Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Win7 64 Bit Pc-Start macht probleme möglicherweise Viren/malware befall

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 24.09.2014, 12:16   #1
sykor
 
Win7 64 Bit Pc-Start macht probleme möglicherweise Viren/malware befall - Standard

Win7 64 Bit Pc-Start macht probleme möglicherweise Viren/malware befall



Hallo Liebes Forum,

auf anraten von Alois

sollte ich mich hier mal melden bezüglich meines problems (http://www.trojaner-board.de/159035-...ml#post1364062)

Viren/malware scans habe ich zwar gemacht nachdem es nicht besser wurde habe ich mich hier gemeldet
er hat auch was gefunden nur weiß ich nicht wo er die logs speichert
Programm Avira 1 fund
laut Virus Total ist die datei aber sauber (hxxp://www.virustotal.com/de/file/4c3db189f79a0db76218ce949795be0f9ff9d688d395e740051a83144cbd4993/analysis/1411557761/)

FRST.txt

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-09-2014
Ran by yolo (administrator) on WEST123-PC on 24-09-2014 13:29:33
Running from C:\Users\yolo\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(Avira Operations GmbH & Co. KG) C:\Users\yolo\Downloads\avira_de_av___ws.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [NoStrCmpLogical] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
Tcpip\..\Interfaces\{2C0A14CF-C1DA-426B-97B9-8F7147A41CE4}: [NameServer] 62.220.18.8 89.246.64.8
Tcpip\..\Interfaces\{94B76313-C4C2-4C11-B104-6185BC24B5AE}: [NameServer] 62.220.18.8 89.246.64.8

FireFox:
========
FF ProfilePath: C:\Users\yolo\AppData\Roaming\Mozilla\Firefox\Profiles\amoq43jb.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\yolo\AppData\Roaming\Mozilla\Firefox\Profiles\amoq43jb.default\Extensions\abs@avira.com [2014-09-23]
FF Extension: AS Magic Player - C:\Users\yolo\AppData\Roaming\Mozilla\Firefox\Profiles\amoq43jb.default\Extensions\magicplayer@acestream.org [2014-09-23]
FF Extension: WOT - C:\Users\yolo\AppData\Roaming\Mozilla\Firefox\Profiles\amoq43jb.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-09-21]
FF Extension: DownloadHelper - C:\Users\yolo\AppData\Roaming\Mozilla\Firefox\Profiles\amoq43jb.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-21]
FF Extension: Adblock Plus - C:\Users\yolo\AppData\Roaming\Mozilla\Firefox\Profiles\amoq43jb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-21]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232 2012-10-30] ()
S4 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [326760 2014-09-05] (Intel Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S2 Avira.OE.ServiceHost; "C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-24 13:27 - 2014-09-24 13:27 - 00010341 _____ () C:\Users\yolo\Downloads\Gmer.zip
2014-09-24 13:24 - 2014-09-24 13:24 - 04756944 _____ (Avira Operations GmbH & Co. KG) C:\Users\yolo\Downloads\avira_de_av___ws.exe
2014-09-24 11:52 - 2014-09-23 14:05 - 02060464 _____ () C:\Users\yolo\Documents\hd.pwn
2014-09-24 10:48 - 2014-09-24 10:48 - 00057560 _____ () C:\Users\yolo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-24 03:08 - 2014-09-24 10:48 - 00000448 _____ () C:\Windows\setupact.log
2014-09-24 03:08 - 2014-09-24 03:08 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-24 03:07 - 2014-09-24 03:07 - 00274464 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-24 02:37 - 2014-09-24 02:37 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-09-24 02:26 - 2014-09-24 02:54 - 82252973 _____ () C:\Users\yolo\Documents\Bootlog-2.pml
2014-09-24 02:26 - 2014-09-24 02:54 - 409750822 _____ () C:\Users\yolo\Documents\Bootlog-1.pml
2014-09-24 02:26 - 2014-09-24 02:54 - 360544613 _____ () C:\Users\yolo\Documents\Bootlog.pml
2014-09-24 02:26 - 2014-09-24 02:26 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-24 02:26 - 2014-09-24 02:26 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-09-24 02:25 - 2014-09-24 02:26 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-24 02:25 - 2014-09-24 02:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-24 02:12 - 2014-09-24 02:12 - 14107296 _____ (Microsoft Corporation) C:\Users\yolo\Downloads\mseinstall.exe
2014-09-24 02:05 - 2014-09-24 02:05 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\yolo\Downloads\revosetup95.exe
2014-09-24 01:53 - 2014-09-24 01:53 - 01121208 _____ () C:\Users\yolo\Downloads\ProcessMonitor.zip
2014-09-24 00:38 - 2014-09-24 00:38 - 00380416 _____ () C:\Users\yolo\Downloads\Gmer-19357.exe
2014-09-24 00:32 - 2014-09-24 00:32 - 00000470 _____ () C:\Users\yolo\Downloads\defogger_disable.log
2014-09-24 00:32 - 2014-09-24 00:32 - 00000000 _____ () C:\Users\yolo\defogger_reenable
2014-09-24 00:31 - 2014-09-24 00:31 - 00050477 _____ () C:\Users\yolo\Downloads\Defogger.exe
2014-09-24 00:18 - 2014-09-24 13:29 - 00005454 _____ () C:\Users\yolo\Downloads\FRST.txt
2014-09-24 00:18 - 2014-09-24 13:29 - 00000000 ____D () C:\FRST
2014-09-24 00:16 - 2014-09-24 00:16 - 02106368 _____ (Farbar) C:\Users\yolo\Downloads\FRST64.exe
2014-09-23 23:51 - 2014-09-23 23:51 - 00014683 _____ () C:\ComboFix.txt
2014-09-23 23:40 - 2014-09-23 23:40 - 00000000 ____D () C:\Windows\ERUNT
2014-09-23 23:21 - 2014-09-23 23:55 - 00000000 ____D () C:\Qoobox
2014-09-23 23:21 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-23 23:21 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-23 23:21 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-23 23:21 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-23 23:21 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-23 23:21 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-23 23:21 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-23 23:21 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-23 23:20 - 2014-09-23 23:48 - 00000000 ____D () C:\Windows\erdnt
2014-09-23 21:58 - 2014-09-23 23:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-23 12:06 - 2014-09-23 21:55 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\TS3Client
2014-09-23 12:06 - 2014-09-23 12:06 - 00001170 _____ () C:\Users\yolo\Desktop\TeamSpeak 3 Client.lnk
2014-09-23 12:06 - 2014-09-23 12:06 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-09-23 12:06 - 2014-09-23 12:06 - 00000000 ____D () C:\Users\yolo\AppData\Local\TeamSpeak 3 Client
2014-09-22 11:42 - 2014-09-23 19:22 - 00000000 ____D () C:\Users\yolo\dwhelper
2014-09-22 11:41 - 2014-09-23 23:58 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\Macromedia
2014-09-22 11:41 - 2014-09-22 11:41 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\Adobe
2014-09-22 11:41 - 2014-09-22 11:41 - 00000000 ____D () C:\Users\yolo\AppData\Local\Macromedia
2014-09-22 11:36 - 2014-09-22 11:36 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-22 11:36 - 2014-09-22 11:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-22 11:36 - 2014-09-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-09-22 11:36 - 2014-09-22 11:36 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-22 11:31 - 2014-09-22 11:35 - 00000000 ____D () C:\Users\yolo\AppData\Local\Adobe
2014-09-22 10:55 - 2014-09-22 10:55 - 00000144 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-09-22 10:52 - 2014-09-22 10:52 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\GlarySoft
2014-09-22 10:48 - 2014-09-22 10:54 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-09-22 10:47 - 2014-09-24 10:48 - 00000324 _____ () C:\Windows\Tasks\GlaryInitialize.job
2014-09-22 10:47 - 2014-09-22 10:47 - 00002600 _____ () C:\Windows\System32\Tasks\GlaryInitialize
2014-09-22 10:47 - 2014-09-22 10:47 - 00001070 _____ () C:\Users\yolo\Desktop\Glary Utilities.lnk
2014-09-22 10:47 - 2014-09-22 10:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
2014-09-22 10:47 - 2014-09-22 10:47 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities
2014-09-22 05:16 - 2014-09-22 05:16 - 00000000 ____D () C:\Users\yolo\test
2014-09-21 22:58 - 2014-09-21 22:58 - 00000510 _____ () C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-09-21 22:40 - 2014-09-21 22:40 - 00000704 _____ () C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
2014-09-21 22:39 - 2014-09-21 22:39 - 00000000 ____D () C:\Program Files\Intel
2014-09-21 21:59 - 2014-09-23 22:14 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\vlc
2014-09-21 21:58 - 2014-09-21 21:58 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-21 21:58 - 2014-09-21 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-21 21:58 - 2014-09-21 21:58 - 00000000 ____D () C:\Program Files\VideoLAN
2014-09-21 21:49 - 2014-09-21 21:49 - 00000017 _____ () C:\Users\yolo\AppData\Local\resmon.resmoncfg
2014-09-21 18:46 - 2014-09-21 18:46 - 01558224 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-21 05:32 - 2014-09-21 05:32 - 00000000 ____D () C:\Users\yolo\AppData\Local\Intel_Corporation
2014-09-21 00:06 - 2014-09-21 00:11 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\Mozilla
2014-09-21 00:06 - 2014-09-21 00:11 - 00000000 ____D () C:\Users\yolo\AppData\Local\Mozilla
2014-09-21 00:05 - 2014-09-23 22:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-21 00:05 - 2014-09-21 00:05 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-21 00:05 - 2014-09-21 00:05 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-21 00:05 - 2014-09-21 00:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-21 00:03 - 2014-09-21 00:03 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\WinRAR
2014-09-20 22:37 - 2014-09-20 22:37 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-09-20 22:33 - 2014-09-20 22:41 - 00000000 ____D () C:\Users\yolo\Documents\GTA San Andreas User Files
2014-09-20 22:33 - 2014-09-20 22:33 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-09-20 22:33 - 2014-09-20 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-09-20 22:32 - 2014-09-23 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-20 22:32 - 2014-09-20 22:32 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-20 22:32 - 2014-09-20 22:32 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-20 22:32 - 2014-09-20 22:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-20 22:25 - 2014-09-24 13:25 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\Skype
2014-09-20 22:25 - 2014-09-20 22:25 - 00000000 ____D () C:\Users\yolo\AppData\Local\Skype
2014-09-20 22:20 - 2014-09-20 22:20 - 00001914 _____ () C:\Users\Public\Desktop\GTA San Andreas.lnk
2014-09-20 22:20 - 2014-09-20 22:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-09-20 22:20 - 2014-09-20 22:20 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-09-20 22:17 - 2014-09-21 05:52 - 00000000 ____D () C:\Windows\Panther
2014-09-20 22:01 - 2014-09-20 22:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-20 22:01 - 2014-09-20 22:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-20 21:58 - 2014-09-20 21:58 - 00003164 _____ () C:\Windows\System32\Tasks\{74C0E36F-1F62-4AF0-A657-EFAEB41501F8}
2014-09-20 21:56 - 2014-09-24 03:05 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\Notepad++
2014-09-20 21:56 - 2014-09-20 21:56 - 00000989 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2014-09-20 21:56 - 2014-09-20 21:56 - 00000983 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-09-20 21:56 - 2014-09-20 21:56 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-20 21:56 - 2014-09-20 21:56 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-09-20 21:56 - 2014-09-20 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-20 21:56 - 2014-09-20 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-09-20 21:56 - 2014-09-20 21:56 - 00000000 ____D () C:\Program Files\WinRAR
2014-09-20 21:56 - 2014-09-20 21:56 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-09-20 21:49 - 2014-09-20 21:49 - 00018282 _____ () C:\Windows\system32\results.xml
2014-09-20 21:47 - 2012-12-26 19:26 - 00805088 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-09-20 21:47 - 2012-12-26 19:26 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-09-20 21:47 - 2012-12-26 19:26 - 00074344 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-09-20 21:46 - 2013-03-06 10:14 - 00015360 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll
2014-09-20 21:45 - 2014-08-05 08:39 - 00082432 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2014-09-20 21:45 - 2014-08-05 08:39 - 00074752 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2014-09-20 21:45 - 2013-03-06 10:14 - 00109056 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3055.dll
2014-09-20 21:45 - 2013-03-06 10:06 - 00348160 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-09-20 21:45 - 2013-03-06 10:04 - 08901632 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2014-09-20 21:45 - 2013-03-06 10:04 - 02384896 _____ () C:\Windows\system32\GfxRes.dll
2014-09-20 21:45 - 2013-03-06 10:04 - 00108032 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2014-09-20 21:45 - 2013-03-06 10:01 - 02813952 _____ () C:\Windows\system32\iglhxa64.cpa
2014-09-20 21:45 - 2013-03-06 10:01 - 00044025 _____ () C:\Windows\system32\iglhxo64.vp
2014-09-20 21:45 - 2013-03-06 10:01 - 00043816 _____ () C:\Windows\system32\iglhxc64_dev.vp
2014-09-20 21:45 - 2013-03-06 10:01 - 00043494 _____ () C:\Windows\system32\iglhxc64.vp
2014-09-20 21:45 - 2013-03-06 10:01 - 00043298 _____ () C:\Windows\system32\iglhxg64_dev.vp
2014-09-20 21:45 - 2013-03-06 10:01 - 00043256 _____ () C:\Windows\system32\iglhxg64.vp
2014-09-20 21:45 - 2013-03-06 10:01 - 00042079 _____ () C:\Windows\system32\iglhxo64_dev.vp
2014-09-20 21:45 - 2013-02-21 08:04 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2014-09-20 21:41 - 2014-09-20 22:20 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-20 21:41 - 2014-09-20 21:47 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-09-20 21:41 - 2014-09-20 21:41 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-09-20 21:41 - 2014-09-20 21:41 - 00000000 ____D () C:\Program Files\Realtek
2014-09-20 21:41 - 2012-11-20 13:58 - 00378949 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-09-20 21:41 - 2012-11-20 13:13 - 04213904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-09-20 21:41 - 2012-11-20 11:32 - 00118928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-09-20 21:41 - 2012-11-20 11:27 - 10619904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-09-20 21:41 - 2012-11-19 12:18 - 02714720 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-09-20 21:41 - 2012-11-13 12:56 - 03673232 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-09-20 21:41 - 2012-10-23 10:03 - 09546616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-09-20 21:41 - 2012-10-23 10:03 - 02080120 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-09-20 21:41 - 2012-10-22 13:48 - 01269904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-09-20 21:41 - 2012-10-03 11:56 - 00772224 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-09-20 21:41 - 2012-10-02 08:41 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-09-20 21:41 - 2012-10-02 08:41 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-09-20 21:41 - 2012-10-02 08:41 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-09-20 21:41 - 2012-09-20 16:44 - 01460600 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-09-20 21:41 - 2012-09-19 18:59 - 00869752 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-09-20 21:41 - 2012-09-12 03:51 - 02743440 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-09-20 21:41 - 2012-09-09 08:34 - 02028920 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-09-20 21:41 - 2012-08-31 13:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-09-20 21:41 - 2012-08-31 13:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-09-20 21:41 - 2012-08-31 13:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-09-20 21:41 - 2012-08-31 13:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-09-20 21:41 - 2012-08-31 13:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-09-20 21:41 - 2012-08-21 08:51 - 00881808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-09-20 21:41 - 2012-08-13 12:06 - 01561744 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-09-20 21:41 - 2012-07-15 15:13 - 00394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-09-20 21:41 - 2012-07-15 15:13 - 00394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-09-20 21:41 - 2012-06-20 11:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-09-20 21:41 - 2012-03-08 05:47 - 00202336 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-09-20 21:41 - 2012-03-08 05:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-09-20 21:41 - 2012-01-30 05:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-09-20 21:41 - 2012-01-10 04:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-09-20 21:41 - 2011-12-20 09:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-09-20 21:41 - 2011-11-22 10:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-09-20 21:41 - 2011-09-02 08:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-09-20 21:41 - 2011-09-02 08:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-09-20 21:41 - 2011-09-02 08:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-09-20 21:41 - 2011-08-23 11:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-09-20 21:41 - 2011-05-31 03:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-09-20 21:41 - 2011-05-31 03:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-09-20 21:41 - 2011-05-31 03:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-09-20 21:41 - 2011-05-31 03:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-09-20 21:41 - 2011-05-31 03:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-09-20 21:41 - 2011-05-31 03:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-09-20 21:41 - 2011-05-31 03:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-09-20 21:41 - 2011-05-31 03:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-09-20 21:41 - 2011-05-31 03:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-09-20 21:41 - 2011-05-31 03:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-09-20 21:41 - 2011-05-31 03:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-09-20 21:41 - 2011-05-31 03:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-09-20 21:41 - 2011-03-17 06:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-09-20 21:41 - 2011-03-07 11:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-09-20 21:41 - 2010-11-08 01:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-09-20 21:41 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-09-20 21:41 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-09-20 21:41 - 2010-11-08 01:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-09-20 21:41 - 2010-11-08 01:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-09-20 21:41 - 2010-11-08 01:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-09-20 21:41 - 2010-11-03 12:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-09-20 21:41 - 2010-09-27 03:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-09-20 21:41 - 2010-07-22 10:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-09-20 21:41 - 2009-11-24 03:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-09-20 21:41 - 2009-11-24 03:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-09-20 21:41 - 2009-11-24 03:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-09-20 21:41 - 2009-11-24 03:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-09-20 21:40 - 2014-09-20 21:42 - 00002217 _____ () C:\RHDSetup.log
2014-09-20 21:40 - 2012-08-03 12:18 - 01706640 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-09-20 21:37 - 2014-09-21 22:40 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-09-20 21:37 - 2013-01-28 06:36 - 00053248 ____R (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2014-09-20 21:34 - 2014-09-20 21:34 - 00000000 ____D () C:\Windows\AsusInstAll
2014-09-20 21:34 - 2011-02-25 08:25 - 00296320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-09-20 21:32 - 2014-09-20 21:47 - 00061579 _____ () C:\Windows\Ascd_log.ini
2014-09-20 21:32 - 2014-09-20 21:32 - 00000000 _____ () C:\Windows\Ascd_err.ini
2014-09-20 21:31 - 2014-09-24 02:46 - 00000000 ____D () C:\Windows\pss
2014-09-20 21:29 - 2014-09-24 00:32 - 00000000 ____D () C:\Users\yolo
2014-09-20 21:29 - 2014-09-21 19:04 - 00000000 ____D () C:\Users\yolo\AppData\Local\VirtualStore
2014-09-20 21:29 - 2014-09-20 21:29 - 00001443 _____ () C:\Users\yolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-20 21:29 - 2014-09-20 21:29 - 00001409 _____ () C:\Users\yolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-09-20 21:29 - 2014-09-20 21:29 - 00000020 ___SH () C:\Users\yolo\ntuser.ini
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\Vorlagen
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\Startmenü
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\Netzwerkumgebung
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\Lokale Einstellungen
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\Eigene Dateien
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\Druckumgebung
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\Documents\Eigene Musik
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\Documents\Eigene Bilder
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\AppData\Local\Verlauf
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\AppData\Local\Anwendungsdaten
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\Anwendungsdaten
2014-09-20 21:29 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\yolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-20 21:29 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\yolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-20 21:28 - 2014-09-20 21:28 - 00001769 _____ () C:\Windows\Language_trs.ini
2014-09-20 21:28 - 2014-09-20 21:28 - 00000000 ____H () C:\Windows\system32\Drivers\MsftWdf_user_01_11_00.Wdf
2014-09-20 21:28 - 2014-09-20 21:28 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2014-09-20 21:28 - 2014-09-20 21:28 - 00000000 ____D () C:\Program Files\ASUS
2014-09-20 21:28 - 2014-09-20 21:28 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-09-20 21:28 - 2012-08-22 11:54 - 00015232 ____R () C:\Windows\SysWOW64\Drivers\AsIO.sys
2014-09-20 21:28 - 2012-08-17 19:57 - 02356592 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01011.dll
2014-09-20 21:28 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-09-20 21:28 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-09-20 21:28 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-09-20 21:28 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-09-20 21:28 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-09-20 21:28 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-09-20 21:28 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-09-20 21:28 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-09-20 21:28 - 2010-06-29 09:41 - 00028672 ____R (ASUSTek Computer Inc.) C:\Windows\SysWOW64\AsIO.dll
2014-09-20 21:27 - 2014-09-20 21:32 - 00042703 _____ () C:\Windows\Ascd_tmp.ini
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Programme
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\ProgramData\Favoriten
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-09-20 21:22 - 2014-09-20 21:22 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-09-20 21:22 - 2014-09-20 21:22 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-09-20 21:21 - 2014-09-24 12:28 - 00214115 _____ () C:\Windows\WindowsUpdate.log
2014-09-05 13:03 - 2014-09-05 13:03 - 03401832 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 03398248 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00931944 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00545896 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00545384 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00455784 _____ () C:\Windows\system32\igfxTray.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00326760 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00304232 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00279144 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00245864 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00194152 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00154728 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-09-05 13:01 - 2014-09-05 13:01 - 00453872 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2014-09-05 13:00 - 2014-09-05 13:00 - 00182784 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3907.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-24 13:29 - 2014-09-24 00:18 - 00005454 _____ () C:\Users\yolo\Downloads\FRST.txt
2014-09-24 13:29 - 2014-09-24 00:18 - 00000000 ____D () C:\FRST
2014-09-24 13:27 - 2014-09-24 13:27 - 00010341 _____ () C:\Users\yolo\Downloads\Gmer.zip
2014-09-24 13:25 - 2014-09-20 22:25 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\Skype
2014-09-24 13:24 - 2014-09-24 13:24 - 04756944 _____ (Avira Operations GmbH & Co. KG) C:\Users\yolo\Downloads\avira_de_av___ws.exe
2014-09-24 12:50 - 2009-07-14 06:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-24 12:50 - 2009-07-14 06:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-24 12:28 - 2014-09-20 21:21 - 00214115 _____ () C:\Windows\WindowsUpdate.log
2014-09-24 10:52 - 2011-04-12 09:43 - 00698688 _____ () C:\Windows\system32\perfh007.dat
2014-09-24 10:52 - 2011-04-12 09:43 - 00148828 _____ () C:\Windows\system32\perfc007.dat
2014-09-24 10:52 - 2009-07-14 07:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-24 10:48 - 2014-09-24 10:48 - 00057560 _____ () C:\Users\yolo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-24 10:48 - 2014-09-24 03:08 - 00000448 _____ () C:\Windows\setupact.log
2014-09-24 10:48 - 2014-09-22 10:47 - 00000324 _____ () C:\Windows\Tasks\GlaryInitialize.job
2014-09-24 10:48 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-24 03:08 - 2014-09-24 03:08 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-24 03:07 - 2014-09-24 03:07 - 00274464 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-24 03:05 - 2014-09-20 21:56 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\Notepad++
2014-09-24 02:54 - 2014-09-24 02:26 - 82252973 _____ () C:\Users\yolo\Documents\Bootlog-2.pml
2014-09-24 02:54 - 2014-09-24 02:26 - 409750822 _____ () C:\Users\yolo\Documents\Bootlog-1.pml
2014-09-24 02:54 - 2014-09-24 02:26 - 360544613 _____ () C:\Users\yolo\Documents\Bootlog.pml
2014-09-24 02:46 - 2014-09-20 21:31 - 00000000 ____D () C:\Windows\pss
2014-09-24 02:37 - 2014-09-24 02:37 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-09-24 02:26 - 2014-09-24 02:26 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-24 02:26 - 2014-09-24 02:26 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-09-24 02:26 - 2014-09-24 02:25 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-24 02:25 - 2014-09-24 02:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-24 02:12 - 2014-09-24 02:12 - 14107296 _____ (Microsoft Corporation) C:\Users\yolo\Downloads\mseinstall.exe
2014-09-24 02:05 - 2014-09-24 02:05 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\yolo\Downloads\revosetup95.exe
2014-09-24 01:53 - 2014-09-24 01:53 - 01121208 _____ () C:\Users\yolo\Downloads\ProcessMonitor.zip
2014-09-24 00:38 - 2014-09-24 00:38 - 00380416 _____ () C:\Users\yolo\Downloads\Gmer-19357.exe
2014-09-24 00:32 - 2014-09-24 00:32 - 00000470 _____ () C:\Users\yolo\Downloads\defogger_disable.log
2014-09-24 00:32 - 2014-09-24 00:32 - 00000000 _____ () C:\Users\yolo\defogger_reenable
2014-09-24 00:32 - 2014-09-20 21:29 - 00000000 ____D () C:\Users\yolo
2014-09-24 00:31 - 2014-09-24 00:31 - 00050477 _____ () C:\Users\yolo\Downloads\Defogger.exe
2014-09-24 00:16 - 2014-09-24 00:16 - 02106368 _____ (Farbar) C:\Users\yolo\Downloads\FRST64.exe
2014-09-23 23:58 - 2014-09-22 11:41 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\Macromedia
2014-09-23 23:55 - 2014-09-23 23:21 - 00000000 ____D () C:\Qoobox
2014-09-23 23:52 - 2009-07-14 04:34 - 41680896 _____ () C:\Windows\system32\config\SOFTWARE.gbck
2014-09-23 23:52 - 2009-07-14 04:34 - 17301504 _____ () C:\Windows\system32\config\SYSTEM.gbck
2014-09-23 23:52 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.gbck
2014-09-23 23:52 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SAM.gbck
2014-09-23 23:52 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.gbck
2014-09-23 23:51 - 2014-09-23 23:51 - 00014683 _____ () C:\ComboFix.txt
2014-09-23 23:51 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-09-23 23:48 - 2014-09-23 23:20 - 00000000 ____D () C:\Windows\erdnt
2014-09-23 23:48 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-23 23:45 - 2014-09-23 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-23 23:40 - 2014-09-23 23:40 - 00000000 ____D () C:\Windows\ERUNT
2014-09-23 22:14 - 2014-09-21 21:59 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\vlc
2014-09-23 22:02 - 2014-09-21 00:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-23 22:02 - 2014-09-20 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-23 22:01 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-09-23 21:55 - 2014-09-23 12:06 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\TS3Client
2014-09-23 19:22 - 2014-09-22 11:42 - 00000000 ____D () C:\Users\yolo\dwhelper
2014-09-23 14:05 - 2014-09-24 11:52 - 02060464 _____ () C:\Users\yolo\Documents\hd.pwn
2014-09-23 12:06 - 2014-09-23 12:06 - 00001170 _____ () C:\Users\yolo\Desktop\TeamSpeak 3 Client.lnk
2014-09-23 12:06 - 2014-09-23 12:06 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-09-23 12:06 - 2014-09-23 12:06 - 00000000 ____D () C:\Users\yolo\AppData\Local\TeamSpeak 3 Client
2014-09-22 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-22 11:41 - 2014-09-22 11:41 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\Adobe
2014-09-22 11:41 - 2014-09-22 11:41 - 00000000 ____D () C:\Users\yolo\AppData\Local\Macromedia
2014-09-22 11:36 - 2014-09-22 11:36 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-22 11:36 - 2014-09-22 11:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-22 11:36 - 2014-09-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-09-22 11:36 - 2014-09-22 11:36 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-22 11:35 - 2014-09-22 11:31 - 00000000 ____D () C:\Users\yolo\AppData\Local\Adobe
2014-09-22 10:55 - 2014-09-22 10:55 - 00000144 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-09-22 10:54 - 2014-09-22 10:48 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-09-22 10:52 - 2014-09-22 10:52 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\GlarySoft
2014-09-22 10:47 - 2014-09-22 10:47 - 00002600 _____ () C:\Windows\System32\Tasks\GlaryInitialize
2014-09-22 10:47 - 2014-09-22 10:47 - 00001070 _____ () C:\Users\yolo\Desktop\Glary Utilities.lnk
2014-09-22 10:47 - 2014-09-22 10:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
2014-09-22 10:47 - 2014-09-22 10:47 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities
2014-09-22 05:16 - 2014-09-22 05:16 - 00000000 ____D () C:\Users\yolo\test
2014-09-22 00:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-21 23:01 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-21 22:58 - 2014-09-21 22:58 - 00000510 _____ () C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-09-21 22:40 - 2014-09-21 22:40 - 00000704 _____ () C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
2014-09-21 22:40 - 2014-09-20 21:37 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-09-21 22:39 - 2014-09-21 22:39 - 00000000 ____D () C:\Program Files\Intel
2014-09-21 22:37 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-09-21 21:58 - 2014-09-21 21:58 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-21 21:58 - 2014-09-21 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-21 21:58 - 2014-09-21 21:58 - 00000000 ____D () C:\Program Files\VideoLAN
2014-09-21 21:49 - 2014-09-21 21:49 - 00000017 _____ () C:\Users\yolo\AppData\Local\resmon.resmoncfg
2014-09-21 19:04 - 2014-09-20 21:29 - 00000000 ____D () C:\Users\yolo\AppData\Local\VirtualStore
2014-09-21 18:46 - 2014-09-21 18:46 - 01558224 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-21 05:52 - 2014-09-20 22:17 - 00000000 ____D () C:\Windows\Panther
2014-09-21 05:32 - 2014-09-21 05:32 - 00000000 ____D () C:\Users\yolo\AppData\Local\Intel_Corporation
2014-09-21 00:11 - 2014-09-21 00:06 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\Mozilla
2014-09-21 00:11 - 2014-09-21 00:06 - 00000000 ____D () C:\Users\yolo\AppData\Local\Mozilla
2014-09-21 00:05 - 2014-09-21 00:05 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-21 00:05 - 2014-09-21 00:05 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-21 00:05 - 2014-09-21 00:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-21 00:03 - 2014-09-21 00:03 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\WinRAR
2014-09-20 22:41 - 2014-09-20 22:33 - 00000000 ____D () C:\Users\yolo\Documents\GTA San Andreas User Files
2014-09-20 22:37 - 2014-09-20 22:37 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-09-20 22:33 - 2014-09-20 22:33 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-09-20 22:33 - 2014-09-20 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-09-20 22:32 - 2014-09-20 22:32 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-20 22:32 - 2014-09-20 22:32 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-20 22:32 - 2014-09-20 22:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-20 22:25 - 2014-09-20 22:25 - 00000000 ____D () C:\Users\yolo\AppData\Local\Skype
2014-09-20 22:20 - 2014-09-20 22:20 - 00001914 _____ () C:\Users\Public\Desktop\GTA San Andreas.lnk
2014-09-20 22:20 - 2014-09-20 22:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-09-20 22:20 - 2014-09-20 22:20 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-09-20 22:20 - 2014-09-20 21:41 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-20 22:17 - 2009-07-14 07:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-09-20 22:17 - 2009-07-14 07:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-09-20 22:01 - 2014-09-20 22:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-20 22:01 - 2014-09-20 22:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-20 21:58 - 2014-09-20 21:58 - 00003164 _____ () C:\Windows\System32\Tasks\{74C0E36F-1F62-4AF0-A657-EFAEB41501F8}
2014-09-20 21:56 - 2014-09-20 21:56 - 00000989 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2014-09-20 21:56 - 2014-09-20 21:56 - 00000983 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-09-20 21:56 - 2014-09-20 21:56 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-20 21:56 - 2014-09-20 21:56 - 00000000 ____D () C:\Users\yolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-09-20 21:56 - 2014-09-20 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-20 21:56 - 2014-09-20 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-09-20 21:56 - 2014-09-20 21:56 - 00000000 ____D () C:\Program Files\WinRAR
2014-09-20 21:56 - 2014-09-20 21:56 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-09-20 21:49 - 2014-09-20 21:49 - 00018282 _____ () C:\Windows\system32\results.xml
2014-09-20 21:47 - 2014-09-20 21:41 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-09-20 21:47 - 2014-09-20 21:32 - 00061579 _____ () C:\Windows\Ascd_log.ini
2014-09-20 21:42 - 2014-09-20 21:40 - 00002217 _____ () C:\RHDSetup.log
2014-09-20 21:41 - 2014-09-20 21:41 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-09-20 21:41 - 2014-09-20 21:41 - 00000000 ____D () C:\Program Files\Realtek
2014-09-20 21:34 - 2014-09-20 21:34 - 00000000 ____D () C:\Windows\AsusInstAll
2014-09-20 21:34 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2014-09-20 21:32 - 2014-09-20 21:32 - 00000000 _____ () C:\Windows\Ascd_err.ini
2014-09-20 21:32 - 2014-09-20 21:27 - 00042703 _____ () C:\Windows\Ascd_tmp.ini
2014-09-20 21:29 - 2014-09-20 21:29 - 00001443 _____ () C:\Users\yolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-20 21:29 - 2014-09-20 21:29 - 00001409 _____ () C:\Users\yolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-09-20 21:29 - 2014-09-20 21:29 - 00000020 ___SH () C:\Users\yolo\ntuser.ini
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\Vorlagen
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\Startmenü
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\Netzwerkumgebung
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\Lokale Einstellungen
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\Eigene Dateien
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\Druckumgebung
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\Documents\Eigene Musik
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\Documents\Eigene Bilder
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\AppData\Local\Verlauf
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\AppData\Local\Anwendungsdaten
2014-09-20 21:29 - 2014-09-20 21:29 - 00000000 _SHDL () C:\Users\yolo\Anwendungsdaten
2014-09-20 21:28 - 2014-09-20 21:28 - 00001769 _____ () C:\Windows\Language_trs.ini
2014-09-20 21:28 - 2014-09-20 21:28 - 00000000 ____H () C:\Windows\system32\Drivers\MsftWdf_user_01_11_00.Wdf
2014-09-20 21:28 - 2014-09-20 21:28 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2014-09-20 21:28 - 2014-09-20 21:28 - 00000000 ____D () C:\Program Files\ASUS
2014-09-20 21:28 - 2014-09-20 21:28 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Programme
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\ProgramData\Favoriten
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-09-20 21:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-09-20 21:22 - 2014-09-20 21:22 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-09-20 21:22 - 2014-09-20 21:22 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-09-20 21:22 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-20 21:21 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-20 21:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-09-15 09:06 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 03401832 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 03398248 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00931944 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00545896 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00545384 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00455784 _____ () C:\Windows\system32\igfxTray.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00326760 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00304232 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00279144 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00245864 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00194152 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00154728 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-09-05 13:01 - 2014-09-05 13:01 - 00453872 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2014-09-05 13:00 - 2014-09-05 13:00 - 00182784 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3907.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-22 00:26

==================== End Of Log ============================
         
--- --- ---

FRST addition
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-09-2014
Ran by yolo at 2014-09-24 13:29:54
Running from C:\Users\yolo\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Avira (x32 Version: 1.1.21.40000 - Avira Operations GmbH & Co. KG) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Glary Utilities 2.56.0.1822 (HKLM-x32\...\Glary Utilities_is1) (Version: 2.56.0.1822 - Glarysoft Ltd)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3907 - Intel Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 32.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.2 (x86 de)) (Version: 32.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6782 - Realtek Semiconductor Corp.)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3860113403-2132948494-1696995332-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

22-09-2014 09:48:23 TuneUp Utilities 2014 wird entfernt
22-09-2014 09:48:46 TuneUp Utilities 2014 (de-DE) wird entfernt
23-09-2014 19:06:04 Avira System Speedup(1.3.1.9930)
23-09-2014 22:10:31 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {52FD9BB0-AE05-42C1-9E35-19AD4E7EA199} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe [2013-05-27] (Glarysoft Ltd)
Task: {66FF9C0F-C86F-4562-8766-8E6088E71F19} - System32\Tasks\{74C0E36F-1F62-4AF0-A657-EFAEB41501F8} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.20.0.104&LastError=12029
Task: {B68F828C-7493-4A7C-9CA9-C105A0A0E1C9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: C:\Windows\Tasks\GlaryInitialize.job => C:\Program Files (x86)\Glary Utilities\initialize.exe

==================== Loaded Modules (whitelisted) =============

2014-07-30 11:38 - 2014-07-30 11:38 - 00121363 _____ () C:\Program Files\VideoLAN\VLC\libvlc.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 02524691 _____ () C:\Program Files\VideoLAN\VLC\libvlccore.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00713235 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00031251 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00034323 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00070163 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 02376211 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00106515 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00263699 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00080915 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00051219 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00063507 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00608275 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01022995 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00125459 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00043539 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017427 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00140307 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 02218003 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00318995 _____ () C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01470995 _____ () C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00058387 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00043027 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00071187 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 12501523 _____ () C:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00039955 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00824339 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00126483 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00024595 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00021523 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00018451 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00341011 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00021523 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01505811 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00023059 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00330771 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00417811 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00230931 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00029715 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00019475 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01745427 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00192019 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00025619 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00833555 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00022035 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00031763 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00218643 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00023059 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00023059 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 11244051 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017427 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00023059 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01506835 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00028179 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libes_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00019475 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00024595 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00035859 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00024083 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00071699 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00042003 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00021523 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00029715 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00028691 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00021523 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00085523 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00123923 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_http_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00190995 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00091667 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00081939 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00085523 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00018963 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libtta_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00025619 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00024595 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libwav_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01261075 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libsid_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00152595 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libogg_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01739283 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017939 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libdirac_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00928787 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\liblive555_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00023571 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libsmf_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00021011 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libpva_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017939 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libxa_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00018963 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libaiff_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00021011 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libvoc_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017939 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libau_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00574483 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libgme_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00022547 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\librawvid_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00026131 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libimage_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00021011 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libnsv_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00675859 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libmod_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00135699 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libts_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00038931 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libps_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00035347 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libty_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017427 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libmpgv_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00023059 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libmjpeg_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00019987 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\librawdv_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00055315 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libnsc_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017427 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00075283 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_mms_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00139795 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00186387 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00081939 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00025619 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00016915 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017939 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017939 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017427 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00018963 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00029715 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00857107 _____ () C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00040467 _____ () C:\Program Files\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00028179 _____ () C:\Program Files\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00701459 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00121875 _____ () C:\Program Files\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00032787 _____ () C:\Program Files\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00024083 _____ () C:\Program Files\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00057363 _____ () C:\Program Files\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00023059 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00019475 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00038419 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00024083 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00027667 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00023059 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00018451 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00018451 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017427 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00072211 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2014-09-21 00:05 - 2014-09-18 09:16 - 03734640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-17 13:33 - 2014-09-17 13:33 - 00448760 _____ () C:\Users\yolo\AppData\Local\Temp\{149bb302-ebda-47ae-b3e6-297cf4c356dc}\.ba1\Avira.OE.Setup.InstallationCore.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\startupreg: Avira Systray => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s

==================== Faulty Device Manager Devices =============

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: G19 Gaming Keyboard (Display interface)
Description: G19 Gaming Keyboard (Display interface)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/24/2014 10:50:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/24/2014 04:06:49 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (09/24/2014 04:06:49 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (09/24/2014 04:06:49 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (09/24/2014 04:06:49 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (09/24/2014 04:06:49 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (09/24/2014 04:06:48 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (09/24/2014 04:06:48 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (09/24/2014 04:06:48 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (09/24/2014 04:06:48 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.


System errors:
=============
Error: (09/24/2014 10:48:54 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (09/24/2014 10:46:51 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (09/24/2014 03:10:03 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================
Error: (09/24/2014 10:50:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/24/2014 04:06:49 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (09/24/2014 04:06:49 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (09/24/2014 04:06:49 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (09/24/2014 04:06:49 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (09/24/2014 04:06:49 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (09/24/2014 04:06:48 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (09/24/2014 04:06:48 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (09/24/2014 04:06:48 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (09/24/2014 04:06:48 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 23%
Total physical RAM: 7104.13 MB
Available physical RAM: 5432.28 MB
Total Pagefile: 14206.45 MB
Available Pagefile: 12538 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:463.77 GB) (Free:430.74 GB) NTFS
Drive e: (Volume) (Fixed) (Total:467.64 GB) (Free:466.61 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5FB28241)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=463.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=467.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Gmer
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-09-24 13:43:38
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HD103SI rev.1AQ10001 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\yolo\AppData\Local\Temp\pfriyfow.sys

---- Processes - GMER 2.1 ----

Library  C:\Program Files\Microsoft Security Client\MsMpEng.exe (*** suspicious ***) @ C:\Program Files\Microsoft Security Client\MsMpEng.exe [868]                                                                 000000013f7b0000
Library  C:\Program Files\Microsoft Security Client\mpsvc.dll (*** suspicious ***) @ C:\Program Files\Microsoft Security Client\MsMpEng.exe [868]                                                                   000007fefc490000
Library  C:\Program Files\Microsoft Security Client\mpclient.dll (*** suspicious ***) @ C:\Program Files\Microsoft Security Client\MsMpEng.exe [868]                                                                000007fefc370000
Library  C:\Program Files\Microsoft Security Client\MpCommu.dll (*** suspicious ***) @ C:\Program Files\Microsoft Security Client\MsMpEng.exe [868]                                                                 000007fefb4d0000
Library  C:\Program Files\Microsoft Security Client\mprtp.dll (*** suspicious ***) @ C:\Program Files\Microsoft Security Client\MsMpEng.exe [868]                                                                   000007fefb230000
Library  C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll (*** suspicious ***) @ C:\Program Files\Microsoft Security Client\MsMpEng.exe [868]                                                            000007fefb080000
Library  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3D74CA0-F549-44AE-BA09-01A333CE355F}\mpengine.dll (*** suspicious ***) @ C:\Program Files\Microsoft Security Client\MsMpEng.exe [868]  000007fef8ee0000
Library  C:\Program Files\Microsoft Security Client\NisSrv.exe (*** suspicious ***) @ C:\Program Files\Microsoft Security Client\NisSrv.exe [2136]                                                                  000000013f8b0000
Library  C:\Program Files\Microsoft Security Client\NisLog.dll (*** suspicious ***) @ C:\Program Files\Microsoft Security Client\NisSrv.exe [2136]                                                                  000007fef6850000
Library  C:\Program Files\Microsoft Security Client\mpclient.dll (*** suspicious ***) @ C:\Program Files\Microsoft Security Client\NisSrv.exe [2136]                                                                000007fefc370000
Library  C:\Program Files\Microsoft Security Client\msseces.exe (*** suspicious ***) @ C:\Program Files\Microsoft Security Client\msseces.exe [2532]                                                                000000013f3f0000
Library  C:\Program Files\Microsoft Security Client\mpclient.dll (*** suspicious ***) @ C:\Program Files\Microsoft Security Client\msseces.exe [2532]                                                               000007fefc370000
Library  C:\Program Files\Microsoft Security Client\EppManifest.dll (*** suspicious ***) @ C:\Program Files\Microsoft Security Client\msseces.exe [2532]                                                            000007fef56a0000
Library  C:\Program Files\Microsoft Security Client\SqmApi.dll (*** suspicious ***) @ C:\Program Files\Microsoft Security Client\msseces.exe [2532]                                                                 000007fef4ee0000
Library  C:\Users\yolo\AppData\Local\Temp\{149bb302-ebda-47ae-b3e6-297cf4c356dc}\.ba1\WixStdBA.dll (*** suspicious ***) @ C:\Users\yolo\Downloads\avira_de_av___ws.exe [3772]                                       0000000071210000
Library  C:\Users\yolo\AppData\Local\Temp\{149bb302-ebda-47ae-b3e6-297cf4c356dc}\.ba1\Avira.OE.Setup.InstallationCore.dll (*** suspicious ***) @ C:\Users\yolo\Downloads\avira_de_av___ws.exe [3772]                0000000071010000

---- EOF - GMER 2.1 ----
         
mfg sykor

Geändert von sykor (24.09.2014 um 13:15 Uhr)

Alt 24.09.2014, 12:35   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Win7 64 Bit Pc-Start macht probleme möglicherweise Viren/malware befall - Standard

Win7 64 Bit Pc-Start macht probleme möglicherweise Viren/malware befall



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 25.09.2014, 02:24   #3
sykor
 
Win7 64 Bit Pc-Start macht probleme möglicherweise Viren/malware befall - Standard

Win7 64 Bit Pc-Start macht probleme möglicherweise Viren/malware befall



kann als erledigt makiert werden musste mein pc neuinstallierenund habe mir ein neues laufwerk bestellt

mfg
__________________

Geändert von sykor (25.09.2014 um 02:25 Uhr) Grund: sry

Alt 25.09.2014, 13:07   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Win7 64 Bit Pc-Start macht probleme möglicherweise Viren/malware befall - Standard

Win7 64 Bit Pc-Start macht probleme möglicherweise Viren/malware befall



ok
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Win7 64 Bit Pc-Start macht probleme möglicherweise Viren/malware befall
64 bit, befall, bezüglich, forum, melde, melden, möglicherweise, probleme, problems, scans, virus total, win, win7, win7 64, win7 64 bit



Ähnliche Themen: Win7 64 Bit Pc-Start macht probleme möglicherweise Viren/malware befall


  1. Viren vom Schulcomputer bekommen. (Probleme mit dem Start, den Virensystem, der Firewall und den Browsern
    Plagegeister aller Art und deren Bekämpfung - 24.07.2015 (27)
  2. viren befall ?? oder malware oder unerwuenschte software ?? oder ....
    Plagegeister aller Art und deren Bekämpfung - 20.05.2015 (6)
  3. Acer Windows 7-Rechner * Befall von Viren und Trojanern? * Antivir Rescue CD beseitigt Viren/Trojanernicht
    Plagegeister aller Art und deren Bekämpfung - 14.12.2014 (15)
  4. Laptop mit Windows 7: Problem mit Malware und Viren (möglicherweise) PC langsam
    Log-Analyse und Auswertung - 03.11.2014 (19)
  5. Aol-emailadresse verschickt Spamemails; möglicherweise Malware/Trojanerß
    Plagegeister aller Art und deren Bekämpfung - 21.04.2014 (14)
  6. LeechBlock macht möglicherweise alles langsamer
    Plagegeister aller Art und deren Bekämpfung - 27.03.2014 (25)
  7. Überall Werbungen in YouTube Möglicherweise Viren??
    Plagegeister aller Art und deren Bekämpfung - 02.03.2014 (18)
  8. Win7 PC Systhem extrem langsam - möglicherweise Trojaner
    Log-Analyse und Auswertung - 15.01.2014 (12)
  9. Diverse (Viren-/Malware-)Probleme mit WinVista
    Plagegeister aller Art und deren Bekämpfung - 07.09.2013 (13)
  10. seit selbstständiger BKA-Trojaner Problembeseitigung ständig neue Probleme mit Malware und Viren trotz aktuellem McAfee
    Log-Analyse und Auswertung - 05.05.2013 (13)
  11. Win7 64bit, Bka Trojaner Befall, OTL und Malware Logs
    Log-Analyse und Auswertung - 23.07.2012 (15)
  12. Log-Analyse nach Trojaner/Malware befall (Malware.Trace / Trojan.BHO)
    Log-Analyse und Auswertung - 26.09.2011 (16)
  13. macht kaspersky probleme oder habe ich viren??
    Antiviren-, Firewall- und andere Schutzprogramme - 27.06.2011 (16)
  14. Probleme nach Windows Recovery Malware Befall
    Log-Analyse und Auswertung - 07.04.2011 (37)
  15. Unerwünschte Seiten öffnen sich von selbst und andere Probleme [ Malware/ Viren? ]
    Plagegeister aller Art und deren Bekämpfung - 26.01.2010 (1)
  16. Viren befall kein viren programm geht
    Plagegeister aller Art und deren Bekämpfung - 06.01.2010 (22)
  17. möglicherweise rootkit virus befall
    Plagegeister aller Art und deren Bekämpfung - 22.12.2009 (11)

Zum Thema Win7 64 Bit Pc-Start macht probleme möglicherweise Viren/malware befall - Hallo Liebes Forum, auf anraten von Alois sollte ich mich hier mal melden bezüglich meines problems ( http://www.trojaner-board.de/159035-...ml#post1364062 ) Viren/malware scans habe ich zwar gemacht nachdem es nicht besser wurde - Win7 64 Bit Pc-Start macht probleme möglicherweise Viren/malware befall...
Archiv
Du betrachtest: Win7 64 Bit Pc-Start macht probleme möglicherweise Viren/malware befall auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.