| DarkDevelope | 08.06.2013 17:01 |
Hier: Code:
OTL logfile created on: 08.06.2013 17:53:45 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Admin\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,96 Gb Total Physical Memory | 5,20 Gb Available Physical Memory | 65,27% Memory free
15,92 Gb Paging File | 12,66 Gb Available in Paging File | 79,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 745,93 Gb Free Space | 80,09% Space Free | Partition Type: NTFS
Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.06.06 06:44:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Downloads\OTL.exe
PRC - [2013.05.29 07:27:40 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.05.02 06:11:59 | 000,882,520 | ---- | M] (BitTorrent Inc.) -- C:\Users\Admin\Downloads\BitTorrent_7.8.0.29112.exe
PRC - [2013.04.26 09:09:38 | 000,169,096 | ---- | M] (APN LLC.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2013.04.23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.04.15 11:14:14 | 000,027,256 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\tsengine.exe
PRC - [2013.03.08 18:59:04 | 000,258,048 | ---- | M] () -- C:\Users\Admin\Downloads\autoclick_2_2.exe
PRC - [2013.02.10 19:07:32 | 000,913,920 | ---- | M] (Ares Development Group) -- C:\Program Files (x86)\Ares\Ares.exe
PRC - [2013.01.26 07:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.10.26 15:43:52 | 000,026,232 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\tsupdate.exe
PRC - [2012.06.28 17:40:52 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2012.05.20 18:26:26 | 000,291,648 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012.05.15 16:17:26 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.05.15 16:17:22 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.05.10 16:20:34 | 000,165,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012.01.13 15:04:16 | 000,219,760 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
PRC - [2011.03.24 17:11:18 | 000,107,800 | ---- | M] (Octoshape ApS) -- C:\Users\Admin\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
PRC - [2009.10.20 23:27:34 | 000,057,344 | ---- | M] (Apache Software Foundation) -- C:\Program Files (x86)\VMware\VMware Server\tomcat\bin\Tomcat6.exe
PRC - [2009.10.20 15:22:06 | 000,399,920 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2009.10.20 15:21:56 | 000,326,192 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2009.10.20 15:21:20 | 000,322,096 | ---- | M] () -- C:\Program Files (x86)\VMware\VMware Server\vmware-hostd.exe
PRC - [2009.10.20 15:21:20 | 000,121,392 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Server\vmware-authd.exe
========== Modules (No Company Name) ==========
MOD - [2013.05.29 07:27:38 | 000,393,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
MOD - [2013.05.29 07:27:37 | 013,136,336 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
MOD - [2013.05.29 07:27:35 | 004,051,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
MOD - [2013.05.29 07:26:40 | 000,599,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libglesv2.dll
MOD - [2013.05.29 07:26:39 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libegl.dll
MOD - [2013.05.29 07:26:36 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll
MOD - [2013.05.16 03:48:40 | 002,010,624 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_core220.dll
MOD - [2013.05.16 03:48:40 | 001,241,088 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_imgproc220.dll
MOD - [2013.04.15 18:41:26 | 000,674,816 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\wx._misc_.pyd
MOD - [2013.04.15 11:14:14 | 000,027,256 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\tsengine.exe
MOD - [2013.03.08 18:59:04 | 000,258,048 | ---- | M] () -- C:\Users\Admin\Downloads\autoclick_2_2.exe
MOD - [2013.01.29 18:20:40 | 000,082,944 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\cpyamf.util.pyd
MOD - [2013.01.29 18:20:40 | 000,066,048 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\cpyamf.amf0.pyd
MOD - [2012.11.29 23:59:32 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2012.11.14 18:00:08 | 000,018,944 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\pycompat.pyd
MOD - [2012.10.26 15:43:52 | 000,026,232 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\tsupdate.exe
MOD - [2012.06.25 14:49:20 | 001,482,820 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll
MOD - [2012.06.21 15:58:06 | 002,826,311 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll
MOD - [2012.06.21 14:31:46 | 000,618,563 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\work.dll
MOD - [2012.06.20 15:11:58 | 000,294,912 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.DLL
MOD - [2012.05.22 20:12:56 | 001,331,266 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\SF.dll
MOD - [2012.05.08 16:01:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GPTT.dll
MOD - [2012.05.07 22:45:00 | 001,429,589 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll
MOD - [2012.04.30 09:55:48 | 000,026,112 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
MOD - [2012.04.30 09:55:45 | 008,358,400 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
MOD - [2012.04.30 09:55:45 | 001,152,512 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
MOD - [2012.04.30 09:55:45 | 000,333,824 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
MOD - [2012.04.30 09:55:45 | 000,151,040 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-51.dll
MOD - [2012.03.01 10:14:46 | 001,335,362 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\HM.dll
MOD - [2012.02.07 18:38:58 | 000,358,912 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\lib\pythoncom27.dll
MOD - [2012.02.07 18:38:58 | 000,358,912 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\pythoncom27.dll
MOD - [2012.02.07 18:37:24 | 000,098,816 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\lib\win32api.pyd
MOD - [2012.02.07 18:37:24 | 000,098,816 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\win32api.pyd
MOD - [2012.02.07 18:36:30 | 000,024,064 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\lib\win32pdh.pyd
MOD - [2012.02.07 18:36:30 | 000,024,064 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\win32pdh.pyd
MOD - [2012.02.07 18:36:08 | 000,111,616 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\lib\win32file.pyd
MOD - [2012.02.07 18:36:08 | 000,111,616 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\win32file.pyd
MOD - [2012.02.07 18:35:46 | 000,110,080 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\lib\pywintypes27.dll
MOD - [2012.02.07 18:35:46 | 000,110,080 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\pywintypes27.dll
MOD - [2012.01.13 15:04:16 | 000,219,760 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
MOD - [2011.10.18 10:26:16 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\STT.dll
MOD - [2011.09.14 18:12:30 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll
MOD - [2011.07.15 21:38:22 | 000,674,816 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\lib\wx._misc_.pyd
MOD - [2011.07.15 21:38:12 | 000,966,144 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\lib\wx._controls_.pyd
MOD - [2011.07.15 21:38:12 | 000,966,144 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\wx._controls_.pyd
MOD - [2011.07.15 21:38:06 | 000,670,720 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\lib\wx._windows_.pyd
MOD - [2011.07.15 21:38:06 | 000,670,720 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\wx._windows_.pyd
MOD - [2011.07.15 21:38:00 | 000,746,496 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\lib\wx._gdi_.pyd
MOD - [2011.07.15 21:38:00 | 000,746,496 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\wx._gdi_.pyd
MOD - [2011.07.15 21:37:48 | 000,981,504 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\lib\wx._core_.pyd
MOD - [2011.07.15 21:37:48 | 000,981,504 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\wx._core_.pyd
MOD - [2011.07.15 21:34:26 | 000,479,744 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\lib\wxmsw28uh_html_vc.dll
MOD - [2011.07.15 21:34:26 | 000,479,744 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\wxmsw28uh_html_vc.dll
MOD - [2011.07.15 21:34:16 | 000,730,112 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\lib\wxmsw28uh_adv_vc.dll
MOD - [2011.07.15 21:34:16 | 000,730,112 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\wxmsw28uh_adv_vc.dll
MOD - [2011.07.15 21:34:10 | 003,165,184 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\lib\wxmsw28uh_core_vc.dll
MOD - [2011.07.15 21:34:10 | 003,165,184 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\wxmsw28uh_core_vc.dll
MOD - [2011.07.15 21:33:40 | 000,122,368 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\lib\wxbase28uh_net_vc.dll
MOD - [2011.07.15 21:33:40 | 000,122,368 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\wxbase28uh_net_vc.dll
MOD - [2011.07.15 21:33:38 | 001,300,992 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\lib\wxbase28uh_vc.dll
MOD - [2011.07.15 21:33:38 | 001,300,992 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\wxbase28uh_vc.dll
MOD - [2011.06.12 15:09:18 | 000,720,896 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\lib\_ssl.pyd
MOD - [2011.06.12 15:09:18 | 000,720,896 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\_ssl.pyd
MOD - [2011.06.12 15:09:18 | 000,038,400 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\lib\_socket.pyd
MOD - [2011.06.12 15:09:18 | 000,038,400 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\_socket.pyd
MOD - [2011.06.12 15:06:24 | 000,152,576 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\lib\pyexpat.pyd
MOD - [2011.06.12 15:06:24 | 000,152,576 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\pyexpat.pyd
MOD - [2011.06.12 15:06:22 | 000,287,232 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\lib\_hashlib.pyd
MOD - [2011.06.12 15:06:22 | 000,287,232 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\_hashlib.pyd
MOD - [2011.06.12 15:06:22 | 000,106,496 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\_ctypes.pyd
MOD - [2011.06.12 15:06:22 | 000,011,776 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\lib\select.pyd
MOD - [2011.06.12 15:06:22 | 000,011,776 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\select.pyd
MOD - [2011.06.12 15:06:20 | 000,688,128 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\unicodedata.pyd
MOD - [2011.03.01 20:00:58 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\StabilityLib.dll
MOD - [2011.02.13 17:02:12 | 000,031,232 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\Crypto.Cipher.AES.pyd
MOD - [2011.01.18 23:56:22 | 000,334,336 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\updater\lib\M2Crypto.__m2crypto.pyd
MOD - [2011.01.18 23:56:22 | 000,334,336 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\M2Crypto.__m2crypto.pyd
MOD - [2010.10.11 00:23:52 | 000,723,968 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\TorrentStream\engine\lib\apsw.pyd
MOD - [2010.06.24 16:50:08 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\IccLibDll.dll
MOD - [2010.06.10 16:52:24 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\AMD8.dll
MOD - [2010.03.12 06:40:58 | 004,449,632 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Platform.dll
MOD - [2010.03.12 06:40:56 | 000,423,256 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Device.dll
MOD - [2008.05.07 16:22:58 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll
MOD - [2003.02.14 15:11:46 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013.03.29 03:34:18 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013.01.27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013.01.27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012.12.16 13:25:38 | 000,123,664 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2012.05.30 14:11:34 | 000,149,544 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2012.04.20 15:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2010.05.20 16:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.05.20 16:42:52 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2013.05.15 17:08:22 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.15 12:08:44 | 002,467,664 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.05.01 08:09:52 | 000,296,448 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe -- (SystemStoreService)
SRV - [2013.04.26 09:09:38 | 000,169,096 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013.04.23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.02.28 19:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012.05.15 16:17:26 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.05.15 16:17:22 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.05.10 16:20:34 | 000,165,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2011.08.30 16:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.10.20 23:27:34 | 000,057,344 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Server\tomcat\bin\Tomcat6.exe -- (VMwareServerWebAccess)
SRV - [2009.10.20 15:22:06 | 000,399,920 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2009.10.20 15:21:56 | 000,326,192 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2009.10.20 15:21:20 | 000,322,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Server\vmware-hostd.exe -- (VMwareHostd)
SRV - [2009.10.20 15:21:20 | 000,121,392 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Server\vmware-authd.exe -- (VMAuthdService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.05.19 15:54:56 | 000,067,584 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV:64bit: - [2013.04.12 11:41:28 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2013.03.29 04:35:02 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.03.29 03:09:44 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013.02.22 09:17:06 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudserd.sys -- (ssudserd)
DRV:64bit: - [2013.02.22 09:17:06 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013.02.22 09:17:06 | 000,102,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013.02.14 13:41:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013.01.31 11:50:58 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:64bit: - [2013.01.29 18:15:04 | 000,050,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2013.01.20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.12.16 13:25:34 | 000,202,632 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2012.11.26 18:05:24 | 000,075,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012.10.11 05:08:10 | 000,044,928 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
DRV:64bit: - [2012.10.08 20:52:52 | 000,031,968 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.05.30 14:10:50 | 000,016,168 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2012.05.20 18:25:32 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.05.20 18:25:32 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.05.20 18:25:32 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.04.25 09:07:18 | 000,104,560 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.02 12:38:08 | 000,239,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2011.11.02 11:48:26 | 000,021,616 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 15:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 15:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 13:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 13:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.07.01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2010.05.20 16:26:28 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2009.10.20 15:23:48 | 000,076,336 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2009.10.20 15:23:44 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2009.10.20 15:23:36 | 000,065,072 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2009.10.20 15:22:54 | 000,038,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2009.10.20 15:21:10 | 000,038,960 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2009.10.20 15:21:10 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2013.06.08 11:10:32 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2013.06.08 11:10:16 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2013.05.28 17:00:54 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2010.01.29 11:40:16 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://facebook.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1A B0 C8 DD AE 16 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: magicplayer@torrentstream.org:1.1.22
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Admin\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS)
FF - HKCU\Software\MozillaPlugins\@powerchallenge.com/PowerLoader: C:\Users\Admin\AppData\LocalLow\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB)
FF - HKCU\Software\MozillaPlugins\@torrentstream.net/tsplugin,version=2.0.8.12: C:\Users\Admin\AppData\Roaming\TorrentStream\player\npts_plugin.dll (Innovative Digital Technologies)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.06.04 19:33:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.06.04 19:33:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\magicplayer@torrentstream.org: C:\Users\Admin\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org [2013.06.08 06:12:35 | 000,000,000 | ---D | M]
[2013.06.04 18:05:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2013.06.04 18:05:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\aaaq1vc0.default\extensions
[2013.06.04 18:01:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.06.08 06:12:35 | 000,000,000 | ---D | M] (TS Magic Player) -- C:\USERS\ADMIN\APPDATA\ROAMING\TORRENTSTREAM\EXTENSIONS\FIREFOX\MAGICPLAYER@TORRENTSTREAM.ORG
[2013.06.04 19:33:33 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.28 17:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2013.04.06 17:17:21 | 000,005,142 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\arccosine.xml
[2013.06.04 19:33:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.06.04 19:33:32 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\Admin\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
CHR - plugin: AdobeAAMDetect (Enabled) = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Power Challenge Loader (Enabled) = C:\Users\Admin\AppData\LocalLow\POWERC~1\nppowerloader.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\Admin\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll
CHR - plugin: Torrent Stream P2P Multimedia Plug-in 2 (Enabled) = C:\Users\Admin\AppData\Roaming\TorrentStream\player\npts_plugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Adblock Plus = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0\
O1 HOSTS File: ([2013.06.05 15:12:52 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblockx64.dll (Simple Adblock)
O2 - BHO: (Ask Toolbar) - {4D594333-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll" File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll (Simple Adblock)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {4D594333-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll" File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [ares] C:\Program Files (x86)\Ares\Ares.exe (Ares Development Group)
O4 - HKCU..\Run: [BitTorrent] C:\Users\Admin\Downloads\BitTorrent_7.8.0.29112.exe (BitTorrent Inc.)
O4 - HKCU..\Run: [Octoshape Streaming Services] C:\Users\Admin\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
O4 - HKCU..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe" File not found
O4 - HKCU..\Run: [TorrentStream] C:\Users\Admin\AppData\Roaming\TorrentStream\engine\tsengine.exe ()
O4 - HKLM..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Program Files (x86)\VMware\VMware Server\x64\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Program Files (x86)\VMware\VMware Server\x64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Server\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Server\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F32ABA1C-1E6A-479A-9E53-A7964C1AE152}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\gopher - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (expstart.exe) - C:\Windows\expstart.exe ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.06.07 17:24:23 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Armagetron
[2013.06.07 17:21:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Armagetron Advanced
[2013.06.07 17:21:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Armagetron
[2013.06.07 06:53:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
[2013.06.07 06:53:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UltraISO
[2013.06.07 06:53:09 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\My ISO Files
[2013.06.07 06:53:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\EZB Systems
[2013.06.06 18:27:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013.06.06 18:27:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013.06.06 18:25:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2013.06.06 18:25:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013.06.06 18:25:11 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Microsoft Help
[2013.06.06 18:25:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013.06.06 18:25:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013.06.06 18:25:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013.06.06 18:24:38 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013.06.06 14:09:58 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.06.06 14:09:52 | 000,000,000 | ---D | C] -- C:\JRT
[2013.06.04 19:24:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.06.03 21:54:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive
[2013.06.03 21:54:21 | 000,000,000 | R--D | C] -- C:\Users\Admin\SkyDrive
[2013.06.03 21:54:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2013.06.03 21:45:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2013.06.03 21:13:38 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll.backup
[2013.06.03 21:13:36 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll.backup
[2013.06.01 06:47:33 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
[2013.05.31 20:20:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013.05.31 09:22:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunatic
[2013.05.30 19:36:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnotherLifeClient
[2013.05.30 19:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Another Life
[2013.05.30 15:19:50 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Animake
[2013.05.30 15:19:47 | 000,000,000 | ---D | C] -- C:\PROGRAMME
[2013.05.30 15:03:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\.thumbnails
[2013.05.30 15:02:14 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\fontconfig
[2013.05.30 15:02:13 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\gegl-0.2
[2013.05.30 15:02:13 | 000,000,000 | ---D | C] -- C:\Users\Admin\.gimp-2.8
[2013.05.30 14:56:52 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2013.05.29 18:58:57 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2013.05.29 18:58:57 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2013.05.29 17:59:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Digiturk
[2013.05.29 17:58:39 | 000,000,000 | ---D | C] -- C:\Windows\symbols
[2013.05.29 17:57:12 | 000,000,000 | ---D | C] -- C:\ProgramData\VS
[2013.05.29 17:48:20 | 000,000,000 | ---D | C] -- C:\ATI
[2013.05.27 17:21:59 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2013.05.27 17:21:59 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2013.05.27 17:21:59 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2013.05.27 17:21:59 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2013.05.27 17:21:59 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2013.05.27 17:21:59 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2013.05.27 17:21:59 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2013.05.27 17:21:59 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2013.05.27 17:21:59 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2013.05.27 17:21:59 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2013.05.27 17:21:59 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2013.05.27 17:21:59 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2013.05.27 17:21:59 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2013.05.27 17:21:59 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2013.05.27 17:21:58 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2013.05.27 17:21:58 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2013.05.27 17:21:57 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2013.05.27 17:21:57 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2013.05.27 17:21:57 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2013.05.27 17:21:57 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2013.05.27 17:21:57 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2013.05.27 17:21:57 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2013.05.27 17:21:57 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2013.05.27 17:21:56 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2013.05.27 17:21:56 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2013.05.27 17:21:56 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2013.05.27 17:21:56 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2013.05.27 17:21:56 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2013.05.27 17:21:56 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2013.05.27 17:21:56 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2013.05.27 17:21:55 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2013.05.27 17:21:55 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2013.05.27 17:21:55 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2013.05.27 17:21:55 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2013.05.27 17:21:55 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2013.05.27 17:21:55 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2013.05.27 17:21:55 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2013.05.27 17:21:55 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2013.05.27 17:21:55 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2013.05.27 17:21:55 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2013.05.27 17:21:55 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2013.05.27 17:21:55 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2013.05.27 17:21:54 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2013.05.27 17:21:54 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2013.05.27 17:21:54 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2013.05.27 17:21:54 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2013.05.27 17:21:54 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2013.05.27 17:21:54 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2013.05.27 17:21:54 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2013.05.27 17:21:54 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2013.05.27 17:21:54 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2013.05.27 17:21:54 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2013.05.27 17:21:54 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2013.05.27 17:21:54 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2013.05.27 17:21:54 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2013.05.27 17:21:54 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2013.05.27 17:21:54 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2013.05.27 17:21:54 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2013.05.27 17:21:54 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2013.05.27 17:21:54 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2013.05.27 17:21:54 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2013.05.27 17:21:54 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2013.05.27 17:21:54 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2013.05.27 17:21:54 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2013.05.27 17:21:53 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2013.05.27 17:21:53 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2013.05.27 17:21:53 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2013.05.27 17:21:53 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2013.05.27 17:21:53 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2013.05.27 17:21:53 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2013.05.27 17:21:53 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2013.05.27 17:21:53 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2013.05.27 17:21:53 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2013.05.27 17:21:53 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2013.05.27 17:21:53 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2013.05.27 17:21:53 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2013.05.27 17:21:53 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2013.05.27 17:21:53 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2013.05.27 17:21:53 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2013.05.27 17:21:53 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2013.05.27 17:21:53 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2013.05.27 17:21:53 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2013.05.27 17:21:52 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2013.05.27 17:21:52 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2013.05.27 17:21:52 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2013.05.27 17:21:52 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2013.05.27 17:21:52 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2013.05.27 17:21:52 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2013.05.27 17:21:51 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2013.05.27 17:21:51 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2013.05.27 17:21:50 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2013.05.27 17:21:50 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2013.05.27 17:21:48 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2013.05.27 17:21:48 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2013.05.27 17:21:48 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2013.05.27 17:21:48 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2013.05.27 17:21:48 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2013.05.27 17:21:48 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2013.05.27 17:21:47 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2013.05.27 17:21:47 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2013.05.27 17:21:47 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2013.05.27 17:21:47 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2013.05.27 17:21:47 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2013.05.27 17:21:47 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2013.05.27 17:21:46 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2013.05.27 17:21:46 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2013.05.27 17:21:46 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2013.05.27 17:21:46 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2013.05.27 17:21:46 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2013.05.27 17:21:46 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2013.05.27 17:21:46 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2013.05.27 17:21:46 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2013.05.27 17:21:46 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2013.05.27 17:21:46 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2013.05.27 17:21:46 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2013.05.27 17:21:46 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2013.05.27 17:21:45 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2013.05.27 17:21:45 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2013.05.27 17:21:45 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2013.05.27 17:21:45 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2013.05.27 17:21:45 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2013.05.27 17:21:45 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2013.05.27 17:21:45 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2013.05.27 17:21:45 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2013.05.27 17:21:44 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2013.05.27 17:21:44 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2013.05.27 17:21:43 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2013.05.27 17:21:43 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2013.05.27 17:21:43 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2013.05.27 17:21:43 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2013.05.24 19:50:31 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MySQL
[2013.05.24 11:29:35 | 000,000,000 | ---D | C] -- C:\server
[2013.05.24 08:57:06 | 000,000,000 | ---D | C] -- C:\Program Files\MySQL
[2013.05.24 07:44:11 | 000,000,000 | ---D | C] -- C:\Users\Admin\VirtualBox VMs
[2013.05.23 22:57:30 | 000,000,000 | ---D | C] -- C:\Users\Admin\.VirtualBox
[2013.05.23 22:57:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2013.05.23 22:56:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013.05.23 22:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2013.05.22 13:11:56 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2013.05.22 13:11:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013.05.22 13:11:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2013.05.20 16:42:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macromedia Shared
[2013.05.20 16:39:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2013.05.20 16:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macromedia
[2013.05.20 16:39:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Macromedia
[2013.05.19 15:54:56 | 000,067,584 | ---- | C] (Eugene V. Muzychenko) -- C:\Windows\SysNative\drivers\vrtaucbl.sys
[2013.05.19 15:54:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
[2013.05.19 15:54:56 | 000,000,000 | ---D | C] -- C:\Program Files\Virtual Audio Cable
[2013.05.19 15:48:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskPartnerNetwork
[2013.05.19 15:47:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
[2013.05.19 15:47:28 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\ManyCam
[2013.05.19 15:47:28 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\ManyCam
[2013.05.19 15:47:28 | 000,000,000 | ---D | C] -- C:\ProgramData\ManyCam
[2013.05.19 15:47:26 | 000,044,928 | ---- | C] (ManyCam LLC) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys
[2013.05.19 15:47:05 | 000,519,304 | ---- | C] (Ask Partner Network) -- C:\Users\Admin\Documents\APNSetup1.exe
[2013.05.19 15:47:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2013.05.19 15:47:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ManyCam
[2013.05.18 09:04:57 | 000,000,000 | ---D | C] -- C:\Users\Admin\Screenshots
[2013.05.18 09:02:53 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\ScreenCapture
[2013.05.18 09:02:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screen Capturer
[2013.05.18 09:02:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Screen Capturer
[2013.05.18 09:02:39 | 000,000,000 | ---D | C] -- C:\ProgramData\ScreenCapture
[2013.05.18 08:58:14 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Screen Recording Suite
[2013.05.16 06:22:57 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.05.16 06:22:57 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.05.16 06:22:57 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.05.16 06:22:56 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.05.16 06:22:56 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.05.16 06:22:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.05.16 06:22:56 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.05.16 06:22:56 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.05.16 06:22:56 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.05.16 06:22:56 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.05.16 06:22:56 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.05.16 06:22:56 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.05.16 06:22:55 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.05.16 06:22:55 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.05.16 06:22:55 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.05.15 05:55:31 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.05.15 05:55:31 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013.05.15 05:55:25 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.05.15 05:55:25 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.05.15 05:55:25 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.05.15 05:55:25 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013.05.15 05:55:22 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013.05.12 18:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2013.05.12 13:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
[2013.05.12 13:51:32 | 000,000,000 | ---D | C] -- C:\Python27
[2013.05.11 22:02:39 | 000,000,000 | ---D | C] -- C:\5665b4540bce1692782821fd93bd8b
[2013.05.10 21:27:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2013.05.10 21:27:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2013.05.10 21:27:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2013.05.10 21:27:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2013.05.10 21:26:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Visual Studio 2010
[2013.05.10 21:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express
[2013.05.10 21:26:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 10.0
[2013.05.10 21:25:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 10.0
[2013.05.10 21:25:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2013.05.10 21:25:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.06.08 17:11:29 | 000,016,656 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.08 17:11:29 | 000,016,656 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.08 17:11:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.08 17:08:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.08 11:10:32 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2013.06.08 11:10:32 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref
[2013.06.08 11:10:16 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2013.06.08 11:10:09 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.08 11:09:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.08 11:09:02 | 2116,947,967 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.07 07:30:32 | 000,017,584 | ---- | M] () -- C:\Users\Admin\Desktop\1.odt
[2013.06.07 06:53:09 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\UltraISO.lnk
[2013.06.06 22:29:50 | 004,994,824 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.06.06 17:04:57 | 000,001,347 | ---- | M] () -- C:\Users\Admin\Desktop\Adobe After Effects CS6.lnk
[2013.06.06 17:04:57 | 000,001,231 | ---- | M] () -- C:\Users\Admin\Desktop\Adobe Premiere Pro CS6.lnk
[2013.06.06 17:04:57 | 000,001,228 | ---- | M] () -- C:\Users\Admin\Desktop\Adobe Photoshop CS6 (64 Bit).lnk
[2013.06.06 14:05:39 | 000,000,153 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013.06.05 15:35:21 | 000,001,994 | ---- | M] () -- C:\Users\Admin\Desktop\TeamViewer 8.lnk
[2013.06.05 15:31:42 | 000,000,085 | ---- | M] () -- C:\Windows\wininit.ini
[2013.06.05 15:12:52 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.06.04 18:01:40 | 000,001,939 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.06.04 07:15:38 | 000,000,847 | ---- | M] () -- C:\Users\Admin\Desktop\samp.lnk
[2013.06.03 22:46:48 | 000,001,969 | ---- | M] () -- C:\Users\Admin\Desktop\Skype.lnk
[2013.06.03 22:46:24 | 000,001,216 | ---- | M] () -- C:\Users\Admin\Desktop\Movie Studio Platinum 12.0 (64-bit).lnk
[2013.06.03 21:41:07 | 000,001,716 | ---- | M] () -- C:\Users\Admin\Desktop\Remote Desktop Connection.lnk
[2013.06.03 21:13:38 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2013.06.03 21:13:36 | 002,851,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll
[2013.06.03 17:32:05 | 000,002,258 | -H-- | M] () -- C:\Users\Admin\Documents\Default.rdp
[2013.06.03 09:26:11 | 000,001,604 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2013.05.31 08:53:56 | 000,001,456 | ---- | M] () -- C:\Users\Admin\AppData\Local\Adobe Für Web speichern 13.0 Prefs
[2013.05.31 08:39:10 | 000,000,132 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen
[2013.05.31 08:32:57 | 000,004,023 | ---- | M] () -- C:\Users\Admin\AppData\Local\recently-used.xbel
[2013.05.30 18:55:00 | 000,000,132 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
[2013.05.29 17:51:23 | 001,607,524 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.05.29 17:51:23 | 000,704,500 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.29 17:51:23 | 000,658,002 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.29 17:51:23 | 000,151,636 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.29 17:51:23 | 000,124,110 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.29 17:51:15 | 001,607,524 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.28 17:00:54 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\etdrv.sys
[2013.05.26 10:13:02 | 000,002,218 | ---- | M] () -- C:\Users\Admin\Desktop\Google Chrome.lnk
[2013.05.24 08:57:07 | 000,000,236 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2013.05.19 15:54:56 | 000,067,584 | ---- | M] (Eugene V. Muzychenko) -- C:\Windows\SysNative\drivers\vrtaucbl.sys
[2013.05.15 17:08:22 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.05.15 17:08:22 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.05.13 20:33:06 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2013.05.12 13:52:36 | 000,014,610 | ---- | M] () -- C:\Users\Admin\socks.pyc
[2013.05.12 13:52:36 | 000,006,655 | ---- | M] () -- C:\Users\Admin\terminal.pyc
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.06.08 06:10:08 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\GVTunner.ref
[2013.06.07 06:53:09 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\UltraISO.lnk
[2013.06.06 19:12:20 | 000,017,584 | ---- | C] () -- C:\Users\Admin\Desktop\1.odt
[2013.06.06 14:05:31 | 000,000,153 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013.06.05 15:31:40 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2013.06.04 18:48:58 | 000,000,969 | ---- | C] () -- C:\Users\Admin\Desktop\Ares.lnk
[2013.06.04 18:01:40 | 000,001,939 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.06.04 07:15:38 | 000,000,847 | ---- | C] () -- C:\Users\Admin\Desktop\samp.lnk
[2013.06.03 22:46:48 | 000,001,969 | ---- | C] () -- C:\Users\Admin\Desktop\Skype.lnk
[2013.06.03 22:46:24 | 000,001,216 | ---- | C] () -- C:\Users\Admin\Desktop\Movie Studio Platinum 12.0 (64-bit).lnk
[2013.06.03 21:54:21 | 000,002,176 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
[2013.06.03 21:46:02 | 000,002,001 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2013.06.03 21:46:02 | 000,001,945 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2013.06.03 21:46:02 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2013.06.03 21:41:07 | 000,001,716 | ---- | C] () -- C:\Users\Admin\Desktop\Remote Desktop Connection.lnk
[2013.05.31 08:44:48 | 000,001,456 | ---- | C] () -- C:\Users\Admin\AppData\Local\Adobe Für Web speichern 13.0 Prefs
[2013.05.31 08:39:10 | 000,000,132 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen
[2013.05.31 08:32:57 | 000,004,023 | ---- | C] () -- C:\Users\Admin\AppData\Local\recently-used.xbel
[2013.05.30 14:57:22 | 000,000,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2013.05.13 20:33:06 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2013.05.12 13:52:36 | 000,014,610 | ---- | C] () -- C:\Users\Admin\socks.pyc
[2013.05.12 13:52:36 | 000,006,655 | ---- | C] () -- C:\Users\Admin\terminal.pyc
[2013.05.12 13:48:45 | 000,013,785 | ---- | C] () -- C:\Users\Admin\socks.py
[2013.05.12 13:48:45 | 000,007,331 | ---- | C] () -- C:\Users\Admin\terminal.py
[2013.05.12 13:48:45 | 000,006,865 | ---- | C] () -- C:\Users\Admin\torshammer.py
[2013.04.28 14:47:35 | 000,000,446 | ---- | C] () -- C:\Users\Admin\.swfinfo
[2013.04.28 11:08:06 | 000,065,536 | -H-- | C] () -- C:\Windows\SysWow64\WebCamLib.dll
[2013.04.11 07:01:36 | 000,000,579 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\All CPU MeterV3_Settings.ini
[2013.04.06 12:37:02 | 000,004,510 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\CamStudio.cfg
[2013.04.06 12:37:02 | 000,000,408 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\CamShapes.ini
[2013.04.06 12:37:02 | 000,000,408 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\CamLayout.ini
[2013.04.06 12:37:02 | 000,000,046 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\Camdata.ini
[2013.03.29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013.03.29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013.03.12 08:03:43 | 000,001,604 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2013.03.11 20:22:04 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2013.03.10 18:39:34 | 000,000,236 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2013.03.03 13:52:20 | 000,000,132 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
[2013.03.02 22:27:06 | 000,925,184 | ---- | C] () -- C:\Windows\expstart.exe
[2013.03.01 21:30:51 | 001,607,524 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.03.01 20:54:21 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2013.03.01 20:43:30 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2013.03.01 20:34:03 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.02.05 18:52:54 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013.02.05 18:52:50 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2013.02.05 18:52:50 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2013.02.05 18:52:50 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2013.02.05 18:52:50 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.11.27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.04.20 14:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2012.04.06 03:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.04.06 03:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 1100 bytes -> C:\Users\Admin\AppData\Local\W2x6IGVyFi2:byW1MesiOuK7CgZcAMCSJJ
< End of report >
|
