Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Online Banking - Bahn frei oder nicht? Logfiles anbei. (https://www.trojaner-board.de/137541-online-banking-bahn-frei-logfiles-anbei.html)

Softwehr 01.07.2013 20:03
Online Banking - Bahn frei oder nicht? Logfiles anbei.
 
Hallo da draussen :)

ich wollte mich, da ich es vor kurzem aktiviert habe, bald am onlinebanking versuchen.
Allerdings nicht ohne der Maschine von euch über die Finger schauen zu lassen.

Ich benutze Windows 7 64 Bit.

mfg,
Softwehr

(GMER hat mir kurz nach Benutzung einen Bluescreen ausgespuckt dessen Informationen ich nicht aufschreiben konnte. Die Logfiles sind ohnehin drin.)

Ps: Der GMER Scan ist nicht ganz konform, sorry. Kann ich auf Wunsch nachholen.

schrauber 02.07.2013 06:20
Hi,

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Scan.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Softwehr 02.07.2013 12:22
FRST

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-07-2013
Ran by User (administrator) on 02-07-2013 13:13:23
Running from C:\Users\User\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieCtrl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1281512 2013-01-27] (Microsoft Corporation)
HKCU\...\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" [765200 2012-12-16] (SANDBOXIE L.T.D)
HKLM-x32\...\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" [74752 2012-06-28] (Nullsoft, Inc.)
HKU\Default\...\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR [846936 2011-05-16] (TOSHIBA)
HKU\Default User\...\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR [846936 2011-05-16] (TOSHIBA)
IMEO\utilman.exe: [Debugger] cmd.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

==================== Internet (Whitelisted) ====================

HKCU SearchScopes: DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome:
=======
CHR HomePage: hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
CHR DefaultSearchURL: (Google) - {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

==================== Services (Whitelisted) =================

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [123664 2012-12-16] (SANDBOXIE L.T.D)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)

==================== Drivers (Whitelisted) ====================

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202632 2012-12-16] (SANDBOXIE L.T.D)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-02 13:13 - 2013-07-02 13:13 - 00000000 ____D C:\FRST
2013-07-02 13:12 - 2013-07-02 13:12 - 01933556 ____A (Farbar) C:\Users\User\Desktop\FRST64.exe
2013-07-01 20:55 - 2013-07-01 20:56 - 00282736 ____A C:\Windows\Minidump\070113-30435-01.dmp
2013-07-01 20:55 - 2013-07-01 20:55 - 519200344 ____A C:\Windows\MEMORY.DMP
2013-07-01 20:55 - 2013-07-01 20:55 - 00000000 ____D C:\Windows\Minidump
2013-07-01 04:40 - 2013-07-01 12:08 - 00074924 ____A C:\Users\User\Desktop\Extras.Txt
2013-07-01 04:39 - 2013-07-01 12:06 - 00034317 ____A C:\Users\User\Desktop\OTL.Txt
2013-07-01 04:35 - 2013-07-01 04:35 - 00000000 ____A C:\Users\User\defogger_reenable
2013-06-23 17:07 - 2013-06-23 17:12 - 00000000 ____D C:\Users\User\.gimp-2.8
2013-06-23 17:07 - 2013-06-23 17:07 - 00000000 ____D C:\Users\User\AppData\Local\gegl-0.2
2013-06-21 00:56 - 2013-07-01 21:28 - 00000000 ____D C:\Users\User\Desktop\JOURNEY TO THE EUROPE
2013-06-16 04:29 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-16 04:29 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-16 04:29 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-16 04:29 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-16 04:29 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-16 04:29 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-16 04:29 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-16 04:29 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-16 04:29 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-16 04:29 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-16 04:29 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-16 04:29 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 18:10 - 2013-06-15 18:10 - 00000000 ____D C:\Users\Homunkulusgnom\AppData\Roaming\OpenOffice.org
2013-06-13 12:02 - 2013-07-02 12:55 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-12 20:37 - 2013-06-12 20:47 - 00342627 ____A C:\Users\User\Documents\Grün.themepack
2013-06-12 18:12 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 18:12 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 18:12 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 18:12 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 18:12 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 18:12 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 18:12 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 18:12 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 18:12 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 18:12 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 18:12 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 18:12 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 18:12 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 18:12 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 18:12 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 18:12 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 18:12 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 18:12 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 18:12 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 09:58 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 09:58 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 09:58 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 09:57 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 09:57 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 09:57 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 09:57 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 09:57 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 09:57 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 09:57 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 09:57 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 09:57 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 09:57 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-05 23:28 - 2013-06-05 23:28 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-05 23:28 - 2013-06-05 23:28 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-05 23:28 - 2013-06-05 23:28 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-05 23:28 - 2013-06-05 23:28 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-05 23:28 - 2013-06-05 23:28 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-05 23:28 - 2013-06-05 23:28 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-05 23:28 - 2013-06-05 23:28 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-05 23:28 - 2013-06-05 23:28 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-05 23:26 - 2013-06-05 23:26 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-05 23:24 - 2013-06-05 23:31 - 00010795 ____A C:\Windows\IE10_main.log

==================== One Month Modified Files and Folders =======

2013-07-02 13:13 - 2013-07-02 13:13 - 00000000 ____D C:\FRST
2013-07-02 13:12 - 2013-07-02 13:12 - 01933556 ____A (Farbar) C:\Users\User\Desktop\FRST64.exe
2013-07-02 12:57 - 2009-07-14 06:45 - 00025120 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-02 12:57 - 2009-07-14 06:45 - 00025120 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-02 12:55 - 2013-06-13 12:02 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-02 12:54 - 2011-02-11 10:21 - 00654166 ____A C:\Windows\System32\perfh007.dat
2013-07-02 12:54 - 2011-02-11 10:21 - 00130006 ____A C:\Windows\System32\perfc007.dat
2013-07-02 12:54 - 2009-07-14 07:13 - 01498506 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-02 12:50 - 2013-04-09 04:49 - 00016473 ____A C:\Windows\setupact.log
2013-07-02 12:50 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-02 02:40 - 2013-04-08 13:59 - 01708250 ____A C:\Windows\WindowsUpdate.log
2013-07-02 00:53 - 2013-04-15 18:44 - 00000000 ____D C:\Program Files (x86)\RaidCall
2013-07-02 00:53 - 2013-04-08 15:43 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2013-07-01 21:57 - 2013-04-08 18:48 - 00001652 ____A C:\Windows\Sandboxie.ini
2013-07-01 21:28 - 2013-06-21 00:56 - 00000000 ____D C:\Users\User\Desktop\JOURNEY TO THE EUROPE
2013-07-01 20:56 - 2013-07-01 20:55 - 00282736 ____A C:\Windows\Minidump\070113-30435-01.dmp
2013-07-01 20:55 - 2013-07-01 20:55 - 519200344 ____A C:\Windows\MEMORY.DMP
2013-07-01 20:55 - 2013-07-01 20:55 - 00000000 ____D C:\Windows\Minidump
2013-07-01 12:08 - 2013-07-01 04:40 - 00074924 ____A C:\Users\User\Desktop\Extras.Txt
2013-07-01 12:06 - 2013-07-01 04:39 - 00034317 ____A C:\Users\User\Desktop\OTL.Txt
2013-07-01 04:35 - 2013-07-01 04:35 - 00000000 ____A C:\Users\User\defogger_reenable
2013-07-01 04:35 - 2013-04-08 14:47 - 00000000 ____D C:\users\User
2013-06-30 05:52 - 2013-04-11 17:43 - 00000000 ____D C:\Users\User\AppData\Roaming\SumatraPDF
2013-06-26 22:03 - 2009-07-14 06:45 - 00293488 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-26 17:37 - 2013-04-08 14:49 - 00063976 ____A C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-26 17:28 - 2013-04-08 22:58 - 00000000 ____D C:\Users\User\AppData\Local\Paint.NET
2013-06-25 22:20 - 2013-05-03 18:45 - 00000000 ____D C:\Users\User\AppData\Roaming\Winamp
2013-06-25 17:20 - 2013-05-12 16:02 - 00000669 ____A C:\Users\User\Desktop\Gnomaschine.txt
2013-06-23 17:12 - 2013-06-23 17:07 - 00000000 ____D C:\Users\User\.gimp-2.8
2013-06-23 17:07 - 2013-06-23 17:07 - 00000000 ____D C:\Users\User\AppData\Local\gegl-0.2
2013-06-18 15:22 - 2013-04-09 14:51 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2013-06-17 14:41 - 2013-04-08 16:29 - 00001201 ____A C:\Users\User\Desktop\DII LoD.lnk
2013-06-15 18:10 - 2013-06-15 18:10 - 00000000 ____D C:\Users\User\AppData\Roaming\OpenOffice.org
2013-06-14 20:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-13 13:01 - 2011-08-03 12:05 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-13 13:01 - 2011-08-03 12:05 - 00000000 ____D C:\ProgramData\Skype
2013-06-13 12:55 - 2013-04-08 15:23 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-13 12:55 - 2013-04-08 15:23 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 20:47 - 2013-06-12 20:37 - 00342627 ____A C:\Users\Homunkulusgnom\Documents\Grün.themepack
2013-06-08 16:08 - 2013-06-16 04:29 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-16 04:29 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-16 04:29 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-16 04:29 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-16 04:29 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-16 04:29 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-16 04:29 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-16 04:29 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-16 04:29 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-16 04:29 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-16 04:29 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-16 04:29 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-06 11:20 - 2011-08-03 10:55 - 00000000 ____D C:\Windows\Panther
2013-06-06 11:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-06-06 11:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-06-06 11:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-06-06 11:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-06-06 11:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-06-05 23:31 - 2013-06-05 23:24 - 00010795 ____A C:\Windows\IE10_main.log
2013-06-05 23:28 - 2013-06-05 23:28 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-05 23:28 - 2013-06-05 23:28 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-05 23:28 - 2013-06-05 23:28 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-05 23:28 - 2013-06-05 23:28 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-05 23:28 - 2013-06-05 23:28 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-05 23:28 - 2013-06-05 23:28 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-05 23:28 - 2013-06-05 23:28 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-05 23:28 - 2013-06-05 23:28 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-05 23:28 - 2013-06-05 23:28 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-05 23:28 - 2013-06-05 23:28 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-05 23:28 - 2013-06-05 23:28 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-05 23:26 - 2013-06-05 23:26 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-05 23:26 - 2013-06-05 23:26 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-03 11:32 - 2009-07-14 07:08 - 00032628 ____A C:\Windows\Tasks\SCHEDLGU.TXT

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-23 13:50

==================== End Of Log ============================
--- --- ---


ADDITION
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2013
Ran by User at 2013-07-02 13:13:55
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Atheros Bluetooth Filter Driver Package (Version: 1.00.007)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.36)
Atheros Driver Installation Program (x32 Version: 9.2)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)
Bejeweled 3 (x32 Version: 2.2.0.97)
Bluetooth Stack for Windows by Toshiba (Version: v8.00.04(T))
CCleaner (Version: 4.00)
CDBurnerXP (x32 Version: 4.5.1.4003)
Chicken Invaders 3 - Revenge of the Yolk (x32 Version: 2.2.0.95)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
Conexant HD Audio (Version: 8.51.1.0)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2)
D3DX10 (x32 Version: 15.4.2368.0902)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95)
FATE (x32 Version: 2.2.0.97)
Final Drive: Nitro (x32 Version: 2.2.0.95)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Hero Editor V0.96 (x32)
Insaniquarium Deluxe (x32 Version: 2.2.0.97)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Rapid Storage Technology (x32 Version: 10.1.2.1004)
Java 7 Update 17 (64-bit) (Version: 7.0.170)
Java Auto Updater (x32 Version: 2.0.2.1)
Java(TM) 6 Update 20 (x32 Version: 6.0.200)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Primary Interoperability Assemblies 2005 (x32 Version: 9.0.21022)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
MPC-HC 1.6.6.6957 (3975d54) (x32 Version: 1.6.6.6957)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
NVIDIA Grafiktreiber 314.22 (Version: 314.22)
NVIDIA HD-Audiotreiber 1.3.23.1 (Version: 1.3.23.1)
NVIDIA Install Application (Version: 2.1002.115.743)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Systemsteuerung 314.22 (Version: 314.22)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Opera 12.15 (x32 Version: 12.15.1748)
Paint.NET v3.5.10 (Version: 3.60.0)
Panda USB Vaccine 1.0.1.4 (x32)
Penguins! (x32 Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Polar Bowler (x32 Version: 2.2.0.97)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
RaidCall (x32 Version: 7.2.0-1.0.5185.0)
Realtek USB 2.0 Reader Driver (x32 Version: 1.0.0.15)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0)
ROCCAT Kova[+] Mouse Driver (x32 Version: 1.10)
Sandboxie 3.76 (64-bit) (Version: 3.76)
Skype™ 6.5 (x32 Version: 6.5.158)
Slingo Deluxe (x32 Version: 2.2.0.95)
StarCraft (x32 Version: )
SumatraPDF (x32 Version: 2.3.2)
Synaptics Pointing Device Driver (Version: 15.2.11.1)
TOSHIBA Assist (x32 Version: 4.02.02)
TOSHIBA Bulletin Board (Version: 2.1.10.64)
TOSHIBA Bulletin Board (x32 Version: 2.1.10.64)
TOSHIBA ConfigFree (x32 Version: 8.0.37)
TOSHIBA Disc Creator (Version: 2.1.0.6 for x64)
TOSHIBA eco Utility (Version: 1.2.25.64)
TOSHIBA Face Recognition (Version: 3.1.8.64)
TOSHIBA Face Recognition (x32 Version: 3.1.8.64)
TOSHIBA Hardware Setup (Version: 4.08.06.00)
TOSHIBA Hardware Setup (x32 Version: 4.08.06.00)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.7)
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.7)
Toshiba Manuals (x32 Version: 10.02)
TOSHIBA Online Product Information (x32 Version: 4.01.0000)
TOSHIBA PC Health Monitor (Version: 1.7.9.64M)
TOSHIBA Places Icon Utility (x32 Version: 1.0.2.4)
TOSHIBA Recovery Media Creator (x32 Version: 2.1.3.10010)
TOSHIBA Recovery Media Creator Reminder (x32 Version: 1.00.0019)
TOSHIBA ReelTime (Version: 1.7.17.64)
TOSHIBA ReelTime (x32 Version: 1.7.17.64)
TOSHIBA Service Station (x32 Version: 2.1.52)
TOSHIBA Sleep Utility (x32 Version: 1.4.2.7)
TOSHIBA Supervisor Password (Version: 4.08.06.00)
TOSHIBA Supervisor Password (x32 Version: 4.08.06.00)
TOSHIBA TEMPRO (x32 Version: 3.35)
TOSHIBA Value Added Package (Version: 1.5.4.64)
TOSHIBA Value Added Package (x32 Version: 1.5.4.64)
TOSHIBA Web Camera Application (x32 Version: 2.0.0.19)
TOSHIBA Wireless LAN Indicator (x32 Version: 1.0.3)
TRORMCLauncher (Version: 1.0.0.10)
TRORMCLauncher (x32 Version: )
Update Installer for WildTangent Games App (x32)
VirtualCloneDrive (x32)
Wedding Dash 2 - Rings Around the World (x32 Version: 2.2.0.95)
WildTangent Games (x32 Version: 1.0.2.5)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.5.5)
Winamp (x32 Version: 5.63 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows Live (x32 Version: 15.4.3502.0922)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Zuma Deluxe (x32 Version: 2.2.0.95)

==================== Restore Points  =========================

22-05-2013 13:24:37 Windows Update
26-05-2013 09:41:46 Windows Update
29-05-2013 16:02:53 Windows Update
02-06-2013 10:34:53 Windows Update
05-06-2013 17:24:48 Windows Update
05-06-2013 21:24:14 Windows Update
09-06-2013 11:56:44 Windows Update
12-06-2013 16:11:25 Windows Update
16-06-2013 02:29:00 Windows Update
19-06-2013 10:54:23 Windows Update
22-06-2013 15:07:48 Windows Update
26-06-2013 08:40:33 Windows Update
30-06-2013 00:00:47 Windows Update

==================== Scheduled Tasks (whitelisted) =============

Task: {21F6D5AF-05AE-4AEA-B82D-AFB98D1E87F8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {580995AB-B46C-4DA0-99DE-B03107364A01} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {5A66AE0F-5A92-4E47-AE46-EAAEA6A63047} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {90442974-14AD-4328-8CBF-1332C3D7E866} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {94700919-16E4-439F-80E2-EE2FF0B2D38E} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-01-27] (Microsoft Corporation)
Task: {E50D4C97-35A4-4631-ACBE-D490DBABBAB5} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {E7E48993-CA58-4336-9328-EAD4110D4C08} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-12-03] (TOSHIBA CORPORATION)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/02/2013 00:52:09 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 08:57:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 08:39:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 00:03:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 00:49:05 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610, Zeitstempel: 0x4c00573a
Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.6.0.5920, Zeitstempel: 0x510610d1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0006de2d
ID des fehlerhaften Prozesses: 0xf4c
Startzeit der fehlerhaften Anwendung: 0xLolClient.exe0
Pfad der fehlerhaften Anwendung: LolClient.exe1
Pfad des fehlerhaften Moduls: LolClient.exe2
Berichtskennung: LolClient.exe3

Error: (06/30/2013 09:53:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/30/2013 01:51:26 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 00:48:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 02:36:39 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610, Zeitstempel: 0x4c00573a
Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.6.0.5920, Zeitstempel: 0x510610d1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0006de2d
ID des fehlerhaften Prozesses: 0x4d0
Startzeit der fehlerhaften Anwendung: 0xLolClient.exe0
Pfad der fehlerhaften Anwendung: LolClient.exe1
Pfad des fehlerhaften Moduls: LolClient.exe2
Berichtskennung: LolClient.exe3

Error: (06/28/2013 07:14:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/01/2013 08:56:08 PM) (Source: BugCheck) (User: )
Description: 0x0000003b (0x00000000c0000005, 0xfffff800030dbbb9, 0xfffff88009b36ee0, 0x0000000000000000)C:\Windows\MEMORY.DMP070113-30435-01

Error: (07/01/2013 08:55:42 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ?01.?07.?2013 um 20:54:46 unerwartet heruntergefahren.

Error: (07/01/2013 08:48:09 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.153.915.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.2.0223.00

        Quellpfad: 4.2.0223.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (07/01/2013 00:12:20 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.153.915.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.2.0223.00

        Quellpfad: 4.2.0223.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (06/30/2013 05:49:45 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (06/30/2013 05:49:44 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (06/30/2013 05:49:44 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (06/30/2013 05:49:43 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (06/28/2013 11:31:37 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.153.655.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.2.0223.00

        Quellpfad: 4.2.0223.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (06/24/2013 01:49:16 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.


Microsoft Office Sessions:
=========================
Error: (07/02/2013 00:52:09 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 08:57:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 08:39:41 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 00:03:46 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 00:49:05 AM) (Source: Application Error)(User: )
Description: LolClient.exe2.0.2.126104c00573aAdobe AIR.dll3.6.0.5920510610d1c00000050006de2df4c01ce75ce749b3dbdD:\Gamesgnom\League Of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.30\deploy\LolClient.exeD:\Gamesgnom\League Of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.30\deploy\Adobe AIR\Versions\1.0\Adobe AIR.dll43a8912b-e1d7-11e2-a66e-047d7b128e60

Error: (06/30/2013 09:53:57 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/30/2013 01:51:26 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 00:48:22 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 02:36:39 AM) (Source: Application Error)(User: )
Description: LolClient.exe2.0.2.126104c00573aAdobe AIR.dll3.6.0.5920510610d1c00000050006de2d4d001ce7423cea3e3d1D:\Gamesgnom\League Of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.30\deploy\LolClient.exeD:\Gamesgnom\League Of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.30\deploy\Adobe AIR\Versions\1.0\Adobe AIR.dllf5d2831f-e053-11e2-bcc9-047d7b128e60

Error: (06/28/2013 07:14:31 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 23%
Total physical RAM: 6125.86 MB
Available physical RAM: 4680.66 MB
Total Pagefile: 12249.9 MB
Available Pagefile: 10740.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:232.34 GB) (Free:186.98 GB) NTFS (Disk=0 Partition=2)
Drive d: (Data) (Fixed) (Total:233.03 GB) (Free:88.93 GB) NTFS (Disk=0 Partition=3)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 3C96D6C9)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=232 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 02.07.2013 13:35
Logs sind sauber :)

Softwehr 02.07.2013 17:18
:dankeschoen:
Man kann nie paranoidd genug sein!

schrauber 02.07.2013 18:28
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:08 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55