetLink Controller (Version: 12.33.03)
Canon MG5100 series MP Drivers
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Full Existing (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Full New (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Light (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Previews Vista (Version: 2009.1209.2335.42329)
Catalyst Control Center InstallProxy (Version: 2009.1209.2335.42329)
Catalyst Control Center Localization All (Version: 2009.1209.2335.42329)
CCC Help Chinese Standard (Version: 2009.1209.2334.42329)
CCC Help Chinese Traditional (Version: 2009.1209.2334.42329)
CCC Help Czech (Version: 2009.1209.2334.42329)
CCC Help Danish (Version: 2009.1209.2334.42329)
CCC Help Dutch (Version: 2009.1209.2334.42329)
CCC Help English (Version: 2009.1209.2334.42329)
CCC Help Finnish (Version: 2009.1209.2334.42329)
CCC Help French (Version: 2009.1209.2334.42329)
CCC Help German (Version: 2009.1209.2334.42329)
CCC Help Greek (Version: 2009.1209.2334.42329)
CCC Help Hungarian (Version: 2009.1209.2334.42329)
CCC Help Italian (Version: 2009.1209.2334.42329)
CCC Help Japanese (Version: 2009.1209.2334.42329)
CCC Help Korean (Version: 2009.1209.2334.42329)
CCC Help Norwegian (Version: 2009.1209.2334.42329)
CCC Help Polish (Version: 2009.1209.2334.42329)
CCC Help Portuguese (Version: 2009.1209.2334.42329)
CCC Help Russian (Version: 2009.1209.2334.42329)
CCC Help Spanish (Version: 2009.1209.2334.42329)
CCC Help Swedish (Version: 2009.1209.2334.42329)
CCC Help Thai (Version: 2009.1209.2334.42329)
CCC Help Turkish (Version: 2009.1209.2334.42329)
ccc-core-static (Version: 2009.1209.2335.42329)
ccc-utility64 (Version: 2009.1209.2335.42329)
CCleaner (Version: 4.02)
Cerberus FTP Server (Version: 5.0.64)
Chicken Invaders 2
Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000)
D3DX10 (Version: 15.4.2368.0902)
Dairy Dash
DbMAP 3D Flyer Plugin v.2.1.7r2 (Version: 2.1.7r2)
Dream Day First Home
eBay Worldwide (Version: 2.1.0901)
eMule (Version: 0.50a)
eSobi v2 (Version: 2.0.4.000274)
Farm Frenzy 2
First Class Flurry
foobar2000 v1.2.6 (Version: 1.2.6)
Fotogalerie (Version: 16.4.3505.0912)
Free Alarm Clock 2.7.0 (Version: 2.7)
Game Booster 3 (Version: 3.4)
GameBoost (Version: 1.1.14.2013)
Google Chrome (Version: 27.0.1453.94)
Google Earth (Version: 7.0.3.8542)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.145)
Granny In Paradise
Heroes of Hellas
Identity Card (Version: 1.00.3003)
Intel(R) Management Engine Components (Version: 6.0.0.1179)
Intel(R) Turbo Boost Technology Driver (Version: 01.00.01.1002)
Intel® Matrix Storage Manager
JDownloader Packages
Junk Mail filter update (Version: 16.4.3505.0912)
Kaspersky Anti-Virus 2013 (Version: 13.0.1.4190)
KeyTweak - Keyboard Remapper (remove only)
Launch Manager (Version: 3.0.05)
Merriam Websters Spell Jam
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0)
Microsoft Keyboard Layout Creator 1.4 (Version: 1.4.6000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Language Pack 2007 - German/Deutsch (Version: 12.0.6612.1000)
Microsoft Office O MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office SharePoint Designer MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office X MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SkyDrive (Version: 16.4.6013.0910)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
MiPony 2.0.2 (Version: 2.0.2)
Mipony Download Manager Packages
Movie Maker (Version: 16.4.3505.0912)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyWinLocker (Version: 3.1.76.0)
Norton Online Backup (Version: 1.2.0.36)
Nsauditor 2.5.9
NTI Backup Now 5 (Version: 5.1.2.627)
NTI Backup Now Standard (Version: 5.1.2.627)
NTI Media Maker 8 (Version: 8.0.12.6623)
Orbit Downloader
Photo Gallery (Version: 16.4.3505.0912)
Poker
Poker 770
PunkBuster Services (Version: 0.992)
Realtek High Definition Audio Driver (Version: 6.0.1.5969)
Red Orchestra 2: Heroes of Stalingrad
SecurityKISS Tunnel v0.3.0
SharpKeys (Version: 3.5.0000)
Skype™ 6.3 (Version: 6.3.107)
SmartFTP Client (Version: 4.1.1313.0)
Steam (Version: 1.0.0.0)
Synaptics Pointing Device Driver (Version: 14.0.6.0)
Teleport Pro (Version: 1.68)
Tennis Elbow 2013 1.0a (Version: 1.0a)
Titan Poker
TuneUp Utilities 2013 (Version: 13.0.3020.2)
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.3020.2)
Überwachungstool für die Intel® Turbo-Boost-Technik (Version: 1.0.186.6)
Unlocker 1.9.2 (Version: 1.9.2)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
VLC media player 2.0.5 (Version: 2.0.5)
Welcome Center (Version: 1.00.3008)
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Mail (Version: 16.4.3505.0912)
Windows Live Messenger (Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
Windows Live Writer (Version: 16.4.3505.0912)
Windows Live Writer Resources (Version: 16.4.3505.0912)
Winner Poker
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
==================== Restore Points =========================
30-05-2013 23:21:52 Windows Update
31-05-2013 09:11:06 Windows Update
31-05-2013 10:02:38 Windows Defender Checkpoint
31-05-2013 10:12:30 Windows Update
==================== Hosts content: ==========================
127.0.0.1 www.SMARTTERRA.EU
127.0.0.1 localhost
127.0.0.1 order.tune-up.com
127.0.0.1 tune-up.com
127.0.0.1 tune-up.com/order
127.0.0.1 registertuneup.com
127.0.0.1 download.tune-up.de
127.0.0.1 download.tune-up.com
127.0.0.1 secure.tune-up.com
127.0.0.1 localhost
127.0.0.1 tuneup.de
127.0.0.1 swi.tune-up.com
127.0.0.1 SMARTTERRA.EU
127.0.0.1 www.order.tune-up.com
127.0.0.1 www.tune-up.com
127.0.0.1 www.tune-up.com/order
127.0.0.1 www.registertuneup.com
127.0.0.1 www.download.tune-up.de
127.0.0.1 hxxp://www.download.tune-up.com...une-up.com
127.0.0.1 www.secure.tune-up.com
There are more than 3 lines starting with "127.0.0.1"
==================== Faulty Device Manager Devices =============
Name: Video WebCam
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-05-31 02:29:53.650
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-05-31 02:29:53.648
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-05-31 02:29:53.646
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-05-31 02:29:53.627
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-05-31 02:29:53.625
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-05-31 02:29:53.622
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-01-04 22:01:29.498
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-01-04 22:01:29.447
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 40%
Total physical RAM: 3956.5 MB
Available physical RAM: 2355.25 MB
Total Pagefile: 7911.18 MB
Available Pagefile: 5979.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:463.16 GB) (Free:388.95 GB) NTFS (Disk=0 Partition=3) ==>[Drive with boot components (obtained from BCD)]
Drive d: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS (Disk=0 Partition=2)
Drive f: () (Removable) (Total:0.48 GB) (Free:0.47 GB) FAT (Disk=1 Partition=1)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 596 GB) (Disk ID: F86FF86F)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=463 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=102 GB) - (Type=05)
========================================================
Disk: 1 (Size: 489 MB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=488 MB) - (Type=06)
==================== End Of Log ============================
|
|
31.05.2013, 13:13
| #6 | |
| /// the machine /// TB-Ausbilder | Verdacht auf spywareZitat:
ESET Online Scanner Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
Downloade Dir bitte  SecurityCheck und:
__________________ --> Verdacht auf spyware |
|
31.05.2013, 13:19
| #7 |
| | Verdacht auf spyware hallo jetzt auf die schnelle kann ich dir das nicht sagen ... di port nummer kommt mir allerdings sehr bekannt vor hab da was im Hinterkopf aber weiss nicht mehr genau habe das system mittlerweile schun ziemlich lange laufen ohne wieder mal fomatiert zu haben und experimentiere zeitweise viel herum mit meinem system. jedenfalls hätte es nun keine negativen auswirkungen diesen proxy zu entfernen. was ist das fuer ein proxy ? fuers surfen ? |
|
31.05.2013, 13:21
| #8 |
| /// the machine /// TB-Ausbilder | Verdacht auf spyware ok mach mal den Rest 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.05.2013, 13:27
| #9 |
| | Verdacht auf spyware achso ich glaub i ch weiss jetzt was mit den proxy los ist. ich hatte mal n tool aufm pc um ne proxyverbindung zu polen herzustellen und der proxy ist ja polnisch gerade geguckt...ich habe eine polnische ip gebraucht um ueber steam das alte red orchestra zu aktivieren da es mit dem angebotenen key nur über polnische server funtioniert hat es zu aktivieren... nun koennte ich den eintrag aber eigentlich entfernen , wo mache ich das |
|
31.05.2013, 13:28
| #10 |
| /// the machine /// TB-Ausbilder | Verdacht auf spyware Ich mach das nachher
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.05.2013, 13:31
| #11 |
| | Verdacht auf spyware aha ok das war bei den internet einstellungen bei den system einstellungen so eingestellt aber ist eh nicht aktiviert von daher.. |
|
31.05.2013, 14:06
| #12 |
| /// the machine /// TB-Ausbilder | Verdacht auf spyware alles klar.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.05.2013, 15:04
| #13 |
| | Verdacht auf spyware der eset scan scheint ganz schoen lange zu dauern .. laüft jetzt bald 2 stunden und ist immer noch nicht in der hälfte angelangt. ich denke aber eh dass der nix finden wird. kann ich nicht zeitgleich auch den security check ausfuehren ? UNSUPPORTED OPERATING SYSTEM! ABORTED! meint der security check |
|
31.05.2013, 15:42
| #14 |
| /// the machine /// TB-Ausbilder | Verdacht auf spyware Alles klar. Wenn ESET rum ist bitte noch ein frisches Scanlogfile mit FRST.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.05.2013, 16:12
| #15 |
| | Verdacht auf spywareCode:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-05-2013 01
Ran by xxx (administrator) on 31-05-2013 17:10:11
Running from C:\Users\xxx\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
(Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Users\xxx\Desktop\remapper\KeyRemapper.exe
(Microsoft Corporation) C:\Windows\system32\prevhost.exe
(Microsoft Corporation) C:\Windows\system32\osk.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe
(Microsoft Corporation) C:\Windows\system32\mmc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKCU\...\Run: [KeyMapperStarup] C:\Users\xxx\Desktop\remapper\KeyRemapper.exe /background [155648 2010-11-30] ()
HKCU\...\Run: [FreeAC] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun [1328976 2012-04-25] (Comfort Software Group)
HKCU\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18678376 2013-04-19] (Skype Technologies S.A.)
HKCU\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-11-05] (Google Inc.)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-20] (Microsoft Corporation)
HKCU\...\Runonce: [DeleteGrabPro] rundll32.exe advpack.dll,DelNodeRunDLL32 "C:\Program Files (x86)\Orbitdownloader\GrabPro.dll" [x]
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [154144 2009-12-16] ()
HKU\Default User\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [154144 2009-12-16] ()
==================== Internet (Whitelisted) ====================
ProxyServer: 193.17.184.49:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=foxtab&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBzztC0FyB0F0C0EtC0E0ByEtN0D0Tzu0SyEzyzytN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu1L1C1F1G1H1B1QtDyE&cr=443540607&ir=
SearchScopes: HKLM-x32 - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=foxtab&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBzztC0FyB0F0C0EtC0E0ByEtN0D0Tzu0SyEzyzytN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu1L1C1F1G1H1B1QtDyE&cr=443540607&ir=
SearchScopes: HKCU - {621051FE-C129-2873-AF1E-0F657515E40B} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\zztp6u1e.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: geomind.it/DbMap3dFlyer - C:\Program Files (x86)\Abaco\DbMAP 3D Flyer Plugin\npGeoFlyerPlugin.dll (Geomind Srl)
Chrome:
=======
CHR DefaultSearchURL: (Delta Search) - hxxp://www.delta-search.com/?q={searchTerms}&affID=122471&tt=gc_&babsrc=SP_ss&mntrId=86D900FF781F7FCE
CHR DefaultSuggestURL: (Delta Search) - "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DbMap3dFlyer) - C:\Program Files (x86)\Abaco\DbMAP 3D Flyer Plugin\npGeoFlyerPlugin.dll (Geomind Srl)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
CHR Extension: (Kaspersky URL Advisor) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0
CHR Extension: (Content Blocker) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0
CHR Extension: (Virtual Keyboard) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0
CHR Extension: (Socksharedownloader) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.0_0
==================== Services (Whitelisted) =================
R2 AcuWVSSchedulerv8; C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe [1004216 2012-12-13] ()
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [166424 2012-11-22] (Microsoft Corp.)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-12-16] ()
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S0 bibk; system32\drivers\twhrx.sys [x]
S0 flizp; system32\drivers\rfdzf.sys [x]
R4 kl1; system32\DRIVERS\kl1.sys [x]
R4 KLIF; system32\DRIVERS\klif.sys [x]
R4 klkbdflt; system32\DRIVERS\klkbdflt.sys [x]
R4 klmouflt; system32\DRIVERS\klmouflt.sys [x]
R4 kltdi; system32\DRIVERS\kltdi.sys [x]
R4 kneps; system32\DRIVERS\kneps.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-05-31 16:31 - 2012-10-31 20:21 - 01987072 ____A C:\Users\xxx\Desktop\keygen.exe
2013-05-31 16:29 - 2013-05-31 16:29 - 05280392 ____A (hxxp://www.goforfiles.com/) C:\Users\xxx\Downloads\TuneUp.Utilities.2013-Keygen-TEAM-REPT_downloader_at_53.exe
2013-05-31 16:29 - 2013-05-31 16:29 - 00839152 ____A C:\Users\xxx\Downloads\TuneUp.Utilities.2013-kg-REPT.rar
2013-05-31 16:06 - 2013-05-31 16:06 - 00890839 ____A C:\Users\xxx\Downloads\SecurityCheck (1).exe
2013-05-31 14:41 - 2013-05-31 14:42 - 00890839 ____A C:\Users\xxx\Downloads\SecurityCheck.exe
2013-05-31 14:22 - 2013-05-31 14:22 - 02347384 ____A (ESET) C:\Users\xxx\Downloads\esetsmartinstaller_enu.exe
2013-05-31 14:22 - 2013-05-31 14:22 - 00000000 ____D C:\Program Files (x86)\ESET
2013-05-31 13:58 - 2013-05-31 13:58 - 00000623 ____A C:\Users\xxx\Desktop\JRT.txt
2013-05-31 13:47 - 2013-05-31 13:47 - 00002780 ____A C:\AdwCleaner[S8].txt
2013-05-31 13:45 - 2013-05-31 14:04 - 00018294 ____A C:\Users\xxx\Downloads\Addition.txt
2013-05-31 13:44 - 2013-05-31 13:44 - 00000000 ____D C:\FRST
2013-05-31 13:43 - 2013-05-31 13:43 - 01915980 ____A (Farbar) C:\Users\xxx\Downloads\FRST64.exe
2013-05-31 13:41 - 2013-05-31 13:41 - 00002742 ____A C:\AdwCleaner[R15].txt
2013-05-31 13:31 - 2013-05-31 13:53 - 00000000 ____D C:\JRT
2013-05-31 13:31 - 2013-05-31 13:31 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\xxx\Downloads\JRT.exe
2013-05-31 13:31 - 2013-05-31 13:31 - 00000000 ____D C:\Windows\ERUNT
2013-05-31 12:12 - 2013-03-19 07:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-31 12:12 - 2013-03-19 07:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-31 12:12 - 2012-11-22 07:44 - 00800768 ____A (Microsoft Corporation) C:\Windows\System32\usp10.dll
2013-05-31 12:12 - 2012-11-22 06:45 - 00626688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-05-31 12:11 - 2012-12-07 15:20 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\Wpc.dll
2013-05-31 12:11 - 2012-12-07 15:15 - 02746368 ____A (Microsoft Corporation) C:\Windows\System32\gameux.dll
2013-05-31 12:11 - 2012-12-07 14:26 - 00308736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-05-31 12:11 - 2012-12-07 14:20 - 02576384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-05-31 12:11 - 2012-12-07 13:20 - 00045568 ____A (Microsoft) C:\Windows\System32\oflc-nz.rs
2013-05-31 12:11 - 2012-12-07 13:20 - 00044544 ____A (Microsoft) C:\Windows\System32\pegibbfc.rs
2013-05-31 12:11 - 2012-12-07 13:20 - 00043520 ____A (Microsoft) C:\Windows\System32\csrr.rs
2013-05-31 12:11 - 2012-12-07 13:20 - 00030720 ____A (Microsoft) C:\Windows\System32\usk.rs
2013-05-31 12:11 - 2012-12-07 13:20 - 00023552 ____A (Microsoft) C:\Windows\System32\oflc.rs
2013-05-31 12:11 - 2012-12-07 13:20 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-pt.rs
2013-05-31 12:11 - 2012-12-07 13:20 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-fi.rs
2013-05-31 12:11 - 2012-12-07 13:19 - 00055296 ____A (Microsoft) C:\Windows\System32\cero.rs
2013-05-31 12:11 - 2012-12-07 13:19 - 00051712 ____A (Microsoft) C:\Windows\System32\esrb.rs
2013-05-31 12:11 - 2012-12-07 13:19 - 00046592 ____A (Microsoft) C:\Windows\System32\fpb.rs
2013-05-31 12:11 - 2012-12-07 13:19 - 00040960 ____A (Microsoft) C:\Windows\System32\cob-au.rs
2013-05-31 12:11 - 2012-12-07 13:19 - 00021504 ____A (Microsoft) C:\Windows\System32\grb.rs
2013-05-31 12:11 - 2012-12-07 13:19 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi.rs
2013-05-31 12:11 - 2012-12-07 13:19 - 00015360 ____A (Microsoft) C:\Windows\System32\djctq.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00055296 ____A (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00051712 ____A (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00046592 ____A (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00045568 ____A (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00044544 ____A (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00043520 ____A (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00040960 ____A (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00030720 ____A (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00023552 ____A (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00021504 ____A (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-05-31 12:11 - 2012-12-07 12:46 - 00015360 ____A (Microsoft) C:\Windows\SysWOW64\djctq.rs
2013-05-31 12:10 - 2012-11-30 07:45 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2013-05-31 12:10 - 2012-11-30 07:45 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2013-05-31 12:10 - 2012-11-30 07:45 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2013-05-31 12:10 - 2012-11-30 07:43 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2013-05-31 12:10 - 2012-11-30 07:41 - 01161216 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-05-31 12:10 - 2012-11-30 07:41 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 07:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:53 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-05-31 12:10 - 2012-11-30 06:53 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 06:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 05:23 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-05-31 12:10 - 2012-11-30 04:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 04:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 04:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 04:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-05-31 12:10 - 2012-11-30 01:17 - 00420064 ____A C:\Windows\SysWOW64\locale.nls
2013-05-31 12:10 - 2012-11-30 01:15 - 00420064 ____A C:\Windows\System32\locale.nls
2013-05-31 12:06 - 2013-01-24 08:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2013-05-31 11:15 - 2013-05-31 11:15 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-31 11:15 - 2013-05-31 11:15 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-31 11:15 - 2013-05-31 11:15 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-31 11:15 - 2013-05-31 11:15 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-31 11:15 - 2013-05-31 11:15 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-31 11:15 - 2013-05-31 11:15 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-31 11:15 - 2013-05-31 11:15 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-31 11:15 - 2013-05-31 11:15 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-31 11:15 - 2013-05-31 11:15 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-31 11:15 - 2013-05-31 11:15 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-31 11:15 - 2013-05-31 11:15 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-31 11:14 - 2013-05-31 11:14 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-31 11:11 - 2013-05-31 11:18 - 00007827 ____A C:\Windows\IE10_main.log
2013-05-31 01:12 - 2013-05-31 01:12 - 00061440 ____A C:\Windows\SysWOW64\Drivers\rfdzf.sys
2013-05-31 01:12 - 2013-05-31 01:12 - 00000050 ____A C:\mhtwlnht.txt
2013-05-31 00:22 - 2013-05-31 00:22 - 00602112 ____A (OldTimer Tools) C:\Users\xxx\Downloads\OTL.exe
2013-05-31 00:18 - 2013-05-31 00:38 - 00000000 ____D C:\3673823e69bbcab4d05efa266a2fb7
2013-05-30 23:55 - 2013-05-30 23:55 - 00061440 ____A C:\Windows\SysWOW64\Drivers\twhrx.sys
2013-05-30 23:55 - 2013-05-30 23:55 - 00000050 ____A C:\Program Files (x86)\cdgjx.txt
2013-05-30 23:50 - 2013-05-30 23:50 - 00000000 ____D C:\Users\xxx\Desktop\RK_Quarantine
2013-05-30 23:32 - 2013-05-30 23:32 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-05-30 23:32 - 2013-05-30 23:32 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-05-30 23:22 - 2013-04-10 08:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-30 23:22 - 2013-04-10 08:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-30 23:22 - 2012-11-20 07:48 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2013-05-30 23:22 - 2012-11-20 06:51 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-05-30 23:22 - 2012-11-01 07:43 - 02002432 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-05-30 23:22 - 2012-11-01 07:43 - 01882624 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2013-05-30 23:22 - 2012-11-01 06:47 - 01389568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-05-30 23:22 - 2012-11-01 06:47 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-05-30 23:22 - 2011-02-03 13:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-05-30 23:20 - 2013-02-27 08:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-30 23:20 - 2013-02-27 07:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-30 23:20 - 2013-02-27 07:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-30 23:20 - 2013-02-27 07:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-30 23:20 - 2013-02-27 07:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-30 23:20 - 2013-02-27 06:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-30 23:20 - 2013-02-27 06:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-30 23:20 - 2013-02-27 06:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-30 23:20 - 2013-01-04 07:46 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-05-30 23:20 - 2013-01-04 06:51 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-05-30 23:20 - 2013-01-04 04:47 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-05-30 23:20 - 2013-01-04 04:47 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-05-30 23:20 - 2013-01-04 04:47 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-05-30 23:20 - 2013-01-04 04:47 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-05-30 23:19 - 2013-01-03 08:00 - 01913192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-05-30 23:19 - 2013-01-03 08:00 - 00288088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-05-30 23:18 - 2013-04-12 16:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-05-30 23:18 - 2013-04-10 05:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-30 23:18 - 2013-02-12 06:12 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-05-30 23:18 - 2012-11-23 05:13 - 00068608 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2013-05-30 23:17 - 2012-11-09 07:45 - 00750592 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-05-30 23:17 - 2012-11-09 06:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-05-30 23:16 - 2013-03-19 08:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-05-30 23:16 - 2013-03-19 07:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-05-30 23:16 - 2013-03-19 07:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-05-30 23:16 - 2013-03-19 07:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-05-30 23:16 - 2013-03-19 06:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-05-30 23:16 - 2013-03-19 05:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-05-30 23:09 - 2013-05-30 23:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2013-05-30 22:57 - 2013-05-30 22:57 - 00000000 ____D C:\ProgramData\WRData
2013-05-30 22:53 - 2013-05-30 22:53 - 00002209 ____A C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-05-30 22:53 - 2013-05-30 22:53 - 00002189 ____A C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2013-05-30 22:53 - 2013-01-28 14:19 - 00035104 ____A (TuneUp Software) C:\Windows\System32\TURegOpt.exe
2013-05-30 22:53 - 2013-01-28 14:19 - 00026400 ____A (TuneUp Software) C:\Windows\System32\authuitu.dll
2013-05-30 22:53 - 2013-01-28 14:19 - 00021792 ____A (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-05-30 22:52 - 2013-05-31 16:37 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-05-30 22:51 - 2013-05-30 22:52 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-05-30 22:46 - 2013-05-30 22:46 - 00000000 ____D C:\Program Files\Unlocker
2013-05-30 22:40 - 2013-05-31 00:54 - 00427192 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-30 22:40 - 2013-05-31 00:50 - 00681754 ____A C:\Windows\PFRO.log
2013-05-30 22:34 - 2013-05-30 22:34 - 00000727 ____A C:\Windows\System32\Drivers\etc\hosts.txt
2013-05-30 22:33 - 2013-05-30 22:33 - 00222181 ____A C:\ProgramData\1369945946.bdinstall.bin
2013-05-30 22:17 - 2013-05-30 22:17 - 28211040 ____A (TuneUp Software) C:\Users\xxx\Downloads\TuneUpUtilities2013_3020de-DE.exe
2013-05-30 22:08 - 2013-05-30 23:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-30 22:07 - 2013-05-30 22:07 - 00481048 ____A C:\ProgramData\1369944087.bdinstall.bin
2013-05-30 22:06 - 2013-05-31 13:49 - 00000747 ____A C:\Windows\setupact.log
2013-05-30 22:06 - 2013-05-30 22:06 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_avchv_01009.Wdf
2013-05-30 22:06 - 2013-05-30 22:06 - 00000000 ____D C:\ProgramData\BDLogging
2013-05-30 22:06 - 2013-05-30 22:06 - 00000000 ____A C:\Windows\setuperr.log
2013-05-30 22:06 - 2007-04-11 11:11 - 00511328 ____A (Microsoft Corporation) C:\Windows\capicom.dll
2013-05-30 22:03 - 2013-05-30 22:03 - 00000000 ____D C:\Users\xxx\AppData\Roaming\QuickScan
2013-05-30 22:01 - 2013-05-30 22:40 - 00000000 ____D C:\Program Files\Bitdefender
2013-05-30 22:00 - 2013-05-30 22:00 - 00000116 ____A C:\Users\Public\Desktop\NortonIdentifySafe.url
2013-05-30 21:59 - 2013-05-30 22:33 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-05-30 21:58 - 2013-05-30 21:58 - 02451720 ____A C:\Users\xxx\Downloads\bitdefender_antivirus.exe
2013-05-30 21:55 - 2013-05-30 21:55 - 00111288 ____A C:\Users\xxx\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-30 21:31 - 2013-05-30 22:40 - 00000000 ____D C:\ProgramData\Norton
2013-05-30 21:30 - 2013-05-30 21:30 - 00002359 ____A C:\AdwCleaner[R14].txt
2013-05-29 22:05 - 2013-05-29 22:05 - 00002418 ____A C:\AdwCleaner[S7].txt
2013-05-29 22:05 - 2013-05-29 22:05 - 00002357 ____A C:\AdwCleaner[R13].txt
2013-05-29 10:50 - 2013-05-29 20:50 - 00000000 ____D C:\Users\xxx\Desktop\hydrobotanik
2013-05-28 22:53 - 2013-05-28 22:53 - 00010770 ____A C:\AdwCleaner[S6].txt
2013-05-28 22:53 - 2013-05-28 22:53 - 00010722 ____A C:\AdwCleaner[R12].txt
2013-05-24 15:50 - 2013-05-24 15:50 - 00000000 ____D C:\Users\xxx\Desktop\pflanzenphysio
2013-05-22 20:07 - 2013-05-24 15:57 - 00000000 ____D C:\Users\xxx\Desktop\bk
2013-05-14 19:06 - 2013-05-14 19:10 - 273098621 ____A C:\Users\xxx\Downloads\Next.Door.German.2005.DVDRiP.XviD-FmE.avi
2013-05-14 19:03 - 2013-05-14 19:03 - 00000217 ____A C:\Users\Public\Desktop\Online Games.url
2013-05-11 17:19 - 2013-05-11 17:19 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-05-11 17:19 - 2013-05-11 17:19 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-05-09 16:51 - 2013-05-11 17:17 - 00012353 ____A C:\Users\xxx\Desktop\Mappe1.xlsx
2013-05-08 22:12 - 2013-05-08 22:12 - 00000000 ____D C:\Users\xxx\Desktop\TOOL MAKROPHYTEN
2013-05-06 11:47 - 2013-05-06 11:48 - 20545161 ____A C:\Users\xxx\Desktop\Hammer_Bros-Sleep_Forever-EP-2010-GRAVEWISH.rar
2013-05-06 11:26 - 2013-05-06 11:27 - 15325230 ____A C:\Users\xxx\Desktop\Hammer_Bros_-_ii_ep__2005_.rar
2013-05-06 11:26 - 2013-05-06 11:26 - 06841150 ____A C:\Users\xxx\Desktop\Hammer_Bros_-_7____2004_.rar
2013-05-06 11:24 - 2013-05-06 11:26 - 19381669 ____A C:\Users\xxx\Desktop\We Do What We Want!.rar
2013-05-05 22:54 - 2013-05-31 12:12 - 00000000 ____D C:\Users\xxx\AppData\Roaming\foobar2000
2013-05-05 22:54 - 2013-05-05 22:54 - 00001031 ____A C:\Users\Public\Desktop\foobar2000.lnk
2013-05-05 22:54 - 2013-05-05 22:54 - 00000000 ____D C:\Program Files (x86)\foobar2000
2013-05-05 18:29 - 2013-05-06 11:54 - 00000000 ____D C:\Users\xxx\Desktop\vitality
2013-05-05 18:24 - 2013-05-05 18:27 - 35539240 ____A C:\Users\xxx\Desktop\The Vitality.rar
==================== One Month Modified Files and Folders =======
2013-05-31 17:07 - 2012-12-13 05:32 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Skype
2013-05-31 16:48 - 2012-12-13 15:29 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-05-31 16:37 - 2013-05-30 22:52 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-05-31 16:35 - 2013-03-05 22:54 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Orbit
2013-05-31 16:29 - 2013-05-31 16:29 - 05280392 ____A (hxxp://www.goforfiles.com/) C:\Users\xxx\Downloads\TuneUp.Utilities.2013-Keygen-TEAM-REPT_downloader_at_53.exe
2013-05-31 16:29 - 2013-05-31 16:29 - 00839152 ____A C:\Users\xxx\Downloads\TuneUp.Utilities.2013-kg-REPT.rar
2013-05-31 16:16 - 2012-12-14 04:35 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-05-31 16:06 - 2013-05-31 16:06 - 00890839 ____A C:\Users\xxx\Downloads\SecurityCheck (1).exe
2013-05-31 15:55 - 2013-03-19 19:21 - 00000000 ____D C:\Program Files (x86)\Tennis Elbow 2013
2013-05-31 14:42 - 2013-05-31 14:41 - 00890839 ____A C:\Users\xxx\Downloads\SecurityCheck.exe
2013-05-31 14:35 - 2009-07-14 06:45 - 00017600 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-05-31 14:35 - 2009-07-14 06:45 - 00017600 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-05-31 14:22 - 2013-05-31 14:22 - 02347384 ____A (ESET) C:\Users\xxx\Downloads\esetsmartinstaller_enu.exe
2013-05-31 14:22 - 2013-05-31 14:22 - 00000000 ____D C:\Program Files (x86)\ESET
2013-05-31 14:04 - 2013-05-31 13:45 - 00018294 ____A C:\Users\xxx\Downloads\Addition.txt
2013-05-31 13:58 - 2013-05-31 13:58 - 00000623 ____A C:\Users\xxx\Desktop\JRT.txt
2013-05-31 13:55 - 2012-12-13 23:06 - 01814749 ____A C:\Windows\WindowsUpdate.log
2013-05-31 13:53 - 2013-05-31 13:31 - 00000000 ____D C:\JRT
2013-05-31 13:51 - 2012-12-13 15:29 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-05-31 13:49 - 2013-05-30 22:06 - 00000747 ____A C:\Windows\setupact.log
2013-05-31 13:49 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-31 13:47 - 2013-05-31 13:47 - 00002780 ____A C:\AdwCleaner[S8].txt
2013-05-31 13:44 - 2013-05-31 13:44 - 00000000 ____D C:\FRST
2013-05-31 13:43 - 2013-05-31 13:43 - 01915980 ____A (Farbar) C:\Users\xxx\Downloads\FRST64.exe
2013-05-31 13:41 - 2013-05-31 13:41 - 00002742 ____A C:\AdwCleaner[R15].txt
2013-05-31 13:31 - 2013-05-31 13:31 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\xxx\Downloads\JRT.exe
2013-05-31 13:31 - 2013-05-31 13:31 - 00000000 ____D C:\Windows\ERUNT
2013-05-31 13:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-05-31 12:18 - 2012-12-13 19:12 - 00000000 ____D C:\Users\xxx\AppData\Local\Windows Live
2013-05-31 12:17 - 2009-11-05 05:21 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-31 12:12 - 2013-05-05 22:54 - 00000000 ____D C:\Users\xxx\AppData\Roaming\foobar2000
2013-05-31 11:52 - 2012-12-14 13:27 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-05-31 11:40 - 2009-07-27 22:41 - 00000000 ____D C:\Windows\Panther
2013-05-31 11:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-05-31 11:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-05-31 11:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-05-31 11:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-05-31 11:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-31 11:18 - 2013-05-31 11:11 - 00007827 ____A C:\Windows\IE10_main.log
2013-05-31 11:15 - 2013-05-31 11:15 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-31 11:15 - 2013-05-31 11:15 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-31 11:15 - 2013-05-31 11:15 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-31 11:15 - 2013-05-31 11:15 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-31 11:15 - 2013-05-31 11:15 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-31 11:15 - 2013-05-31 11:15 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-31 11:15 - 2013-05-31 11:15 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-31 11:15 - 2013-05-31 11:15 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-31 11:15 - 2013-05-31 11:15 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-31 11:15 - 2013-05-31 11:15 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-31 11:15 - 2013-05-31 11:15 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-31 11:15 - 2013-05-31 11:15 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-31 11:15 - 2013-05-31 11:15 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-31 11:14 - 2013-05-31 11:14 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-31 11:14 - 2013-05-31 11:14 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-31 11:08 - 2012-12-15 16:21 - 00000000 ____D C:\Users\xxx\AppData\Local\Adobe
2013-05-31 11:01 - 2012-12-13 05:31 - 00000000 ____D C:\ProgramData\Skype
2013-05-31 01:36 - 2013-01-04 22:28 - 00777350 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-05-31 01:36 - 2009-07-14 07:13 - 00777350 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-31 01:24 - 2009-07-14 04:34 - 00000510 ____A C:\Windows\win.ini
2013-05-31 01:12 - 2013-05-31 01:12 - 00061440 ____A C:\Windows\SysWOW64\Drivers\rfdzf.sys
2013-05-31 01:12 - 2013-05-31 01:12 - 00000050 ____A C:\mhtwlnht.txt
2013-05-31 00:54 - 2013-05-30 22:40 - 00427192 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-31 00:50 - 2013-05-30 22:40 - 00681754 ____A C:\Windows\PFRO.log
2013-05-31 00:50 - 2013-01-05 16:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-05-31 00:38 - 2013-05-31 00:18 - 00000000 ____D C:\3673823e69bbcab4d05efa266a2fb7
2013-05-31 00:22 - 2013-05-31 00:22 - 00602112 ____A (OldTimer Tools) C:\Users\xxx\Downloads\OTL.exe
2013-05-31 00:19 - 2012-12-13 05:31 - 00002517 ____A C:\Users\Public\Desktop\Skype.lnk
2013-05-30 23:55 - 2013-05-30 23:55 - 00061440 ____A C:\Windows\SysWOW64\Drivers\twhrx.sys
2013-05-30 23:55 - 2013-05-30 23:55 - 00000050 ____A C:\Program Files (x86)\cdgjx.txt
2013-05-30 23:50 - 2013-05-30 23:50 - 00000000 ____D C:\Users\xxx\Desktop\RK_Quarantine
2013-05-30 23:32 - 2013-05-30 23:32 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-05-30 23:32 - 2013-05-30 23:32 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-05-30 23:31 - 2012-12-14 22:51 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Opera
2013-05-30 23:31 - 2012-12-14 22:51 - 00000000 ____D C:\Users\xxx\AppData\Local\Opera
2013-05-30 23:31 - 2012-12-14 22:51 - 00000000 ____D C:\Program Files (x86)\Opera
2013-05-30 23:29 - 2013-05-30 22:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-30 23:26 - 2013-01-05 16:30 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-05-30 23:09 - 2013-05-30 23:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2013-05-30 22:58 - 2012-12-14 13:36 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-05-30 22:58 - 2012-12-13 06:03 - 00000000 ____D C:\Users\xxx\AppData\Local\Microsoft Help
2013-05-30 22:57 - 2013-05-30 22:57 - 00000000 ____D C:\ProgramData\WRData
2013-05-30 22:53 - 2013-05-30 22:53 - 00002209 ____A C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-05-30 22:53 - 2013-05-30 22:53 - 00002189 ____A C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2013-05-30 22:52 - 2013-05-30 22:51 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-05-30 22:46 - 2013-05-30 22:46 - 00000000 ____D C:\Program Files\Unlocker
2013-05-30 22:42 - 2013-01-08 19:23 - 00000000 ____D C:\Users\xxx\AppData\Roaming\uTorrent
2013-05-30 22:40 - 2013-05-30 22:01 - 00000000 ____D C:\Program Files\Bitdefender
2013-05-30 22:40 - 2013-05-30 21:31 - 00000000 ____D C:\ProgramData\Norton
2013-05-30 22:34 - 2013-05-30 22:34 - 00000727 ____A C:\Windows\System32\Drivers\etc\hosts.txt
2013-05-30 22:33 - 2013-05-30 22:33 - 00222181 ____A C:\ProgramData\1369945946.bdinstall.bin
2013-05-30 22:33 - 2013-05-30 21:59 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-05-30 22:17 - 2013-05-30 22:17 - 28211040 ____A (TuneUp Software) C:\Users\xxx\Downloads\TuneUpUtilities2013_3020de-DE.exe
2013-05-30 22:07 - 2013-05-30 22:07 - 00481048 ____A C:\ProgramData\1369944087.bdinstall.bin
2013-05-30 22:06 - 2013-05-30 22:06 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_avchv_01009.Wdf
2013-05-30 22:06 - 2013-05-30 22:06 - 00000000 ____D C:\ProgramData\BDLogging
2013-05-30 22:06 - 2013-05-30 22:06 - 00000000 ____A C:\Windows\setuperr.log
2013-05-30 22:03 - 2013-05-30 22:03 - 00000000 ____D C:\Users\xxx\AppData\Roaming\QuickScan
2013-05-30 22:00 - 2013-05-30 22:00 - 00000116 ____A C:\Users\Public\Desktop\NortonIdentifySafe.url
2013-05-30 21:58 - 2013-05-30 21:58 - 02451720 ____A C:\Users\xxx\Downloads\bitdefender_antivirus.exe
2013-05-30 21:56 - 2012-12-14 04:35 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-30 21:56 - 2012-12-14 04:35 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-30 21:55 - 2013-05-30 21:55 - 00111288 ____A C:\Users\xxx\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-30 21:30 - 2013-05-30 21:30 - 00002359 ____A C:\AdwCleaner[R14].txt
2013-05-29 22:09 - 2013-04-03 18:19 - 00000826 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-05-29 22:09 - 2013-04-03 18:19 - 00000000 ____D C:\Program Files\CCleaner
2013-05-29 22:08 - 2012-12-14 20:04 - 00000000 ____D C:\Program Files (x86)\Steam
2013-05-29 22:05 - 2013-05-29 22:05 - 00002418 ____A C:\AdwCleaner[S7].txt
2013-05-29 22:05 - 2013-05-29 22:05 - 00002357 ____A C:\AdwCleaner[R13].txt
2013-05-29 22:05 - 2013-04-04 21:03 - 00632031 ____A C:\Users\xxx\Desktop\adwcleaner.exe
2013-05-29 21:34 - 2012-12-14 23:24 - 00280792 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2013-05-29 21:34 - 2012-12-14 23:19 - 00280792 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2013-05-29 21:18 - 2012-12-14 23:19 - 00281032 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2013-05-29 20:50 - 2013-05-29 10:50 - 00000000 ____D C:\Users\xxx\Desktop\hydrobotanik
2013-05-28 22:53 - 2013-05-28 22:53 - 00010770 ____A C:\AdwCleaner[S6].txt
2013-05-28 22:53 - 2013-05-28 22:53 - 00010722 ____A C:\AdwCleaner[R12].txt
2013-05-27 18:44 - 2013-03-19 19:21 - 00001085 ____A C:\Users\xxx\Desktop\Tennis Elbow 2013.lnk
2013-05-24 15:57 - 2013-05-22 20:07 - 00000000 ____D C:\Users\xxx\Desktop\bk
2013-05-24 15:50 - 2013-05-24 15:50 - 00000000 ____D C:\Users\xxx\Desktop\pflanzenphysio
2013-05-24 13:48 - 2013-03-07 15:00 - 00002187 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-05-21 15:10 - 2009-11-05 02:38 - 00000000 ____D C:\ProgramData\Adobe
2013-05-15 11:44 - 2012-12-14 15:49 - 00014022 ____A C:\Windows\wininit.ini
2013-05-14 20:56 - 2013-03-25 19:32 - 00000000 ____D C:\Users\xxx\AppData\Roaming\vlc
2013-05-14 19:10 - 2013-05-14 19:06 - 273098621 ____A C:\Users\xxx\Downloads\Next.Door.German.2005.DVDRiP.XviD-FmE.avi
2013-05-14 19:03 - 2013-05-14 19:03 - 00000217 ____A C:\Users\Public\Desktop\Online Games.url
2013-05-13 10:58 - 2012-12-13 16:15 - 00000000 ____D C:\Windows\Minidump
2013-05-11 17:19 - 2013-05-11 17:19 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-05-11 17:19 - 2013-05-11 17:19 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-05-11 17:17 - 2013-05-09 16:51 - 00012353 ____A C:\Users\xxx\Desktop\Mappe1.xlsx
2013-05-08 22:12 - 2013-05-08 22:12 - 00000000 ____D C:\Users\xxx\Desktop\TOOL MAKROPHYTEN
2013-05-07 22:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-05-06 11:54 - 2013-05-05 18:29 - 00000000 ____D C:\Users\xxx\Desktop\vitality
2013-05-06 11:48 - 2013-05-06 11:47 - 20545161 ____A C:\Users\xxx\Desktop\Hammer_Bros-Sleep_Forever-EP-2010-GRAVEWISH.rar
2013-05-06 11:27 - 2013-05-06 11:26 - 15325230 ____A C:\Users\xxx\Desktop\Hammer_Bros_-_ii_ep__2005_.rar
2013-05-06 11:26 - 2013-05-06 11:26 - 06841150 ____A C:\Users\xxx\Desktop\Hammer_Bros_-_7____2004_.rar
2013-05-06 11:26 - 2013-05-06 11:24 - 19381669 ____A C:\Users\xxx\Desktop\We Do What We Want!.rar
2013-05-05 22:54 - 2013-05-05 22:54 - 00001031 ____A C:\Users\Public\Desktop\foobar2000.lnk
2013-05-05 22:54 - 2013-05-05 22:54 - 00000000 ____D C:\Program Files (x86)\foobar2000
2013-05-05 18:27 - 2013-05-05 18:24 - 35539240 ____A C:\Users\xxx\Desktop\The Vitality.rar
2013-05-03 16:15 - 2012-12-13 19:04 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-02 02:06 - 2012-12-21 00:05 - 00278800 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
Other Malware:
===========
C:\ProgramData\FullRemove.exe
C:\ProgramData\ntuser.dat
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
Last Boot: 2013-05-24 00:42
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-05-2013 01
Ran by xxx at 2013-05-31 17:10:49 Run:
Running from C:\Users\xxx\Downloads
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
µTorrent (Version: 3.2.3.28705)
888poker
Acer Arcade Deluxe (Version: 3.0.7112)
Acer Backup Manager (Version: 2.0.0.29)
Acer Crystal Eye Webcam (Version: 5.2.9.3)
Acer ePower Management (Version: 4.05.3004)
Acer eRecovery Management (Version: 4.05.3005)
Acer GameZone Console (Version: 5.1.0.2)
Acer GridVista (Version: 3.01.0730)
Acer Registration (Version: 1.02.3006)
Acer ScreenSaver (Version: 1.1.2009.1217)
Acer Updater (Version: 1.01.3017)
Acer VCM (Version: 4.05.3000)
Acrobat.com (Version: 1.6.65)
Acunetix Web Vulnerability Scanner 8.0 (Version: 8.0)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Reader XI (11.0.03) - Deutsch (Version: 11.0.03)
Adware . Casino Client Removal Tool (Version: 1.0)
Alcor Micro USB Card Reader (Version: 1.4.17.35005)
Alice Greenfingers
Amazonia
ATI Catalyst Install Manager (Version: 3.0.754.0)
AutoHotkey 1.1.09.00 (Version: 1.1.09.00)
Backup Manager Basic (Version: 2.0.0.29)
BMW M3 Challenge (Version: BMW M3 Challenge v1.0.0.0)
Broadcom Gigabit NetLink Controller (Version: 12.33.03)
Canon MG5100 series MP Drivers
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Full Existing (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Full New (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Light (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Previews Vista (Version: 2009.1209.2335.42329)
Catalyst Control Center InstallProxy (Version: 2009.1209.2335.42329)
Catalyst Control Center Localization All (Version: 2009.1209.2335.42329)
CCC Help Chinese Standard (Version: 2009.1209.2334.42329)
CCC Help Chinese Traditional (Version: 2009.1209.2334.42329)
CCC Help Czech (Version: 2009.1209.2334.42329)
CCC Help Danish (Version: 2009.1209.2334.42329)
CCC Help Dutch (Version: 2009.1209.2334.42329)
CCC Help English (Version: 2009.1209.2334.42329)
CCC Help Finnish (Version: 2009.1209.2334.42329)
CCC Help French (Version: 2009.1209.2334.42329)
CCC Help German (Version: 2009.1209.2334.42329)
CCC Help Greek (Version: 2009.1209.2334.42329)
CCC Help Hungarian (Version: 2009.1209.2334.42329)
CCC Help Italian (Version: 2009.1209.2334.42329)
CCC Help Japanese (Version: 2009.1209.2334.42329)
CCC Help Korean (Version: 2009.1209.2334.42329)
CCC Help Norwegian (Version: 2009.1209.2334.42329)
CCC Help Polish (Version: 2009.1209.2334.42329)
CCC Help Portuguese (Version: 2009.1209.2334.42329)
CCC Help Russian (Version: 2009.1209.2334.42329)
CCC Help Spanish (Version: 2009.1209.2334.42329)
CCC Help Swedish (Version: 2009.1209.2334.42329)
CCC Help Thai (Version: 2009.1209.2334.42329)
CCC Help Turkish (Version: 2009.1209.2334.42329)
ccc-core-static (Version: 2009.1209.2335.42329)
ccc-utility64 (Version: 2009.1209.2335.42329)
CCleaner (Version: 4.02)
Chicken Invaders 2
Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000)
D3DX10 (Version: 15.4.2368.0902)
Dairy Dash
DbMAP 3D Flyer Plugin v.2.1.7r2 (Version: 2.1.7r2)
Dream Day First Home
eBay Worldwide (Version: 2.1.0901)
eMule (Version: 0.50a)
ESET Online Scanner v3
eSobi v2 (Version: 2.0.4.000274)
Farm Frenzy 2
First Class Flurry
foobar2000 v1.2.6 (Version: 1.2.6)
Fotogalerie (Version: 16.4.3505.0912)
Free Alarm Clock 2.7.0 (Version: 2.7)
Game Booster 3 (Version: 3.4)
GameBoost (Version: 1.1.14.2013)
Google Chrome (Version: 27.0.1453.94)
Google Earth (Version: 7.0.3.8542)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.145)
Granny In Paradise
Heroes of Hellas
Identity Card (Version: 1.00.3003)
Intel(R) Management Engine Components (Version: 6.0.0.1179)
Intel(R) Turbo Boost Technology Driver (Version: 01.00.01.1002)
Intel® Matrix Storage Manager
JDownloader Packages
Junk Mail filter update (Version: 16.4.3505.0912)
KeyTweak - Keyboard Remapper (remove only)
Launch Manager (Version: 3.0.05)
Merriam Websters Spell Jam
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0)
Microsoft Keyboard Layout Creator 1.4 (Version: 1.4.6000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Language Pack 2007 - German/Deutsch (Version: 12.0.6612.1000)
Microsoft Office O MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office SharePoint Designer MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office X MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SkyDrive (Version: 16.4.6013.0910)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
MiPony 2.0.2 (Version: 2.0.2)
Mipony Download Manager Packages
Movie Maker (Version: 16.4.3505.0912)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyWinLocker (Version: 3.1.76.0)
Norton Online Backup (Version: 1.2.0.36)
Nsauditor 2.5.9
NTI Backup Now 5 (Version: 5.1.2.627)
NTI Backup Now Standard (Version: 5.1.2.627)
NTI Media Maker 8 (Version: 8.0.12.6623)
Photo Gallery (Version: 16.4.3505.0912)
Poker
Poker 770
PunkBuster Services (Version: 0.992)
Realtek High Definition Audio Driver (Version: 6.0.1.5969)
Red Orchestra 2: Heroes of Stalingrad
SecurityKISS Tunnel v0.3.0
SharpKeys (Version: 3.5.0000)
Skype™ 6.3 (Version: 6.3.107)
SmartFTP Client (Version: 4.1.1313.0)
Steam (Version: 1.0.0.0)
Synaptics Pointing Device Driver (Version: 14.0.6.0)
Teleport Pro (Version: 1.68)
Tennis Elbow 2013 1.0a (Version: 1.0a)
Titan Poker
TuneUp Utilities 2013 (Version: 13.0.3020.2)
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.3020.2)
Überwachungstool für die Intel® Turbo-Boost-Technik (Version: 1.0.186.6)
Unlocker 1.9.2 (Version: 1.9.2)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
VLC media player 2.0.5 (Version: 2.0.5)
Welcome Center (Version: 1.00.3008)
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Mail (Version: 16.4.3505.0912)
Windows Live Messenger (Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
Windows Live Writer (Version: 16.4.3505.0912)
Windows Live Writer Resources (Version: 16.4.3505.0912)
Winner Poker
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
==================== Restore Points =========================
30-05-2013 23:21:52 Windows Update
31-05-2013 09:11:06 Windows Update
31-05-2013 10:02:38 Windows Defender Checkpoint
31-05-2013 10:12:30 Windows Update
31-05-2013 14:42:46 Removed Cerberus FTP Server
==================== Hosts content: ==========================
127.0.0.1 www.SMARTTERRA.EU
127.0.0.1 localhost
127.0.0.1 order.tune-up.com
127.0.0.1 tune-up.com
127.0.0.1 tune-up.com/order
127.0.0.1 registertuneup.com
127.0.0.1 download.tune-up.de
127.0.0.1 download.tune-up.com
127.0.0.1 secure.tune-up.com
127.0.0.1 localhost
127.0.0.1 tuneup.de
127.0.0.1 swi.tune-up.com
127.0.0.1 SMARTTERRA.EU
127.0.0.1 www.order.tune-up.com
127.0.0.1 www.tune-up.com
127.0.0.1 www.tune-up.com/order
127.0.0.1 www.registertuneup.com
127.0.0.1 www.download.tune-up.de
127.0.0.1 hxxp://www.download.tune-up.com...une-up.com
127.0.0.1 www.secure.tune-up.com
There are more than 3 lines starting with "127.0.0.1"
==================== Faulty Device Manager Devices =============
Name: Video WebCam
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/31/2013 03:16:23 PM) (Source: Chrome) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=27.0.1453.94;lang=;id=;is_machine=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\7fe979db-2747-4af4-95f1-701b13bacf41.dmp
System errors:
=============
Error: (05/31/2013 04:42:31 PM) (Source: Service Control Manager) (User: )
Description: The Cerberus FTP Server service terminated unexpectedly. It has done this 1 time(s).
Error: (05/31/2013 04:37:17 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (05/31/2013 04:35:41 PM) (Source: Service Control Manager) (User: )
Description: The TuneUp Utilities Service service terminated unexpectedly. It has done this 1 time(s).
Error: (05/31/2013 04:29:53 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-05-31 02:29:53.650
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-05-31 02:29:53.648
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-05-31 02:29:53.646
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-05-31 02:29:53.627
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-05-31 02:29:53.625
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-05-31 02:29:53.622
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-01-04 22:01:29.498
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-01-04 22:01:29.447
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 51%
Total physical RAM: 3956.5 MB
Available physical RAM: 1932.06 MB
Total Pagefile: 7911.18 MB
Available Pagefile: 5851.35 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:463.16 GB) (Free:388.94 GB) NTFS (Disk=0 Partition=3) ==>[Drive with boot components (obtained from BCD)]
Drive d: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS (Disk=0 Partition=2)
Drive f: () (Removable) (Total:0.48 GB) (Free:0.47 GB) FAT (Disk=1 Partition=1)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 596 GB) (Disk ID: F86FF86F)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=463 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=102 GB) - (Type=05)
========================================================
Disk: 1 (Size: 489 MB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=488 MB) - (Type=06)
==================== End Of Log ============================
|
|
| Themen zu Verdacht auf spyware |
| adobe, bho, browser, defender, explorer, firefox, flash player, format, ftp, google, home, kaspersky, langsam, launch, logfile, nodrives, realtek, registry, scan, server, software, spyware, super, surfen, symantec, tastatur, temp, windows |
Button.
.
und speichere das Logfile als ESET.txt auf dem Desktop.
Linear-Darstellung
